Malformed or expired token

[nerodoxus]

Hi,

BTW Great work with this library. I'm trying to go with getting grades and I got an exception. I'm sure the credentials are good, token is OK.

root@sandbox:~/librus-apix/examples# python3 grades_example.py Traceback (most recent call last): File "/root/librus-apix/examples/grades_example.py", line 12, in <module> grades, semester_grades = get_grades(token, sort_by[0]) File "/usr/local/lib/python3.9/dist-packages/librus_apix/grades.py", line 68, in get_grades tr = no_access_check( File "/usr/local/lib/python3.9/dist-packages/librus_apix/helpers.py", line 8, in no_access_check raise TokenError("Malformed or expired token.") librus_apix.exceptions.TokenError: Malformed or expired token.

Maybe html structure on the portal has been changed ?

[RustySnek]

This seems weird, the example works well on my end. What you could try is copy the DZIENNIKSID and SDZIENNIKSID cookies from browser and manually create token like:

from librus_apix.get_token import Token
DZIENNIKSID = "..."
SDZIENNIKSID = "..."
ids = DZIENNIKSID + ":" + SDZIENNIKSID
token = Token(ids)

then use that token with get_grades like in example. If it works on browser it should no longer raise the TokenError. See if it werks, then we can see what's wrong with get_token func.

[RustySnek]

If that doesn't help you could actually inspect the html of the grades page, the no_access_check just does regex search for "Brak Dostepu" pattern, so if by any chance it appears anywhere even tho the page works correctly it will raise the error.

[RustySnek]

I've made changes to the no_access_check function you can pull them or install with pip and see if it fixed your issue

[nerodoxus]

This seems weird, the example works well on my end. What you could try is copy the DZIENNIKSID and SDZIENNIKSID cookies from browser and manually create token like:

from librus_apix.get_token import Token
DZIENNIKSID = "..."
SDZIENNIKSID = "..."
ids = DZIENNIKSID + ":" + SDZIENNIKSID
token = Token(ids)

then use that token with get_grades like in example. If it works on browser it should no longer raise the TokenError. See if it werks, then we can see what's wrong with get_token func.

I created token as you described and it works. But even after pulling a fix you prepared I got the same error.

[RustySnek]

Does get_token function return a valid token?

 token = get_token(user, pass)
print(token.API_Key)

the token should be constructed like so: L32~[DZIENNIKSID]:[SDZIENNIKSID]

[nerodoxus]

Yes, it's exactly like this L16~db61xxxxxxxxxxxxxxxx:db61xxxxxxxxxxxxxxxxxxxxx

[RustySnek]

Make sure you are not refreshing the token by running another get_token function elsewhere or logging in from browser at the same time.

[RustySnek]

If that's not the case then you can check how does the sign in process looks like in your browser and compare it to the get_token function. Also I have only run and tested the api using a student's account so if you are trying to use teacher's or parent's the login processs might not be the same.

[nerodoxus]

I'm using parent credentials, so maybe login process is slighlty different. I'll try to analyze it and find the cause.

[RustySnek]

Sure, good luck and feel free to fork and open pull request if you find a fix. I might look into it too later.

[nerodoxus]

I found the cause. get_token.py -> response = s.get(BASE_URL + "/rodzic/index") solve the problem. Most likely there is some way to get the role and redirect to the right URL. Easy way is to add role parameter to get_token(username: str, password: str) and use different URLs for each role.

[RustySnek]

Thanks for help, the request to uczen/index was pretty much a dead code, you could get dziennik cookies from the one before. It should work fine now, check all examples if you can and close the issue if it's fixed