clementine-qt5 fails at the last.fm authentication (invalid key) due to a different name

[jorgicio]

Before posting

Please follow the steps below and check the boxes with [x] once you did the step.

• [ x] I checked the issue tracker for similar issues
• [ x] I checked the changelog if the issue is already resolved
• [ x] I tried the latest Clementine build from here

System information

Please provide information about your system and the version of Clementine used.

• Operating System: Gentoo
• Clementine version: 1.3.1

Expected behaviour / actual behaviour

Can log flawlessly to my last.fm account / It throws the message of "Invalid key".

Steps to reproduce the problem (only for bugs)

• Open Clementine
• Go to the last.fm menu and try to login as usual
• It redirects to the page to authenticate, but it shows an "Invalid key" message. Tried with Firefox, Chrome and Opera.

As I reported the issue in the Gentoo tracker, I got this answer. The Clementine-qt5 app is treated as a different application aside the Clementine one. Hence the message.

More information in the screenshot.

[trougnouf]

Same issue, I just noticed that my last update was on February 2nd.

[trougnouf]

@Chocobozzz

Logging in now leads to the page https://www.last.fm/api/auth?api_key==http://localhost:42437/ , clicking the allow button leads to https://localhost:41505/?token= then Clementine sends a failure popup and often crashes.

__logging_message__13:57:45.057 DEBUG unknown "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<lfm status=\"failed\">\n <error code=\"6\">Invalid parameters - Your request is missing a required parameter\n\n"

I'm not sure this is caused by clementine as opposed to lastfm

[Chocobozzz]

@trougnouf try to open the link in chrome?

[trougnouf]

@Chocobozzz It works with Chrome. Firefox threw an error about SS(H/L) key too long I believe, I can replicate and provide the exact output if necessary.

[Chocobozzz]

It seems Firefox redirects on https://localhost... but I don't really know why. I checked the lastfm redirection header and it's definitely http://localhost... :thinking:

[SkyLeite]

This is still an issue on Firefox 66

[miradozk]

Still an issue on Mozilla Firefox 66

[nimch]

Still an issue on Mozilla Firefox 67...

[frozsgy]

I use Firefox but I had to install Chromium to overcome this, truly frustrating.

[uqs]

Doesn't work for my in Chromium or Firefox.

The webpage opens, I click allow, I redirects me to some localhost port with a token in the URL, this works fine and the webpage (served by Clementine) says: Success!

Please close your browser and return to Clementine.

But the clementine-player window says: Could not login to Last.fm. Please try again.

Nothing in the debug logs either.

Given that there's the token in the URL being passed to Clementine, is there a way to convert and hack that into the config by hand?

While playing, I get this:

12:09:29.664 INFO MainWindow:1511 Scrobbling at 102 12:09:29.664 DEBUG LastFMService:400 There are 4 tracks in the last.fm cache. 12:09:30.156 DEBUG unknown "" 12:09:30.156 DEBUG unknown "No data" 100

[uqs]

Wow, this is frustrating. After adding some debug statements the error returned by following the "session_url" is an SSL handshake error.

So I've checked what certs QT sees via for (auto const& cert : QSslConfiguration::systemCaCertificates()) {
qLog(Debug) << "Got cert" << cert.subjectDisplayName();
}

And that shows the required root cert DigiCert High Assurance EV Root CA

I've also set sslConfiguration.setProtocol(QSsl::AnyProtocol); to maybe avoid TLS version mismatch problems, but still no dice.

[JulianVolodia]

It seems Firefox redirects on https://localhost... but I don't really know why. I checked the lastfm redirection header and it's definitely http://localhost... 🤔

@Chocobozzz some 302 / 301? Redirections with Location header could be chained btw. Maybe next is to https.

Does going to about:config, finding key network.stricttransportsecurity.preloadlist and set it to "false" does the thing?

We are fixing some bug here still?

@uqs do you want to report some bug or tell it still not fixed? How your CA store on system changed when installed Chrome (if so) and when you removed some of installed CA root certs? I have to believe you because I not working on this now - don't want to fork.

[uqs]

@JulianVolodia it looks like this is more of a QT + FreeBSD problem. When I set QSslSocket::VerifyNone everything works just fine, but that's a non-starter.

Tracing the binary, I see that it's trying to read these certs: 57170 clementine-player NAMI "/etc/ssl/certs/" 57170 clementine-player NAMI "/etc/ssl/certs//244b5494.0" 57170 clementine-player NAMI "/etc/ssl/certs//2e5ac55d.0" 57170 clementine-player NAMI "/etc/ssl/certs//38ae8eda.0" 57170 clementine-player NAMI "/etc/ssl/certs//4f06f81d.0" 57170 clementine-player NAMI "/etc/ssl/certs/578d5c04.0"

But it ignores the "bundle" that FreeBSD packages provide and that is installed under /usr/local/share/certs/ca-root-nss.crt (and which I link into /etc/ssl/certs on all of my machines and that works fine).

In #owncloud/client/issues/1540 it is claimed that RedHat, Mandriva and FreeBSD do it that way and that QT handles that (and when I list all systemCaCertificates() they are all there, but when I simply list all caCertificates(), then only some show up).

Anyway, I have some patches that add some more logging which might help in the future. But I think I need to file a FreeBSD bug and I don't see how this could be Clementine's fault. Sorry for the noise.

[JulianVolodia]

so probably it's Qt port error support on FreeBSD or Qt fail because hard-coded path? Or maybe FreeBSD not looking in right place? Which shouldn't be shaved cause our well known FreeBSD yak is just like that?

No noise, I think I make more noise. @uqs but I don't understand what we are trying to do and where our forces are moved. With out think-move actions against move-think actions we will go nowhere...

Try to set this FreeBSD to look for certs in right place. Maybe we do not set some env variable or FreeBSD need some requirements for Clementine to work on it. Cheers!

[SkyLeite]

I wasn't using FreeBSD when I had this problem, so I'm not sure if it's directly related.

[JulianVolodia]

Hi @RodrigoLeiteF could you try to install virtual machine and provide feedback with minimal configuration description, where you see issue but not FreeBSD? And, do you still see the problem anywhere after all updates of OS, Firefox and lastest Clementine?

[SkyLeite]

Hi @RodrigoLeiteF could you try to install virtual machine and provide feedback with minimal configuration description, where you see issue but not FreeBSD? And, do you still see the problem anywhere after all updates of OS, Firefox and lastest Clementine?

Hey. I don't use Clementine anymore due to unrelated reasons, but I can try that when I find the time. :)