question

gfernandes avatar image
gfernandes asked

InvalidSessionTicket 50% of the time

Hi friends from PlayFab,

I'm using LoginWithCustomIDRequest for testing purposes in my client.

As soon as I connect to my private game server, I send the client SessionTicket string to it to be authenticated, in order to enable the server to fetch additional data from this client.

The problem is, I keep getting InvalidSessionTicket in my AuthenticateSessionTicket call with almost a 50% chance. Am I doing something wrong?

Authentication
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
JayZuo avatar image
JayZuo answered

That's weird, AuthenticateSessionTicket method does use the session ticket that you've got by a PlayFab client login API. And for now, the session ticket is valid for 24 hours. So if you've send the ticket to your private game server correctly with in 24 hours, there should be no issue. I'd suggest you check the ticket you received in game server to see if it's different from the one send from the client. And also make sure you are using the right secret key in your game server.

Besides, if you just want to fetch additional data in your game server, there is no need to use session ticket. With secret key, you can use all PlayFab Server APIs with no limitation. But if you want to identify the user connected to your server, AuthenticateSessionTicket is needed.

9 comments
10 |1200

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Seth Du avatar image Seth Du ♦ commented ·

It will be better if you share your title ID, so that we can look into it.

0 Likes 0 ·
gfernandes avatar image gfernandes commented ·

My title id is 3169. What I'm doing is pretty straightforward. Whenever my client starts I attempt to log a player using PlayFabClientAPI.LoginWithCustomID. After I've successfully retrieved his SessionTicket, I send it exactly as I received it to my private server. As soon as my server gets it it uses PlayFabServer.AuthenticateSessionTicket to authenticate the user and validate that it's indeed him connecting, and as I told you it strangely sometimes works and sometime it returns InvalidSessionTicket.

Does a ticket get invalidated for any reason other then 24 hours expiration time?

0 Likes 0 ·
gfernandes avatar image gfernandes commented ·

But supposing my sessionTicket is being somehow changed or my secret key in the server is wrong, would it always fail to authenticate?

0 Likes 0 ·
Andy avatar image Andy ♦♦ gfernandes commented ·

I took a quick look at your title. You're definitely getting an error indicating a bad sessionTicket. My best guess would be that the ticket is being modified in some way between when it's returned to the client and presented again by the server. In my own testing, I've been unable to reproduce the error you're hitting without changing the sessionTicket value.

I'd advise putting logging in place on both the client and server and ensuring the values align perfectly.

0 Likes 0 ·
gfernandes avatar image gfernandes commented ·

I think I found out what was happening. My team was using my branch and logging in with the same customID invalidating the other ones already logged in.

Thanks for the help anyway, but it would be interesting to get a message saying a a sessionTicket has expired to differentiate it from an actual invalid string.

0 Likes 0 ·
gfernandes avatar image gfernandes commented ·

Sorry, I looked everything up here and found out what was really causing the problem, besides what commented before that was also contributing to the problem. The protocol I'm using in my socket to send the sessionTicket to my private server was replacing empty spaces " " with "+" and thus invalidating the sessionTicket. So indeed the string was being changed in the process. Thank you all for the help!

0 Likes 0 ·
Show more comments

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.