Extra parameter needed not in documentation? about pandora-apidoc HOT 43 OPEN

I'm sorry to bother you again, but this is just unbelievably frustrating. I keep receiving error code 0 when trying to log in as a user. I am sending this json:
{ "syncTime": 1872069792, "password": "*********", "loginType": "user", "partnerAuthToken": "token", "username": "*****@gmail.com" } where syncTime is the (current time of partner log in minus the decrypted time) plus current time of user log in
my URL is this https://tuner.pandora.com/services/json/?method=auth.userLogin&auth_token=TOKEN&partner_id=ID

from pandora-apidoc.

@thewithz right now I am not using any language. I want to implement it in Node.js but at the moment I am trying to obtain as much info as I can. At the moment I am using POST request by hand with POSTMAN tool, but I am not able to obtain any results. Just the partner authentication.
In the login request I get the 0 error code. I am stucked right now.

from pandora-apidoc.

@brunoescalona @PromyLOPh I'm doing exactly what's in the image above. This is the data I am sending. To be honest, I'm probably missing something very obvious.

from pandora-apidoc.

@FireController1847 ok! if I have time I will connect. :) thank you!

from pandora-apidoc.

Scratch that on that last comment. I cannot believe it, but I finally got it to work. Thank you everyone who was part of and helped in this thread (even though it's not mine xD)!

from pandora-apidoc.

from pandora-apidoc.

I'm a bit confused because in this instance, isn't the auth_token url parameter the same as the partnerAuthToken you send via the json? Or are they different? I'm sending to https://tuner.pandora.com/services/json/?method=auth.userLogin&auth_token=token&partner_id=id now and it is returning an error code 0.

EDIT: Never mind, I see now why I need auth_token however I'm still baffled as to why I am receiving an error code 0.

EDIT 2: leaving partner_id blank gives an error code 1010. So that part is working normally.

from pandora-apidoc.

from pandora-apidoc.

Ok I understand what I'm doing wrong now. Sorry for the confusion!

from pandora-apidoc.

Hi!
I am having the same issue that you. I don't know who to obtain the auth_token parameter for the url. Is it the same as the partner authentification token?

from pandora-apidoc.

from pandora-apidoc.

@PromyLOPh Thank you for the response.
@thewithz are you still having the same issue with the syncTime? Could you give me an example to calculate that parameter? (I have no idea how to decrypt the time obtained from Pandora).

from pandora-apidoc.

@brunoescalona I used something called Blowfish to decrypt the sync time. What language are you using?

@PromyLOPh I'm writing an API wrapper in Java, because there is none yet, and I want to interface it with another Java project I am working on. I encrypted the JSON post body with the partner password listed in the API doc. Was there a different encryption I am supposed to be using?

from pandora-apidoc.

from pandora-apidoc.

Just to clarify in case I'm getting this wrong, am I supposed to encrypt the final json or each key value pair individually

from pandora-apidoc.

from pandora-apidoc.

@thewithz Hi, How do you get the syncTime decoded exactly? I am using blowfish with the partner password as key but I can't get a time. I am using blowfish.

from pandora-apidoc.

@brunoescalona at first I got it working, but now two weeks later I am receiving error code 13s on any command i try to run. I think it might have something to do with the fact that Pandora's website got updated... I don't want to show you code that doesn't work.

from pandora-apidoc.

@thewithz ok! but I would like just to know how did you do the decoding stuff I was trying to obtain something valid but I just get incoherent data and numbers....

from pandora-apidoc.

@brunoescalona I'm trying to do the same and create a Node.js API. Have you gotten past the Code 0 error? If so, how did you fix it? If you have Discord I'd love to talk to you about it! Add me, FireController1847#3577

from pandora-apidoc.

@FireController1847 sorry for my delay.
No at the moment I have stopped that project but I am still stucked in that point. I can obtain the partner login but I am not able to decode properly the syncTime.

from pandora-apidoc.

@brunoescalona Aww, alright.

from pandora-apidoc.

@FireController1847 here I have all the code I did for the partner authentication but I could not do the login. Just it is usefull for you....
pandora node.js
If you can decode the syncTime or make some advance just let me know please :)

from pandora-apidoc.

@brunoescalona I was able to decode syncTime using the blowfish module you were talking about. Maybe you were having issues for it? Even with syncTime, I couldn't get past the Code 0 error on Postman.

from pandora-apidoc.

from pandora-apidoc.

It's be great if you guys could talk about this on me within Discord. Add me, my name is FireController1847#9085 @PromyLOPh @brunoescalona

from pandora-apidoc.

@PromyLOPh Thank you!!!!!! I didn't see the decrypt password and I was using the password itself.
@FireController1847 how are you obtaining the syncTime? Are you using just the decoded syncTime or are you using this formula? Maybe that could solve the problem:

https://6xq.net/pandora-apidoc/json/

Synchonized time. Calculation: current time + (time of Partner login request – syncTime from Partner login response). This is a protection against replay-attacks.

from pandora-apidoc.

