search

aunefyren / wrapperr

Website based application that summarizes Plex statistics from a given period and displays it in a nice format. Similar to the Spotify Wrapped concept.
314 stars 22 forks source link

[Bug?] "✓ Plex Wrapped" greyed out #24

Closed ghost closed 2 years ago

ghost commented 2 years ago

Hey

I installed wrapperr by:

  1. Create a quick domain-setup, with /etc/nginx/sites-enabled/wrapped.domain.com.conf and enable PHP.
  2. The wrapped.domain.com.conf file looks like this
  3. cd /var/www/wrapped.domain.com
  4. sudo git clone https://github.com/aunefyren/wrapperr.git
  5. sudo mv wrapperr/ html/
  6. sudo chown -R www-data:www-data html/
  7. sudo chmod -R 0777 /var/www/wrapped.domain.com/html/config
  8. I configured an admin login/password
  9. I configured my Tautulli and confirmed it is working (green Test Connection prompt)
  10. I chose the pre-cache option, 50 days
  11. Waited for the cache to complete
  12. Confirmed that the cache.json file in /var/www/wrapped.domain.com/html/config was created (size is about 5-6mb after pre-cache)
  13. Restarting nginx, sudo service nginx restart
  14. Trying to login using the "Sign in using Plex" prompt
  15. After logging in, I get this: https://i.imgur.com/wYFJFt6.png
  16. "✓ Plex Wrapped" greyed out

Can't really figure out if I did anything wrong. It worked before using the Plex OAuth login, so I'm not sure why it doesn't work now.

Other info 1) Tautulli is v2.8.0 (2021-12-15) 2) Using the "Sign in using Plex" prompt, gives a rather unpleasant "warning" message: https://i.imgur.com/NigpkMQ.png

aunefyren commented 2 years ago

Thanks for the good explaination!

Seems to be related to the Plex Auth, cookie validation, part of the API. The button is greyed out until the cookie, created at login, is validated. Then the cookie should either be approved, making the button available, or you should be logged out and be prompted to log in again.

Is there anything in the developer console of your webbrowser? Typically found with F12 on your keyboard.

Using the "Sign in using Plex" prompt, gives a rather unpleasant "warning" message:

I get this on my website too, but login is working.

ghost commented 2 years ago

Thanks for the good explaination!

Seems to be related to the Plex Auth, cookie validation, part of the API. The button is greyed out until the cookie, created at login, is validated. Then the cookie should either be approved, making the button available, or you should be logged out and be prompted to log in again.

Is there anything in the developer console of your webbrowser? Typically found with F12 on your keyboard.

Using the "Sign in using Plex" prompt, gives a rather unpleasant "warning" message:

I get this on my website too, but login is working.

Yeah I seem to get an error with the validate_login_cookie.php https://i.imgur.com/Yh5Epci.png

Log: https://0bin.net/paste/lypzHmvr#1wB69Fg9+KGv9wS8-k5r/3DhdUBLmtDUHHMXnVBYbzv

Also says this from the dev console, don't think it's relevant though Cookie “plex-wrapped” will be soon rejected because it has the “SameSite” attribute set to “None” or an invalid value, without the “secure” attribute. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite

aunefyren commented 2 years ago

Are you able to send API/validate_login_cookie.php your cookie and see the response?

ghost commented 2 years ago

Are you able to send API/validate_login_cookie.php your cookie and see the response?

I have no idea how to do this. I mean, I know how to obtain the cookie. Guessing that's the cookie string from the dev console. But I have no idea how to parse it through the php file (and how to gather the response) Can you guide me? 🙂

Is it like .. https://wrapped.domain.com/api/validate_login_cookie.php?cookie=iBsqzriNpCMhyzzbMqYCx3Q9CjcGhdwj+TiAjU94zfY90fOi ? Cause that just gives me an "input error"?

Also tried from terminal (ubuntu): curl --cookie "plex-wrapped=iBsqzriNpCMhyzzbMqYCx3Q9CjcGhdwj+TiAjU94zfY90fOi" --request GET "https://wrapped.domain.com/api/validate_login_cookie.php" & curl --cookie "cookie=iBsqzriNpCMhyzzbMqYCx3Q9CjcGhdwj+TiAjU94zfY90fOi" --request GET "https://wrapped.domain.com/api/validate_login_cookie.php" & curl --cookie "iBsqzriNpCMhyzzbMqYCx3Q9CjcGhdwj+TiAjU94zfY90fOi" --request GET "https://wrapped.domain.com/api/validate_login_cookie.php"

and all I get is {"error":true,"message":"Input error."}

aunefyren commented 2 years ago

It accepts Post data, not Get. You can do this using curl I think.

