sdk_python icon indicating copy to clipboard operation
sdk_python copied to clipboard

Published 20 hours ago verified publisher icon bunq

ApiContext.create with all_permitted_ip=["ipv4"] raises BadRequestException: HTTP Response Code: 400 /w Error message: User credentials are incorrect. Incorrect API key or IP address.

Open tlrh314 opened this issue 5 years ago • 0 comments

I want to create an ApiContext /w all_permitted_ip to whitelist

Steps to reproduce:

  1. Create Sandbox user, type: Person at https://developer.bunq.com/portal/sandbox

  2. Show API key, copy API key.

  3. Paste the API key into variable api_key = "sandbox_key" in the snippet below

  4. Open a Python interpreter and execute the following code

from sdk_python.bunq.sdk.context.api_environment_type import ApiEnvironmentType
from sdk_python.bunq.sdk.context.bunq_context import ApiContext

api_key = "sandbox_a76bcd644603c90fafbdde6ae33bfb07a14c7dec4d8c31152eb270d0"
all_permitted_ip = ['10.0.0.1']

api_context = ApiContext.create(
    ApiEnvironmentType.SANDBOX, 
    api_key, 
    "MyDescription",
     all_permitted_ip=all_permitted_ip
)
api_context.save("ding")

What should happen:

  1. bunq.sdk.context.api_context.ApiContext.__initialize_installation is called, succeeds
  2. bunq.sdk.context.api_context.ApiContext. __register_device is called, succeeds
  3. bunq.sdk.context.api_context.ApiContext.__initialize_session is called, succeeds
  4. An instance of bunq.sdk.context.api_context.ApiContext is returned and stored into the variable api_context
  5. A json-looking ding with the following content is written to disk
{
    "api_key": "sandbox_a76bcd644603c90fafbdde6ae33bfb07a14c7dec4d8c31152eb270d0",
    "environment_type": "SANDBOX",
    "installation_context": {
        "private_key_client": "-----BEGIN PRIVATE KEY-----\nsecret\n-----END PRIVATE KEY-----",
        "public_key_client": "-----BEGIN PUBLIC KEY-----\nsecret\n-----END PUBLIC KEY-----",
        "public_key_server": "-----BEGIN PUBLIC KEY-----\nsecret\n-----END PUBLIC KEY-----",
        "token": "secret"
    },
    "session_context": {
        "expiry_time": "yyyy-dd-mm hh:mm:ss.xxxxxx",
        "token": "secret",
        "user_id": 1337
    }
}

What happens:

---------------------------------------------------------------------------
BadRequestException                       Traceback (most recent call last)
<ipython-input-2-1f739464c03b> in <module>
      5 all_permitted_ip = ['10.0.0.1']
      6
----> 7 api_context = ApiContext.create(
      8     ApiEnvironmentType.SANDBOX,
      9     api_key,

~/sdk_python/bunq/sdk/context/api_context.py in create(cls, environment_type, api_key, description, all_permitted_ip, proxy_url)
     64
     65         api_context.__initialize_installation()
---> 66         api_context.__register_device(description, all_permitted_ip)
     67         api_context.__initialize_session()
     68

~/sdk_python/bunq/sdk/context/api_context.py in __register_device(self, device_description, permitted_ips)
    138         from bunq.sdk.model.core.device_server_internal import DeviceServerInternal
    139
--> 140         DeviceServerInternal.create(
    141             device_description,
    142             self.api_key,

~/sdk_python/bunq/sdk/model/core/device_server_internal.py in create(cls, description, secret, permitted_ips, custom_headers, api_context)
     59         request_bytes = converter.class_to_json(request_map).encode()
     60         endpoint_url = cls._ENDPOINT_URL_CREATE
---> 61         response_raw = api_client.post(endpoint_url, request_bytes,
     62                                        custom_headers)
     63

~/sdk_python/bunq/sdk/http/api_client.py in post(self, uri_relative, request_bytes, custom_headers)
     95              request_bytes: bytes,
     96              custom_headers: Dict[str, str]) -> BunqResponseRaw:
---> 97         return self._request(
     98             self.METHOD_POST,
     99             uri_relative,

~/sdk_python/bunq/sdk/http/api_client.py in _request(self, method, uri_relative, request_bytes, params, custom_headers)
    129         )
    130
--> 131         self._assert_response_success(response)
    132
    133         if self._api_context.installation_context is not None:

~/sdk_python/bunq/sdk/http/api_client.py in _assert_response_success(self, response)
    190
    191         if response.status_code != self.STATUS_CODE_OK:
--> 192             raise ExceptionFactory.create_exception_for_response(
    193                 response.status_code,
    194                 self._fetch_all_error_message(response),

BadRequestException: HTTP Response Code: 400
The response id to help bunq debug: 2b317243-17ef-4da8-846f-86ea09d17446
Error message: User credentials are incorrect. Incorrect API key or IP address.

Traceback

SDK version and environment

  • Tested on 1.14.0, commit 2ba6b48e4f98f195c1ce699882228e2aae8f7d24
  • [x] Sandbox, in the snippet above
  • [x] Production, same issue but not explicitly included in this bug report.

Response id

  • Response id: 2b317243-17ef-4da8-846f-86ea09d17446

Extra info:

The following all_permitted_ip lists result in the same error

  • all_permitted_ip = ["3.126.137.112"], Repsonse id: 67888c76-bcfd-4d84-bab1-71955a4018cc
  • all_permitted_ip = ["3.126.137.112", "52.57.125.176"], Response id: 026a2c3a-bdd8-4ad3-97ca-925a4c0fb2fc
  • all_permitted_ip = ["3.126.137.112", "52.57.125.176", "18.184.75.177"], Response id: 588a761a-6153-4819-a4f9-36771ca7daa2

The following all_permitted_ip list results in a slightly different error

  • all_permitted_ip = ["3126137112"], Response id: 61403765-4fdf-4f52-b926-d8b1303a2384 /w Error message: "3126137112" is not a valid IP address.

It does work to allow all ip addresses using

  • all_permitted_ip = ["*"]

tlrh314 avatar Aug 17 '20 13:08 tlrh314