2021-07-22, 16:42
(2021-07-22, 14:39)kk20 Wrote:OK, I can now log in using my test harness, I will try and get this translated into the addon.(2021-07-22, 10:56)matthuisman Wrote: yes, its encrypted."experiments": {
Still old tokens with NZ based login
when I look at my JWT token data, there is this data in it
As you can see, JWE account access tokens is an "experiment" they must be running on some logins.Code:"experiments": {
"wpnx-Disney-JWE-account-access-tokens": {
"variant_id": "control",
"version": 1
},
Obviously my login doesn't have it...
Who knows if or when it will
It should be a simple fix once I can test what it is doing.
I suspect they will just send a different header if its using JWE
"wpnx-Ornella_Test_2": {
"variant_id": "variant1",
"version": 1
},
"wpnx-Disney-JWE-device-access-tokens": {
"variant_id": "control",
"version": 1
}
yep, there you go. Im experimenting with manually getting a token from desktop python. Learning JWT rapidly.... I can get the bearer. I can get to authorization with the endpoint https://global.edge.bamgrid.com/idp/login but cannot get a token to stick {'errors': [{'code': 'access-token.invalid', 'description': 'auth.missing'}]}
I assume I am sending the wrong header to the login (or have a wrong payload). I'll keep playing with it.
{'token_type': 'Bearer', 'id_token': '<SUPER SECRET TOKEN THAT HAS EXPIRED NOW ANYWAY>', 'expires_in': 900}
Im having a play about and the only difference is that im not using your class but calling requests.post manually. I have to include a headers=<your header class> in each call (mindful of the 900s expiry as I dont have a refresh function). Im getting {'status': 400, 'message': 'Bad Request'} for my manual information calls such as collection_by_slug for 'home','home' (no more bad auth messages at least)
Work calls so I cannot spend more time today.