Legend

Forum

Unread topics or posts

Topic

Unread posts

Locked

Announcement

Forums > Developers

Authentication problem



AuthorMessage
OmniSwift

Posted: Aug 29, 2010
Score: 0



I'm having problems authenticating. My "Final" key is never the same as the key calculated with the "calculate key" using the provided token.

I tested my MD5 parser. I got the correct 32 character hash for the "test" input.

I then parsed my password into the MD5 32 character hash.

I then requested a token and got one.

I entered the token into the "calculate key" token area to get a test key response.

Then, into my MD5 hasher, I requested a has for:

HASHED 32 CHAR PASSWORD, immediatly (ie no spaces or characters) followed by the RECEIVED TOKEN, immediatly followed by my UNIQUEUSERID

I get a 32 character MD5 hash sequence, but it is not the same as the tested "calculate key" key provided by the toodledo website.
Jake

Toodledo Admin
Posted: Aug 30, 2010
Score: 0



Can you please post your code?
OmniSwift

Posted: Aug 30, 2010
Score: 0



Posted by Toodledo:
Can you please post your code?


I'm using Macroscheduler script.

LibFunc>Hashlib,StringMD5,r,%password%,buf
Midstr>r_2,1,r,hpw
LibFunc>Hashlib,StringMD5,r,%hpw%%token%%UID%,buf
Midstr>r_2,1,r,key
MessageModal>Hash: %key%


password is variable for my password.
If I set my password to "test" (in my code to test it), the Hashlib returns "098f6bcd4621d373cade4e832627b4f6" for variable hpw. This is correct per the Authintication Help page. Therefore, it appears my hasher is working correctly for my password.

I then hash the concatinate of the hashed 32 password | the returned token | my unique id. I tried entering this info directly (no variables) into my hasher, but it still comes up with something different than the "calculate key" test button.

I didn't want to devulge my unique ID or password in the forum. So I ommited the saving of this info into variables within my code.
OmniSwift

Posted: Aug 30, 2010
Score: 0



Got it figured out. At some point I cut and pasted a value from a "watch" list and didn't notice the watch list "upper cased" the parameter. I caught it when I bounced the MD5 hash return against a "web" MD5 conversion utility.

Anyway, sorry about the headspace. Thanks for the reply.
You cannot reply yet


To participate in these forums, you must be signed in.



Toodledo Forums > Developers

Contact Us | Blog | API | Jobs | Press | Documentation | Forums Privacy | Terms | Copyright © 2004-2014