Wikidata-Toolkit icon indicating copy to clipboard operation
Wikidata-Toolkit copied to clipboard

Published 20 hours ago verified publisher icon Wikidata

CSRF Token error

Open luisenriqueramos1977 opened this issue 5 years ago • 3 comments

Dear friends,

I have been working with wikidata for sometime, but since last week , when I try to make a bulk load, I receive a CSRF error.

I mean, when I edit wikidata and write the item, I do not receive any error message and write the item, but now I receive a CSRF Token error message as shown below:

2019-09-23 09:12:42 ERROR - Gave up after several retries. Last error was: org.wikidata.wdtk.wikibaseapi.apierrors.TokenErrorException: [badtoken] Invalid CSRF token.
Exception in thread "main" 2019-09-23 09:12:42 ERROR - Gave up after several retries. Last error was: org.wikidata.wdtk.wikibaseapi.apierrors.TokenErrorException: [badtoken] Invalid CSRF token.
2019-09-23 09:12:42 ERROR - Gave up after several retries. Last error was: org.wikidata.wdtk.wikibaseapi.apierrors.TokenErrorException: [badtoken] Invalid CSRF token.
2019-09-23 09:12:42 ERROR - Gave up after several retries. Last error was: org.wikidata.wdtk.wikibaseapi.apierrors.TokenErrorException: [badtoken] Invalid CSRF token.
2019-09-23 09:12:42 ERROR - Gave up after several retries. Last error was: org.wikidata.wdtk.wikibaseapi.apierrors.TokenErrorException: [badtoken] Invalid CSRF token.
2019-09-23 09:12:42 ERROR - Gave up after several retries. Last error was: org.wikidata.wdtk.wikibaseapi.apierrors.TokenErrorException: [badtoken] Invalid CSRF token.
2019-09-23 09:12:42 ERROR - Gave up after several retries. Last error was: org.wikidata.wdtk.wikibaseapi.apierrors.TokenErrorException: [badtoken] Invalid CSRF token.
2019-09-23 09:12:42 ERROR - Gave up after several retries. Last error was: org.wikidata.wdtk.wikibaseapi.apierrors.TokenErrorException: [badtoken] Invalid CSRF token.
2019-09-23 09:12:42 ERROR - Gave up after several retries. Last error was: org.wikidata.wdtk.wikibaseapi.apierrors.TokenErrorException: [badtoken] Invalid CSRF token.
org.wikidata.wdtk.wikibaseapi.apierrors.TokenErrorException: [badtoken] Invalid CSRF token.
	at org.wikidata.wdtk.wikibaseapi.apierrors.MediaWikiApiErrorHandler.throwMediaWikiApiErrorException(MediaWikiApiErrorHandler.java:55)
	at org.wikidata.wdtk.wikibaseapi.ApiConnection.checkErrors(ApiConnection.java:466)
	at org.wikidata.wdtk.wikibaseapi.ApiConnection.sendJsonRequest(ApiConnection.java:406)
	at org.wikidata.wdtk.wikibaseapi.WbEditingAction.performAPIAction(WbEditingAction.java:716)
	at org.wikidata.wdtk.wikibaseapi.WbEditingAction.wbEditEntity(WbEditingAction.java:294)
	at org.wikidata.wdtk.wikibaseapi.WikibaseDataEditor.createItemDocument(WikibaseDataEditor.java:240)
	at wikiloader.GLEIFRegisterResponsibleLoader.main(GLEIFRegisterResponsibleLoader.java:743)

Any idea why is that happening?, is it a coding error?, or it is another kind of error?

Luis Ramos

luisenriqueramos1977 avatar Sep 23 '19 07:09 luisenriqueramos1977

@Tpt @wetneb Is this still broken? I remember from when I used Wikibase API directly that CSRF tokens expire when not used for some time. They have to be renewed periodically. This is not a problem for busy bots, but assisted editing tools will have gaps in activity that cause CSRF tokens to expire.

robertvazan avatar Feb 03 '21 08:02 robertvazan

I solved the issue, thans

luisenriqueramos1977 avatar Feb 03 '21 09:02 luisenriqueramos1977

@luisenriqueramos1977 So what was the cause and how did you solve the problem? Can this issue be closed?

robertvazan avatar Feb 03 '21 10:02 robertvazan

Hi, I see this is an old issue, but I recently have also ran into this problem. For me it occurs when I try to login again after I caught an AssertUserFailedException. After debugging I think the issue is that the login method of BasicApiConnection does not have a way to reset the login token or clear the token from outside of the package.

The login method calls getOrFetchToken, but the token map is already filled from the first login. However, this token is expired. I think there should be a way to force token fetching in this case. I am however intrigued how @luisenriqueramos1977 solved the issue.

Lhaaits avatar Mar 02 '23 10:03 Lhaaits

dear @robertvazan , yes you can close it, but @Lhaaits unfortunately I do not remember how I solved it that time.

luisenriqueramos1977 avatar Mar 02 '23 17:03 luisenriqueramos1977

I'd like to make a pull request to enable resetting the tokens, if that's ok, so maybe you can leave it open until then

Lhaaits avatar Mar 04 '23 21:03 Lhaaits

I think this can be closed. Could someone with rights create a release for https://github.com/Wikidata/Wikidata-Toolkit/pull/765 ?

Lhaaits avatar Mar 30 '23 08:03 Lhaaits

@robertvazan could you create a release for https://github.com/Wikidata/Wikidata-Toolkit/pull/765?

Lhaaits avatar May 03 '23 07:05 Lhaaits

@Lhaaits Hi. I am not currently actively working on WDTK for lack of time. I think releases are done by either @Tpt or @wetneb.

robertvazan avatar May 03 '23 13:05 robertvazan

I am not actively working on this project either. @Lhaaits you have made multiple contributions already, would you like to help with reviewing PRs and making releases? Unless @robertvazan or @Tpt see a problem with this, I would invite you to the repository so that you can do that.

wetneb avatar May 03 '23 14:05 wetneb

Hi @wetneb, I think my invitation expired a while ago, could you send a new one?

Lhaaits avatar Sep 20 '23 14:09 Lhaaits

Invite sent again, please go to https://github.com/Wikidata/Wikidata-Toolkit to accept it

wetneb avatar Sep 20 '23 14:09 wetneb