elixero icon indicating copy to clipboard operation
elixero copied to clipboard

Published 20 hours ago verified publisher icon MJMortimer

Some special characters in attachment upload names cause 401s

Open MJMortimer opened this issue 7 years ago • 11 comments

I.E - ; [ ]

MJMortimer avatar Mar 11 '17 12:03 MJMortimer

@MJMortimer Do you mean this type of 401?

%{message: %{"oauth_problem" => "token_rejected",
    "oauth_problem_advice" => "Token XXX does not match an expected ACCESS token"},
  status_code: 401}

Is there any workaround? The SDK seems to work fine for my test Xero account but not for the real one :( It works fine with https://www.npmjs.com/package/xero Can you point me to where I might need to make a fix?

jeznag avatar Jan 31 '18 19:01 jeznag

No, the 401 error that this produces are "Failed to validate signature" errors. Reason being, the SDK signs it one way but the API signs it differently and so the signatures don't match

MJMortimer avatar Feb 02 '18 02:02 MJMortimer

Hmm any idea why I might be getting that error with one xero account but not another (bearing in mind it works fine with a Node SDK so is not an issue with the credentials)? Can I ask why you wrote your own oauth module rather than using one of the oauth modules from mix? Is it worth trying that?

jeznag avatar Feb 02 '18 02:02 jeznag

What type of application have you created? If it's a public app you'll need to make sure you are going through the oauth flow each time the token expires after 30 minutes and for each organisation you connect to.

The oauth 1.0 implementation used in the Xero API is a little bit custom and so I wasn't sure if any other oauth modules would work correctly. If you'd like to look into switching it out for another module from mix I'll be happy to look through any changes.

MJMortimer avatar Feb 02 '18 02:02 MJMortimer

It's a private app.

Hmm ok I might try using another module. I noticed the node implementation used an off the shelf oauth module which gives me hope.

jeznag avatar Feb 02 '18 02:02 jeznag

Have you created a private app for each organisation?

MJMortimer avatar Feb 02 '18 02:02 MJMortimer

Yeah it works for one organisation but not the other.

jeznag avatar Feb 02 '18 02:02 jeznag

Weird. Have you tried recreating the failing private app or generating new keys for the failing private app?

Also, I'm sure you've checked this but, have you definitely provided the consumer key and secret in the correct properties in the config (they haven't been mixed up or a character missing off the end etc)

MJMortimer avatar Feb 02 '18 03:02 MJMortimer

Yeah I have. Will try again just in case.

jeznag avatar Feb 02 '18 03:02 jeznag

Also if you've created different signing keys for each you should make sure you're using the correct one

MJMortimer avatar Feb 02 '18 03:02 MJMortimer

For some reason running mix deps.compile fixed this issue. Don't understand why :man_shrugging: Thanks for your help!

jeznag avatar Feb 02 '18 22:02 jeznag