bannerColor WARNING_YELLOW templateName poodleSSLVulnerability

500 Internal Server Error when authorizing user

11 posts / 0 new
Last post
Nicolò Taddei's picture
Joined: 2012-12-03
Dec 18, 2012
500 Internal Server Error when authorizing user

I'm using the linkedin class http://code.google.com/p/simple-linkedinphp/. It worked fine until two days ago. During the login flow there's a 500 internal server error on https://www.linkedin.com/uas/oauth/authorize?oauth_token=[token received]. After the token the pages adds to the link "&scope=" and everything stops. Is this a Linkedin bug?

i'm going crazy, do any of you have the same problem? Do you know what might be the problem?
Thank you.

Attached_file: 
Kamyar Mohager's picture
LinkedIn Employee
Joined: 2012-04-04
Dec 18, 2012

Thanks for reporting Nicolo. Currently taking a look now

Kamyar

Kamyar Mohager's picture
LinkedIn Employee
Joined: 2012-04-04
Dec 18, 2012

I'm curious for you to attempt authorization again. I do see that we had some internal issues a few hours ago but they've since been resolved. Please let me know.

Thanks,
Kamyar

Nicolò Taddei's picture
Joined: 2012-12-03
Dec 19, 2012

hi Kamyar, I've just tried now. Still not working. We are currently connecting from Florence (Italy) and the time is 09:50. I've tried yesterday all day long but nothing changed. It looks like the server loads a few js libraries and then just stops.

Nicolò Taddei's picture
Joined: 2012-12-03
Dec 19, 2012

nothing more? still having problems. Its only during authorization. If a user who has authorized my app in the past logs in everything goes perfect. In case of a user who has to authorize my app to access his information everything blocks. I've tried also changing the app key and secret with a new app, still the same. I've tried using it from different ip's and I always get the error. It looks like my code is faulty, but it worked up to the other day! I've tried removing scopes, but nothing changed

Kamyar Mohager's picture
LinkedIn Employee
Joined: 2012-04-04
Dec 19, 2012

Hi Nicolo,

Can you provide the actual request (with headers) and response (featuring the 500 error?)

Thanks,
Kamyar

Nicolò Taddei's picture
Joined: 2012-12-03
Dec 20, 2012

My request goes to api.linkedin.com:

Request URL:https://api.linkedin.com/uas/oauth/authenticate?oauth_token=bc17fbaf-11a0-41b9-aff2-aff1dc8d70eb
Request Method:GET
Status Code:302 Moved Temporarily
Request Headersview source
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Cookie:bcookie="v=2&c4e4291a-4395-4c73-a1c0-0d2b63e32c90"; __qca=P0-112733107-1355928352949; lang="v=2&lang=en-us"; lihc_auth_en=1355992137; __utma=226841088.54978348.1355992141.1355992141.1355992141.1; __utmc=226841088; __utmz=226841088.1355992141.1.1.utmcsr=developer.linkedin.com|utmccn=(referral)|utmcmd=referral|utmcct=/thread/3097; __utmv=226841088.guest
DNT:1
Host:api.linkedin.com
Referer:http://h37.cynny.com/lk?login
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.97 Safari/537.11
Query String Parametersview URL encoded
oauth_token:bc17fbaf-11a0-41b9-aff2-aff1dc8d70eb
Response Headersview source
Age:1
Connection:keep-alive
Content-Encoding:gzip
Date:Thu, 20 Dec 2012 09:19:00 GMT
Location:https://www.linkedin.com/uas/oauth/authenticate?oauth_token=bc17fbaf-11a0-41b9-aff2-aff1dc8d70eb
Server:Apache-Coyote/1.1
Transfer-Encoding:chunked
Vary:Accept-Encoding
X-LI-UUID:kOSFfGV20RIwi+tPsCoAAA==

