Authentication: Using API and it stopped working

  • 1
  • Question
  • Updated 2 weeks ago
  • (Edited)
I have been using the ShareFile API for authentication to upload files for two applications for over 2 years, and now all of sudden I cannot authentication.  The code is timing out.  Sorry, I am using PHP 5.6.

Has anyone run into this issue, and if yes, how did you solve the issue?

I get as far as the below:

*   Trying 54.209.86.181...
* TCP_NODELAY set
* Connected to XXXXXXXXXXXX port 990 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: C=US; ST=North Carolina; L=Raleigh; O=Citrix Systems, Inc.; OU=ShareFile; CN=*.sharefileftp.com
*  start date: Jan  5 00:00:00 2017 GMT
*  expire date: Mar 10 12:00:00 2020 GMT
*  subjectAltName: host "XXXXXX.sharefileftp.com" matched cert's "*.sharefileftp.com"
*  issuer: C=US; O=DigiCert Inc; CN=DigiCert SHA2 Secure Server CA
*  SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
> POST /oauth/token HTTP/1.1
Host: XXXXXXX.sharefileftp.com:990
Accept: */*
Content-Type:application/x-www-form-urlencoded
Content-Length: 197

* upload completely sent off: 197 out of 197 bytes

I tried using curl from the command line to verify authentication, and I get a "503 Not logged in.".  See below.  The user id and password is correct, and I have validated the client id and client secret:

* About to connect() to nationaldcp.sharefileftp.com port 990 (#0)
*   Trying 52.6.0.127... connected
* Connected to nationaldcp.sharefileftp.com (52.6.0.127) port 990 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
* Server certificate:
*       subject: CN=*.sharefileftp.com,OU=ShareFile,O="Citrix Systems, Inc.",L=Raleigh,ST=North Carolina,C=US
*       start date: Jan 05 00:00:00 2017 GMT
*       expire date: Mar 10 12:00:00 2020 GMT
*       common name: *.sharefileftp.com
*       issuer: CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US
> POST /oauth/token HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: nationaldcp.sharefileftp.com:990
> Accept: */*
> Content-Type: application/x-www-form-urlencoded
> Content-Length: 193
>
220 ftp-ec2.sharefileftp.com FTP Server Ready (SSL)
530 Not logged in.
530 Not logged in.
530 Not logged in.
530 Not logged in.
530 Not logged in.
530 Not logged in.
530 Not logged in.

Any help would be greatly appreciated. I can log in via FileZilla and winSCP over port 990 using the username and password.

Photo of Karen Mency

Karen Mency

  • 2 Posts
  • 0 Reply Likes

Posted 1 month ago

  • 1
Photo of Suh Sai

Suh Sai

  • 21 Posts
  • 5 Reply Likes
Hey Karen,

Are you trying to authenticate through /oauth/token for FTP connection?
Please refer to below article. 
https://support.citrix.com/article/CTX234690

If you can authenticate via FileZilla, it should work with script as well.

Best Regards,
Suh
Photo of Karen Mency

Karen Mency

  • 2 Posts
  • 0 Reply Likes
Suh,

Yes, I am using the /oauth/token for FTP connection from an application.  The web application provides an interface for users to upload files for various reason, and the files are then sent directly to ShareFile FTP site.  The uploaded files are not stored on the Linux server at all.  I call the ShareFile API immediately.

Originally everything was going over port 443 [which doesn't work anylong].  So, I figured I would try port 990, and I can't get past 530 Not logged in.

I only tried from the command line to see if I could capture the fully error.

I followed the snippet of code provided by ShareFile initially 2 years ago, and didn't have any issues until around May 25, 2019.