lastpass-python icon indicating copy to clipboard operation
lastpass-python copied to clipboard

Published 20 hours ago verified publisher icon konomae

Example throws an InvalidResponseError - Lastpass's response empty?

Open rtoma opened this issue 10 years ago • 4 comments

Just gave your creation a testdrive using the example.py, but the lastpass response is a HTTP 200 status_code with an empty content causing this exception:

  File ".../github-konomae-lastpass-python/src/lastpass/fetcher.py", line 79, in request_login
    raise InvalidResponseError()
lastpass.exceptions.InvalidResponseError

Running with python 2.7.8 (brew version) and these libs:

coverage (3.7.1)
mock (1.0.1)
nose (1.3.4)
pip (1.5.6)
py (1.4.25)
pycrypto (2.6.1)
requests (2.4.3)
rsa (3.1.4)
setuptools (3.6)
tox (1.7.2)
virtualenv (1.11.6)
wsgiref (0.1.2)

Any ideas?

rtoma avatar Oct 14 '14 14:10 rtoma

Thank you for reporting this :smiley:

Please check the following items:

  • Please check account and password are correct
  • Please check LastPass security level
  • Please check Multifactor Options (Mobile access, etc.)
  • Please provide more stacktrace

konomae avatar Oct 15 '14 01:10 konomae

Hi, I have checked the following:

  • I can access the web vault with my account
  • Security level is 'high' (still does not work when lowering to 'normal')
  • No multifactor configured.

Output with logging enabled + stacktrace below:

INFO:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): lastpass.com
send: 'POST /login.php HTTP/1.1\r\nHost: lastpass.com\r\nContent-Length: 594\r\nAccept-Encoding: bla\r\nAccept: */*\r\nUser-Agent: python-requests/2.4.3 CPython/2.7.8 Darwin/13.4.0\r\nConnection: keep-alive\r\nContent-Type: application/x-www-form-urlencoded\r\n\r\nxml=1&web=1&hash=52&REMOVED&hash=48&username=REMOVED&iterations=1&method=mobile'
reply: 'HTTP/1.1 200 OK\r\n'
header: Date: Wed, 15 Oct 2014 07:46:53 GMT
header: Content-Type: text/xml; charset=UTF-8
header: Transfer-Encoding: chunked
header: Connection: keep-alive
header: Vary: Accept-Encoding
header: Set-Cookie: PHPSESSID=REMOVED; expires=Tue, 28-Oct-2014 07:46:53 GMT; Max-Age=1123200; path=/; secure; httponly
header: Strict-Transport-Security: max-age=86400000
header: X-Frame-Options: SAMEORIGIN
header: Content-Security-Policy: default-src 'self' ; img-src 'self' https://lastpass.com data: http://www.google-analytics.com https://ssl.google-analytics.com https://www.google-analytics.com https://img.youtube.com https://googleads.g.doubleclick.net https://www.google.com  ; object-src 'self' http://*.googlevideo.com; connect-src 'self' https://lastpass.com wss://*.lastpass.com ; style-src 'self' 'unsafe-inline' 'unsafe-eval'  https://lastpass.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://lastpass.com https://www.youtube.com https://*.ytimg.com ; font-src 'self' 'unsafe-inline' 'unsafe-eval'  https://lastpass.com ; frame-src 'self' https://ssl.gstatic.com https://www.google.com https://www.youtube.com
header: X-Content-Security-Policy: allow 'self'  'self' https://lastpass.com wss://*.lastpass.com ; img-src 'self' https://lastpass.com data: http://www.google-analytics.com https://ssl.google-analytics.com https://www.google-analytics.com https://img.youtube.com https://googleads.g.doubleclick.net https://www.google.com  ; object-src 'self' http://*.googlevideo.com; frame-src 'self' https://ssl.gstatic.com https://www.google.com https://www.youtube.com ; options inline-script eval-script
header: Expires: Thu, 19 Nov 1981 08:52:00 GMT
header: X-XSS-Protection: 1; mode=block
header: Cache-Control: no-cache, private, no-store, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
header: X-Content-Type-Options: nosniff
header: Pragma: no-cache
header: P3P: CP="NON DSP COR CUR OUR LEG PHY COM"
header: Server: LastPass
DEBUG:requests.packages.urllib3.connectionpool:"POST /login.php HTTP/1.1" 200 None
Traceback (most recent call last):
  File "example/example.py", line 18, in <module>
    vault = Vault.open_remote(username, password)
  File "/Users/rtoma/projects/github-konomae-lastpass-python/src/lastpass/vault.py", line 10, in open_remote
    return cls.open(cls.fetch_blob(username, password, multifactor_password), username, password)
  File "/Users/rtoma/projects/github-konomae-lastpass-python/src/lastpass/vault.py", line 26, in fetch_blob
    return fetcher.fetch(fetcher.login(username, password, multifactor_password))
  File "/Users/rtoma/projects/github-konomae-lastpass-python/src/lastpass/fetcher.py", line 27, in login
    return request_login(username, password, key_iteration_count, multifactor_password)
  File "/Users/rtoma/projects/github-konomae-lastpass-python/src/lastpass/fetcher.py", line 91, in request_login
    raise InvalidResponseError()
lastpass.exceptions.InvalidResponseError

rtoma avatar Oct 15 '14 07:10 rtoma

Sorry, I can't reproduce this.

Please make sure that response.content is empty or not. If not empty, please find some useful information in response.content.

https://github.com/konomae/lastpass-python/blob/23b4fbf5bc886b5540173e0f498b7cac8616657d/lastpass/fetcher.py#L74

konomae avatar Oct 15 '14 08:10 konomae

response.content is totally empty. same for response.text or response.raw.read()

rtoma avatar Oct 15 '14 13:10 rtoma