Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG]关于0.412新增加的token前缀的问题如何使用? #167

Open
wordgao opened this issue Jul 31, 2024 · 15 comments
Open

[BUG]关于0.412新增加的token前缀的问题如何使用? #167

wordgao opened this issue Jul 31, 2024 · 15 comments
Assignees
@dingdayu @dchaofei
Labels
bug Something isn't working question Further information is requested

Comments

@wordgao
Copy link

wordgao commented Jul 31, 2024

ubuntu docker 运行傀儡服务
使用默认值tls,go-wechaty连接失败
测试禁用tls,go-wechaty连接失败。

go-wechaty 设置token前缀,测试开启与禁用tls也链接失败。

请问这个如何使用的。
0.410正常链接的环境,
目前看到版本更新看到0.411开始了token前缀。包括0.412版本在内,目前不知道如何使用的。
@wordgao wordgao added bug Something isn't working question Further information is requested labels Jul 31, 2024
@dchaofei
Copy link
Collaborator

dchaofei commented Aug 1, 2024

请贴下错误日志

@dchaofei
Copy link
Collaborator

dchaofei commented Aug 1, 2024
edited
Loading

如果是自己生成的 token,可以用这种格式 {$type}_xxxxxxxxx, 比如 puppet_padlocal_xxxxxxxxx、insecure_xxxxxxxxx

参考:https://github.com/wechaty/token?tab=readme-ov-file

@wordgao
Copy link
Author

wordgao commented Aug 1, 2024
edited
Loading

自己生成的token,pupet是padlocal_xxx类型的,
我使用0.410的可以正常链接,
当版本更换为0.42的时候提示需要使用前缀insecure_,但一直链接不上去,

当我尝试去掉或保留docker配置中的tls配置的时候,
使用0.42无论是否添加前缀依然无法连接上。

@wordgao
Copy link
Author

wordgao commented Aug 1, 2024
edited
Loading

image: wechaty/wechaty:1.20

docker中主要配置项
environment:
- WECHATY_PUPPET_PADLOCAL_TOKEN=puppet_padlocal_a2085d9ce9654b43af640ca7458bf501
- WECHATY_PUPPET_SERVER_PORT=1234
- WECHATY_PUPPET=wechaty-puppet-padlocal
- WECHATY_LOG=verbose
- WECHATY_PUPPET_SERVICE_NO_TLS_INSECURE_SERVER=true
- WECHATY_PUPPET_SERVICE_NO_TLS_INSECURE_CLIENT=true
- WECHATY_TOKEN=ce8f6c05-9c6b-41c3-8a0b-1684d8ce51ff
0.4.10通过token=ce8f6c05-9c6b-41c3-8a0b-1684d8ce51ff可以正常链接,

升级版本到0.4.12并修改下面的2项,无论是true还是false又或者是直接删除,问题依旧无法连接上。

- WECHATY_PUPPET_SERVICE_NO_TLS_INSECURE_SERVER=false
- WECHATY_PUPPET_SERVICE_NO_TLS_INSECURE_CLIENT=false

  0.4.12中的token有增加前缀insecure_xxxxxxxxx.测试,因为不添加前缀程序直接报错,并提示需要添加前缀。

@wordgao
Copy link
Author

wordgao commented Aug 1, 2024
edited
Loading

- WECHATY_PUPPET_SERVICE_NO_TLS_INSECURE_SERVER=true
- WECHATY_PUPPET_SERVICE_NO_TLS_INSECURE_CLIENT=true

0.4.10正常可连接,升级到0.4.12客户端不做任何修改后的错误提示。

ERRO[2024-08-01 16:06:14.983] puppet start err: PuppetService Start() rejection: startGrpcStream err:rpc error: code = Unavailable desc = name resolver error: token insecure_ce8f6c05-9c6b-41c3-8a0b-1684d8ce51ff does not exist module=wechaty

去掉前缀客户端token insecure_后的错误提示

`
ERRO[2024-08-01 16:07:22.671] w.initPuppet err: wechaty Puppet Service requires a SNI as prefix of the token.
You can add the "insecure_" prefix to your token
like: "insecure_ce8f6c05-9c6b-41c3-8a0b-1684d8ce51ff
and try again module=wechaty

