ably-dotnet
ably-dotnet copied to clipboard
ably
Unable to use token auth in Unity app
I've implemented a token endpoint which is working as expected from the js sdk, but when I try to use it from the dotnet/unity sdk like this:
_ablyRealtime = new(new ClientOptions
{
AuthUrl = new Uri("https://{auth url}"),
UseTokenAuth = true,
AutomaticNetworkStateMonitoring = false,
CustomContext = SynchronizationContext.Current,
AutoConnect = false,
});
I am unable to connect and always get the unhelpful error message:
[ErrorInfo Reason: Error executing request. Invalid token request body; timestamp must be string or number (See https://help.ably.io/error/40001); Code: 40001; StatusCode: 400 (BadRequest); Href: https://help.ably.io/error/40001]
Using the API key directly works, but as you've stated yourself in this article, it is a really bad idea to embed the api key in the app. How can I fix this?
Tested in both Unity 2022.3.42f and Unity 6000.0.23f, Ably sdk 1.2.15
┆Issue is synchronized with this Jira Task by Unito
I would recommend using AuthCallback instead that sends explicit HTTP request to authURL.
This will be as per doc -> https://github.com/ably/ably-dotnet?tab=readme-ov-file#using-the-token-auth-at-client-side
This will also help with debugging/ logging the response.
Thanks for the reply, even though this is somewhat cumbersome in Unity since I can't use the native UnityWebRequests in that context (they only work on the main thread 🤷). Using a httpClient and obtaining what seems like a proper auth token request:
{"capability":"{\"*\":[\"publish\",\"subscribe\"]}","clientId":" ... ","timestamp":"1732544065231","keyName":" ... ","nonce":"ac41aef9f06f...489022f","mac":"qGVakBs...70VZRU="}
(I truncated the data just to be sure)
But when I return that from the authCallback I still get the same error message, and to me the timestamp value seems fine...?
Can you try lower versions of unity-package and try the same? Like 1.2.14 or 1.2.13 or lower.
We had fixed one of the issue related to tokenRequest as a part of 1.2.15. Ideally, it shouldn't introduce this bug, but just trying to understand if It caused the same.
When I downgrade to 1.2.14 I get another error:
[ErrorInfo Reason: Invalid accessToken in request: %7B%22capability%22%3A%22%7B%5C%22notification... (See https://help.ably.io/error/40005 for help.); Code: 40005; StatusCode: 400 (BadRequest); Href: https://help.ably.io/error/40005]
I am using Nuget for Unity by the way, I need it for some other packages as well and it is very convenient. I assume the unitypackage is just the dll's packaged with the dependencies, right?
Edit: 1.2.13 returns the same error as 1.2.14
I wouldn't recommend using that one. We have official instructions to include .unitypackage file as per
https://github.com/ably/ably-dotnet/blob/main/unity/README.md
Sure, downgraded to the 1.2.8 package and that gives me the same error as the 1.2.15 package gave me:
Reason: [ErrorInfo Reason: Invalid token request body; timestamp must be string or number (See https://help.ably.io/error/40001); Code: 40001; StatusCode: 400 (BadRequest); Href: https://help.ably.io/error/40001]
(at this point I start questioning myself a little, that truncated response above looks correct, right?)
Also, I'd like to point out that the Unity version works just fine when using the API key (both nuget and package versions)
Okay, you try using API_KEY for now, with latest version. We will see and check if we can fix the issue in near future 👍