-d, --data Send specified data in POST request. Details provided below.

https://gist.github.com/subfuzion/08c5d85437d5d4f00e58

ghost commented 2 years ago

I tried running

curl --data "plex-wrapped=uEHOoq849mpPshON3yAU2yLmG96pDponZMCV2Kd6odYw9DZG" "https://wrapped.domain.com/api/validate_login_cookie.php"

Just gives me: {"error":true,"message":"Input error."}

Am I doing it wrong? Sorry if so

Edit Also tried 

curl --data "plex-wrapped=uEHOoq849mpPshON3yAU2yLmG96pDponZMCV2Kd6odYw9DZG" --request POST "https://wrapped.domain.com/api/validate_login_cookie.php"

still: {"error":true,"message":"Input error."}

Edit 2 Tried these, from this instruction:

curl -d "plex-wrapped=uEHOoq849mpPshON3yAU2yLmG96pDponZMCV2Kd6odYw9DZG" -X POST "https://wrapped.domain.com/api/validate_login_cookie.php"
curl -d "uEHOoq849mpPshON3yAU2yLmG96pDponZMCV2Kd6odYw9DZG" -X POST "https://wrapped.domain.com/api/validate_login_cookie.php"
curl -d "cookie=uEHOoq849mpPshON3yAU2yLmG96pDponZMCV2Kd6odYw9DZG" -X POST "https://wrapped.domain.com/api/validate_login_cookie.php"

All give the same error: {"error":true,"message":"Input error."}

aunefyren commented 2 years ago

Not gonna lie, I have issues sending info to API's using Curl as I have difficulties wrapping my mind around the parameters. I usually use Postman as an API tester.

The API accepts Post data, and communicates using the JSON format. So maybe the data must be a JSON string? Like this '{"cookie":"crazycookiestribg123"}'.

ghost commented 2 years ago

Not gonna lie, I have issues sending info to API's using Curl as I have difficulties wrapping my mind around the parameters. I usually use Postman as an API tester.

The API accepts Post data, and communicates using the JSON format. So maybe the data must be a JSON string? Like this '{"cookie":"crazycookiestribg123"}'.

Okay so I tried this, taking the answer from this stackexchange:

curl --header "Content-Type: application/json" \
  --request POST \
  --data '{"cookie":"EGj/JNuG04eEamIFa3SXHX0o/ersRutZqOa8ulQ4PD/AEvov"}' \
  https://wrapped.domain.com/api/validate_login_cookie.php

which gives no response

Tried with this:

curl --header "Content-Type: application/json" \
  --request POST \
  --data '{"cookie":"plex-wrapped=EGj/JNuG04eEamIFa3SXHX0o/ersRutZqOa8ulQ4PD/AEvov"}' \
  https://wrapped.domain.com/api/validate_login_cookie.php

Which then gives:

{"message":"Encryption failure.","error":true,"data":[]}

So, finally something new :) "Encryption failure". I'm running the https://wrapped.domain.com behind an SSL certificate. Just used certbot with nginx. Works wonderfully usually. Not sure if that's the problem then??

Edit Tried to run the wrapped.domain.com without HTTPS/SSL.. Edited the nginx domain wrapped.domain.com.conf to temporarily disable SSL. Tried this command:

curl --header "Content-Type: application/json" \
  --request POST \
  --data '{"cookie":"plex-wrapped=ASTQhC1FmcRQuP5W61g50+d8SDt8QgoA8lIIxxy6uy6MQC9Q"}' \
  http://wrapped.domain.com/api/validate_login_cookie.php

gave the same:

{"message":"Encryption failure.","error":true,"data":[]}

Edit 2 I'm also running Overseerr, Tautulli and MovieMatch on the same domain, same nginx server, and with the same certbot setup. They all also use the Plex OAuth solution, with no problems. So I have no idea what to do here 😕

aunefyren commented 2 years ago

This is a badly named error that occurs when decrypting the cookie using Base64 for verification. My first guess is that maybe the line here:

$cookie = htmlspecialchars($data->cookie);

On line 30 in wrapperr/api/validate_login_cookie.php is removing some important characters. Doubt it though, as I probably would have experienced it too. But, try changing it:

$cookie = $data->cookie;

Also make sure that the value token_encrypter in your config JSON stays consistent, as this is used to encrypt and decrypt the cookies it supplies.