`

修改docker配置变量后

- WECHATY_PUPPET_SERVICE_NO_TLS_INSECURE_SERVER=false
- WECHATY_PUPPET_SERVICE_NO_TLS_INSECURE_CLIENT=false

tokern无前缀提示

`
ERRO[2024-08-01 16:09:12.755] w.initPuppet err: wechaty Puppet Service requires a SNI as prefix of the token.
You can add the "insecure_" prefix to your token
like: "insecure_ce8f6c05-9c6b-41c3-8a0b-1684d8ce51ff
and try again module=wechaty

`

增加token前缀insecure_ece8f6c05-9c6b-41c3-8a0b-1684d8ce51ff后的错误提示

`
ERRO[2024-08-01 16:09:53.681] puppet start err: PuppetService Start() rejection: startGrpcStream err:rpc error: code = Unavailable desc = name resolver error: token insecure_ece8f6c05-9c6b-41c3-8a0b-1684d8ce51ff does not exist module=wechaty

`

@dchaofei
Copy link
Collaborator

dchaofei commented Aug 1, 2024

确认下 docker 中的环境变量 WECHATY_TOKEN 有加前缀吗?要和 go-wecahty 启动使用的 token 一致才能服务发现到

@dchaofei
Copy link
Collaborator

dchaofei commented Aug 1, 2024

如果确认两边 token 都有加前缀,go-wecahty 还是无法找到这个 token,可以试试用工具看能不能找到你的 token

https://github.com/wechaty/token?tab=readme-ov-file

wechaty-token discover insecure_xxxxxx

@wordgao
Copy link
Author

wordgao commented Aug 1, 2024

尝试添加过,问题依旧,我现在在测试看看,不知道是不是服务端的uid被缓存了。

@wordgao
Copy link
Author

wordgao commented Aug 1, 2024
edited
Loading

请问那个 TLS 是设置true,还是false.
- WECHATY_PUPPET_SERVICE_NO_TLS_INSECURE_SERVER=false
-
- WECHATY_PUPPET_SERVICE_NO_TLS_INSECURE_CLIENT=false

@dchaofei
Copy link
Collaborator

dchaofei commented Aug 1, 2024

export WECHATY_PUPPET_SERVICE_NO_TLS_INSECURE_CLIENT="true"
export WECHATY_PUPPET_SERVICE_NO_TLS_INSECURE_SERVER="true"

这是我的配置

@dchaofei
Copy link
Collaborator

dchaofei commented Aug 1, 2024

是在不行你把token直接用 padlocal 的token,不用自己生成也行

@wordgao
Copy link
Author

wordgao commented Aug 1, 2024
edited
Loading

刚刚测试设置为true成功了。修改了变量token增加前缀。
我这么测试过,当时也是链接不成功的,又可能是服务端被缓存了,所以链接不上去。

@wordgao
Copy link
Author

wordgao commented Aug 1, 2024

请问一下这个变量的值,按照主站的逻辑,设置为true为禁用,如果设置为false则是默认开启状态。
那这个前缀的意思是证书,还是配合tls开启才是完整的模式。

@dchaofei
Copy link
Collaborator

dchaofei commented Aug 1, 2024

typescript 版本 wechaty 是默认开启的,但是我在为 go-wechaty 适配 tls 时,发现原证书标准太旧导致 go-wecahty 无法解析,所以 go-wechaty 就默认设置禁用了
wechaty/puppet-service#160 (comment)

@dchaofei
Copy link
Collaborator

dchaofei commented Aug 1, 2024

请问一下这个变量的值,按照主站的逻辑,设置为true为禁用,如果设置为false则是默认开启状态。 那这个前缀的意思是证书,还是配合tls开启才是完整的模式。

事实上这个前缀和tls没有必然的联系

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dingdayu dingdayu

@dchaofei dchaofei

Labels
bug Something isn't working question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dingdayu @wordgao @dchaofei