[Cyberduck-trac] [Cyberduck] #10725: B2 fails with app key limited to specific buckets (was: B2 can't login in 7.00+)
Cyberduck
trac at cyberduck.io
Thu Jun 6 16:20:48 UTC 2019
#10725: B2 fails with app key limited to specific buckets
---------------------------+-------------------------
Reporter: im.thatoneguy | Owner: dkocher
Type: defect | Status: assigned
Priority: high | Milestone: 7.1
Component: b2 | Version: 7.0
Severity: blocker | Resolution:
Keywords: | Architecture:
Platform: Windows 10 |
---------------------------+-------------------------
Old description:
> I just upgraded to 7.00 and I can no longer log in to Backblaze B2
> buckets using Application Keys.
>
> It works if I use my master key but not an application key it says "login
> failed".
>
> I discovered this when I tried to share a read-only key to someone else
> and they were having issues that I couldn't reproduce until I myself
> upgraded to the latest version on the website.
New description:
Regression from <7.0
When opening connection, b2_list_buckets will fail if the app key in-use
is limited to one bucket. 6.9 would list one bucket, 7.0 errors and
breaks authorization flow.
Reproduction:
1) Create B2 app key limited to one bucket
2) Attempt connection POST /b2api/v2/b2_list_buckets HTTP/1.1
Error: 401 Listing Directory / Failed
Possible B2 v2 API bug
--
Comment (by im.thatoneguy):
Traced it. The application keys were limited to a single bucket. An
application key with "All" for buckets works. An application key with
just one bucket fails. Probably on t he new apiv2 list buckets?
'''Old Flow 6.9'''
{{{
GET /b2api/v1/b2_authorize_account HTTP/1.1
Authorization: ********
Host: api.backblazeb2.com
Connection: Keep-Alive
User-Agent: Cyberduck/6.9.4.30164 (Windows 10/10.0) (x86)
Accept-Encoding: gzip,deflate
HTTP/1.1 200
Cache-Control: max-age=0, no-cache, no-store
Content-Type: application/json;charset=utf-8
Content-Length: 608
Date: Thu, 06 Jun 2019 15:54:41 GMT
POST /b2api/v1/b2_list_buckets HTTP/1.1
Authorization: ********
Content-Length: 28
Content-Type: application/json; charset=UTF-8
Host: api000.backblazeb2.com
Connection: Keep-Alive
User-Agent: Cyberduck/6.9.4.30164 (Windows 10/10.0) (x86)
Accept-Encoding: gzip,deflate
HTTP/1.1 200
Cache-Control: max-age=0, no-cache, no-store
Content-Type: application/json;charset=utf-8
Content-Length: 279
Date: Thu, 06 Jun 2019 15:54:42 GMT
}}}
7.00 connection flow
{{{
[Window Title]
Error
[Main Instruction]
Listing directory / failed.
[Content]
Please contact your web hosting service provider for assistance.
[Expanded Information]
POST /b2api/v2/b2_list_buckets HTTP/1.1
Authorization: ********
Content-Length: 28
Content-Type: application/json; charset=UTF-8
Host: api000.backblazeb2.com
Connection: Keep-Alive
User-Agent: Cyberduck/7.0.0.30869 (Windows 10/10.0) (x86)
Accept-Encoding: gzip,deflate
HTTP/1.1 401
Cache-Control: max-age=0, no-cache, no-store
Content-Type: application/json;charset=utf-8
Content-Length: 62
Date: Thu, 06 Jun 2019 16:02:25 GMT
GET /b2api/v2/b2_authorize_account HTTP/1.1
Authorization: ********
Host: api.backblazeb2.com
Connection: Keep-Alive
User-Agent: Cyberduck/7.0.0.30869 (Windows 10/10.0) (x86)
Accept-Encoding: gzip,deflate
HTTP/1.1 200
Cache-Control: max-age=0, no-cache, no-store
Content-Type: application/json;charset=utf-8
Content-Length: 576
Date: Thu, 06 Jun 2019 16:02:30 GMT
POST /b2api/v2/b2_list_buckets HTTP/1.1
Authorization: ********
Content-Length: 28
Content-Type: application/json; charset=UTF-8
Host: api000.backblazeb2.com
Connection: Keep-Alive
User-Agent: Cyberduck/7.0.0.30869 (Windows 10/10.0) (x86)
Accept-Encoding: gzip,deflate
HTTP/1.1 401
Cache-Control: max-age=0, no-cache, no-store
Content-Type: application/json;charset=utf-8
Content-Length: 62
Date: Thu, 06 Jun 2019 16:02:30 GMT
[^] Hide details [Try Again] [Cancel]
[Footer]
Help
}}}
--
Ticket URL: <https://trac.cyberduck.io/ticket/10725#comment:5>
Cyberduck <https://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows
More information about the Cyberduck-trac
mailing list