who redirects to www.linkedin.com

Request URL:https://www.linkedin.com/uas/oauth/authenticate?oauth_token=bc17fbaf-11a0-41b9-aff2-aff1dc8d70eb
Request Method:GET
Status Code:302 Moved Temporarily
Request Headersview source
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Cookie:X-LI-IDC=C1; bcookie="v=2&c4e4291a-4395-4c73-a1c0-0d2b63e32c90"; __qca=P0-112733107-1355928352949; visit="v=1&M"; L1e=57b4246f; leo_auth_token="LIM:50337514:a:1355991604:682089fd4c31d71b97c830dfa434c267d475c4f4"; JSESSIONID="ajax:7567119375491534610"; lang="v=2&lang=en-us"; X-LI-IDC=C1; lihc_auth_en=1355992137; __utma=226841088.54978348.1355992141.1355992141.1355992141.1; __utmc=226841088; __utmz=226841088.1355992141.1.1.utmcsr=developer.linkedin.com|utmccn=(referral)|utmcmd=referral|utmcct=/thread/3097; __utmv=226841088.guest
DNT:1
Host:www.linkedin.com
Referer:http://h37.cynny.com/lk?login
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.97 Safari/537.11
Query String Parametersview URL encoded
oauth_token:bc17fbaf-11a0-41b9-aff2-aff1dc8d70eb
Response Headersview source
Age:0
Connection:keep-alive
Content-Encoding:gzip
Content-Language:en-US
Date:Thu, 20 Dec 2012 09:19:01 GMT
Location:https://www.linkedin.com/uas/oauth/authorize?oauth_token=bc17fbaf-11a0-41b9-aff2-aff1dc8d70eb&state=
P3P:CP="CAO DSP COR CUR ADMi DEVi TAIi PSAi PSDi IVAi IVDi CONi OUR DELi SAMi UNRi PUBi OTRi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT POL PRE"
Server:Apache-Coyote/1.1
Set-Cookie:lw=1355995141; Domain=linkedin.com; Expires=Thu, 20-Dec-2012 09:59:01 GMT; Path=/
Set-Cookie:sl="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie:lang="v=2&lang=en-us"; Version=1; Domain=linkedin.com; Path=/
Set-Cookie:_lipt=deleteMe; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Set-Cookie:leo_auth_token="LIM:50337514:a:1355995141:b5aa92295fb7227209bd21b85f09adb586cdfe71"; Version=1; Max-Age=7775999; Expires=Wed, 20-Mar-2013 09:19:00 GMT; Path=/
Transfer-Encoding:chunked
Vary:Accept-Encoding
X-LI-UUID:7/QvWce2MNx46gI6L95hZw==

who redirects to authorize:

Request URL:https://www.linkedin.com/uas/oauth/authorize?oauth_token=bc17fbaf-11a0-41b9-aff2-aff1dc8d70eb&state=
Request Method:GET
Status Code:500 Internal Server Error
Request Headersview source
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Cookie:X-LI-IDC=C1; bcookie="v=2&c4e4291a-4395-4c73-a1c0-0d2b63e32c90"; __qca=P0-112733107-1355928352949; visit="v=1&M"; L1e=57b4246f; JSESSIONID="ajax:7567119375491534610"; X-LI-IDC=C1; lihc_auth_en=1355992137; __utma=226841088.54978348.1355992141.1355992141.1355992141.1; __utmc=226841088; __utmz=226841088.1355992141.1.1.utmcsr=developer.linkedin.com|utmccn=(referral)|utmcmd=referral|utmcct=/thread/3097; __utmv=226841088.guest; leo_auth_token="LIM:50337514:a:1355995141:b5aa92295fb7227209bd21b85f09adb586cdfe71"; lw=1355995141; lang="v=2&lang=en-us"
DNT:1
Host:www.linkedin.com
Referer:http://h37.cynny.com/lk?login
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.97 Safari/537.11
Query String Parametersview URL encoded
oauth_token:bc17fbaf-11a0-41b9-aff2-aff1dc8d70eb
state:
Response Headersview source
Age:2
Connection:keep-alive
Content-Encoding:gzip
Content-Language:en-US
Content-Type:text/html;charset=UTF-8
Date:Thu, 20 Dec 2012 09:19:01 GMT
Server:Apache-Coyote/1.1
Set-Cookie:_lipt=deleteMe; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
Transfer-Encoding:chunked
Vary:Accept-Encoding
X-Frame-Options:SAMEORIGIN
X-LI-UUID:Gpzi/YIVk2jONJJOWOkx8g==

Nicholas Pezas's picture
Joined: 2012-12-20
Dec 20, 2012

Sorry for interjecting here, but I have run out of options! I can't view or edit my profile, or view the profile of my contacts, although I log-in successfully (or so I think/the system lets me think). I tried going to Help Center but when I click it does not load (circles go round and round...). I can see that on the url some kind of authentication is taking place, but unfortunately it comes out false (I have no clue why) and it stays frozen, thus not giving me a chance to report my problem and/or request help. I posted a question about this (successfully!) and besides some ridiculous comments, I had one more lady who said she is having the same problem and asked me to inform her if I discover what is wrong (or a fix). I have spent hours trying things on my browser/laptop (clear cache, remove cookies, reload browser w/o plug-ins, rebooting laptop, changing browser (usually I run MFF; tried Chrome and had same problem). I am not a developer, I am better at h/w :) Thanks for pushing my problem to the right cue... Nicholas Pezas (MSEE).

Nicolò Taddei's picture
Joined: 2012-12-03
Dec 25, 2012

noone can help?

PRASANTA KUMAR PARDHI's picture
Joined: 2013-01-22
Jan 23, 2013

I am trying to get Authorization window by passing following URL in IE and Firefox but getting "500 Internal Server Error"

https://api.linkedin.com/uas/oauth/authenticate?oauth_token=[OAuth User Token]

I don't know why ??? May be I am doing something wrong. Any help ???

Alex Notov's picture
Joined: 2012-05-07
Jan 24, 2013

Hi everyone. I think I've run into a similar/related/identical error.

I've documented in detail in a stackoverflow question:

http://stackoverflow.com/questions/14498161/why-can-i-not-generate-a-valid-oauth-token-using-command-line-curl-for-the-linke

I hope this will get someone at LinkedIn to get on the horn about it with us :)