@thewithz Are you sending the Body encoded? I think in the user login you should send it encoded.

Unless noted otherwise JSON-encoded requests sent by the client within the HTTP POST body are encrypted using Blowfish ECB and converted to hexadecimal notation with lowercase letters.

from pandora-apidoc.

My user brunoescalona#0787

from pandora-apidoc.

@thewithz How did you fix that damn Code 0 error?
@brunoescalona I've moved on from the Code 0 error to a... Code 1001? How the hell do you get a code 1001 on a user login?! I loop through the key of every object and encrypt it that way. Then the object ends up being stuff like {"loginType": "EE1EE3EBFD..."}

from pandora-apidoc.

@FireController1847 hi I left the project time ago haha. I could not connect so I just leave it at the end.

from pandora-apidoc.

@brunoescalona I keep leaving it but then I keep coming back thinking I'll do it this time.... of course, every time I do it I just receive the same ol' Code 0 error. Until recently, when I figured out something extremely important: We were encrypting incorrectly.

from pandora-apidoc.

@FireController1847 why we were encryting incorrectly?

from pandora-apidoc.

@brunoescalona When we had the object, we did not need to stringify it and then encrypt it, but instead we needed to encrypt every value within the object. Here's an example below.

let userLoginInfo = {
  "loginType": "user",
  "username": "[email protected]",
  "password": "XXXXX",
  // "incluePandoraOneInfo": true,
  // "includeSubscriptionExpiration": true,
  // "returnCapped": true,
  // "includeAdAttributes": true,
  // "includeAdvertiserAttributes": true,
  // "xplatformAdCapable": true,
  "partnerAuthToken": res.partnerAuthToken,
  "syncTime": calcdSyncTime
}

to...

Encrypted User Login Info: {
  "loginType": "EE1EE3EBFD757FCA",
  "username": "XXXX",
  "password": "XXXX",
  "partnerAuthToken": "F64EAFC5B1FA3A2C7388867A53FA787B7596A4F3E34A403BF6A8A942F41E1DFA1A00444A886473BB",
  "syncTime": null
}

from pandora-apidoc.

@FireController1847 ok I understand.... so when I have time I will try it again.

from pandora-apidoc.

@brunoescalona I'll be on Discord if you want to chat. FireController1847#9085

from pandora-apidoc.

Seeing an error 9 with the following request after a successful partner login:

{"loginType":"user","username":"[email protected]","password":"xxxxxxxx","partnerAuthToken":"xxxxxxxxxxxx","syncTime":0}

array(3) {
  ["auth_token"]=>
  string(34) "xxxxx"
  ["partner_id"]=>
  string(2) "xx"
  ["method"]=>
  string(14) "auth.userLogin"
}

Where partnerAuthToken and auth_token are the value returned from the successful partner login.

Any thoughts? Not sure if 0 is a valid syncTime value, but wouldn't think error 9 would be the response in that case.

from pandora-apidoc.

@abreksa4 SyncTime cannot be 0, it's a built number using Date.now() and something else (for JS). It's been so long, though, that I can't remember. Sorry :(

from pandora-apidoc.

@FireController1847 No problem, thanks for the pointer. Looks like my application (read: environment) was encrypting/decrypting the data incorrectly. syncTime is no longer zero, but getting a 1002 error now (INVALID_PARTNER_LOGIN) while using the info provided in the docs here for partner credentials, same as the rest of the implementations I've looked at.

Anyone experiencing that? Not really under the scope of this ticket, but figured I'd mention it while I try to work it out.

from pandora-apidoc.

from pandora-apidoc.

@PromyLOPh I'm using the android credentials as well, though I cycled through the rest of the available sets and got the same error, so thinking it's an issue on my end if other projects are using them successfully.

from pandora-apidoc.

Alright, figured since I got this resolved I'd post the results here.

Turned out to be an issue with PHP 7.2 dropping mcrypt, and the ensuing headaches caused by trying to use openssl instead.

Asked the question on freenode in ##php, and was pointed at http://php.net/manual/en/function.openssl-encrypt.php#121545 within 20 minutes, courtesy of Sammitch.

Used the magic methods included in that comment and now the api calls are working.

Link to the updated php library fork for anyone interested: https://github.com/abreksa4/php-pandora-api

from pandora-apidoc.

@abreksa4 You're saying your PHP library is working. Do you mind talking with me on Discord or Email so I can try and get past the userLogin? I'm still getting Code 0. Add me on Discord FireController1847#3577 or email me at [email protected], as if you could give me some tips and questions that would be amazing (rather than me trying to decode your PHP library, one of the few languages I understand unlike C, Python, and C# xD)

from pandora-apidoc.