Khan API stopped working

[rexwal]

Previously working code using OAuthRequester2 started to fail 2 weeks ago (Working for 1 year+)

PHP Notice: Undefined variable: code in /home/sville/public_html/khanmvc/controller/oauth-php/library/OAuthRequester.php on line 485
[15-Jul-2019 10:48:12 Asia/Manila] PHP Fatal error: Uncaught exception 'OAuthException2' with message 'Unexpected result from the server "https://www.khanacademy.org/api/auth/access_token" () while requesting an access token' in /home/sville/public_html/khanmvc/controller/oauth-php/library/OAuthRequester.php:258
Stack trace:

[csilvers]

Thanks for your report. Does the code say what the "unexpected result" is? craig

…

On Sun, Jul 14, 2019 at 7:54 PM rexwal ***@***.***> wrote: Previously working code using OAuthRequester2 started to fail 2 weeks ago (Working for 1 year+) PHP Notice: Undefined variable: code in /home/sville/public_html/khanmvc/controller/oauth-php/library/OAuthRequester.php on line 485 [15-Jul-2019 10:48:12 Asia/Manila] PHP Fatal error: Uncaught exception 'OAuthException2' with message 'Unexpected result from the server " https://www.khanacademy.org/api/auth/access_token" () while requesting an access token' in /home/sville/public_html/khanmvc/controller/oauth-php/library/OAuthRequester.php:258 Stack trace: — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#141?email_source=notifications&email_token=AALA2Z44PZLGUGFNHDDTP7TP7PRHLA5CNFSM4IDSYXAKYY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4G7D46YA>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AALA2Z4GBKENBMHY6NYGPCDP7PRHLANCNFSM4IDSYXAA> .

[jb-1980]

I am seeing a similar issue with the Python rauth library. Specifically, it is not parsing correctly the response you provide:

Provider returned: b'OAuth error. Invalid signature. Expected signature base string: POST&https%3A%2F%2Fwww.khanacademy.org%2Fapi%2Fauth2%2Frequest_token&oauth_consumer_key%3D{mykeydedacted}%26oauth_nonce%3D6bded1920bcae508098ef48e58e6df1d22739373%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1563468538%26oauth_version%3D1.0'

However, based on that error message it appears that I am not providing the string you expect.

I have not updated rauth, so I assume it is producing the same base string as before. The only thing I can imagine is that the signature expectation changed on your end?

Anyways, I am currently working on seeing what signature base string rauth is producing. So I can compare it. But I am curious if you have changed anything on your end.

[rexwal]

Hi,

We have fixed it. Basically the response code of the server has changed and the OAuthRequester.php wasn't parsing the regex properly.

Will post the solution probs today or tomorrow.

[jb-1980]

I was also able to fix my issue. Once I was able to find what the signature string was that was being produced by the rauth library, I saw one minor difference. It was using http instead of https expected by Khan Academy. After updating my server_url parameter to https://www.khanacademy.org I was able to solve the issue.

While the https protocol have been in the docs since 2015, it seems that enforcing it is recent. My app was working 2 days ago, so I imagine as recent as that.

Also, the api-explorer site is suffering the same bug. I will submit a pull request.

[rexwal]

In line 487 of OAuthRequester - I changed this line of code:

          //old code- if (preg_match('@^HTTP/[0-9]\.[0-9] +([0-9]{3})@', $http_line, $matches))
           new code:  if (preg_match('/HTTP\/\d*\.?\d*\s(\d*)/', $http_line, $matches))

This was my solution - editing the ka_example php code posted here.