Also make sure you are sending the whole value of the cookie given by the API.

Edit: try removing plex-wrapped= in your data in Curl:

--data '{"cookie":"ASTQhC1FmcRQuP5W61g50..."}'

ghost commented 2 years ago

So I edited the validate_login_cookie.php on line 30. I checked the config.json for any changes to the token_encrypter throughout multiple logins, and nginx restarts. No changes to the token.

I've tried:

curl --header "Content-Type: application/json" \
  --request POST \
  --data '{"cookie":"w3fviZ0uEUE6gKAXmp6jp3Mncq9pxFefHuK5U5xGurDX"}' \
  https://wrapped.domain.com/api/validate_login_cookie.php

Output: (verbose) - it doesn't output anything if no -v applied to the curl command. https://0bin.net/paste/-bjMl8o2#k-RDDXPtg//FCmjwDu1lk9iRa05ShF75DCoy4IOaG0/

and 

curl --header "Content-Type: application/json" \
  --request POST \
  --data '{"cookie":"plex-wrapped=w3fviZ0uEUE6gKAXmp6jp3Mncq9pxFefHuK5U5xGurDX"}' \
  https://wrapped.domain.com/api/validate_login_cookie.php

Output: (verbose) https://0bin.net/paste/j6ZPC5T9#Cc8ndfkEncJGnhKqdnnDxyosV2vYyWkmocA1xZX90Iy

aunefyren commented 2 years ago

Did you see my edit and try that?

ghost commented 2 years ago

Did you see my edit and try that?

Yes? I think it's what I did here:

curl --header "Content-Type: application/json" \
  --request POST \
  --data '{"cookie":"w3fviZ0uEUE6gKAXmp6jp3Mncq9pxFefHuK5U5xGurDX"}' \
  https://wrapped.domain.com/api/validate_login_cookie.php

Output: (verbose) - it doesn't output anything if no -v applied to the curl command. https://0bin.net/paste/-bjMl8o2#k-RDDXPtg//FCmjwDu1lk9iRa05ShF75DCoy4IOaG0/

removed the plex-wrapped= part. It just didn't output anything

Edit Tried on another server of mine, using the docker image. On there it seems to work fine. Could it be because I'm using php8 instead of php7.4 or something?

aunefyren commented 2 years ago

Edit Tried on another server of mine, using the docker image. On there it seems to work fine. Could it be because I'm using php8 instead of php7.4 or something?

Mmmm, that could be. Never tried php8 before. I'll attempt to install it on php8 later today and track down the issue

aunefyren commented 2 years ago

Also, thank you for the effort. Really helps making this project as good as it can be!

ghost commented 2 years ago

Edit Tried on another server of mine, using the docker image. On there it seems to work fine. Could it be because I'm using php8 instead of php7.4 or something?

Mmmm, that could be. Never tried php8 before. I'll attempt to install it on php8 later today and track down the issue

Thanks 👍 . Also, I'm using nginx, while I figure the docker uses apache. Not sure if there's some other weird php-option you have to do with nginx. Or a php module that's missing from my setup?

Also, thank you for the effort. Really helps making this project as good as it can be!

Huge thanks to you too! I really love these "small" additions to the "Plex-i-verse" so to speak. So thanks for making it, and thanks for helping me sort out this issue 😄

ghost commented 2 years ago

Oh wow, I solved it I think.

I was missing some PHP module apparently. I purged my PHP8 install and installed from this guide from Linode. Including the modules: sudo apt install php-common php-mysql php-cgi php-mbstring php-curl php-gd php-xml php-xmlrpc php-pear

Not sure which one of them helped, but it works now. Phew! It's always the small things, that end up causing the most trouble

aunefyren commented 2 years ago

Huh, maybe the decrypter/encrypter couldn't function without some package