ubiquity icon indicating copy to clipboard operation
ubiquity copied to clipboard

Published 20 hours ago verified publisher icon phpMv

REST cache ArrayCache response OK but token no available

Open danihuge opened this issue 2 years ago • 6 comments

Steps

I have a REST api developed with 2.3.11 version and all have been working ok during 2 years. One week ago, the "connect" method is doing weird responses, because the response is ok, token available in response but after getting the connect response, if the user make a request with the token, the response is error (401).

I make a script in python to test the endpoints and I get 30% requests 201 response code and 70% are 401 errors.

Expected Result

The result should be 201, created

Actual Result

{'code': 401, 'status': 500, 'source': {'pointer': 'api/vendor/phpmv/ubiquity/src/Ubiquity/controllers/rest/RestBaseController.php'}, 'title': 'HTTP/1.1 401 Unauthorized, you need an access token for this request'

Versions

  • Ubiquity framework 2.3.11
  • Ubiquity devtools 0.0.19
  • Ubiquity webTools 2.3.12
  • php 7.4

danihuge avatar Oct 11 '22 18:10 danihuge

Since it shows up after 2 years, we can assume that something has been changed on the server. It remains to find out what...

Have you checked the existence and the contents of the cache file app/cache/rest/_apiTokens.php?

jcheron avatar Oct 12 '22 23:10 jcheron

That is I said to server provider, no changes in our side so something changed in serve side, but they say "no", they tested systems, SSD HD, memory and said all is ok.

Yes, I checked the content and seems ok:

3600,"length"=>10,"tokens"=>array("XXXXXX"=>array("creationTime"=>1665521637),"XXXXX"=>array("creationTime"=>1665521649))); there are never more than 2 or 3 tokens and the content is correct, right?

danihuge avatar Oct 13 '22 05:10 danihuge

Just for verification (of the server's access rights to the cache file and folder in particular), if you delete this cache file, is it recreated after a connection to the api?

jcheron avatar Oct 13 '22 09:10 jcheron

Old file renamed, new request done and file created and content is ok.

danihuge avatar Oct 13 '22 17:10 danihuge

You should see if your sent request contains the token in the Authorization Field: image

Did you try to test your api from the Rest part of the webtools to see if you had the same problem? image

jcheron avatar Oct 13 '22 21:10 jcheron

Yes, the request contains the token, I did a mini python script to test in and it fails if I add a sleet(2) between the requests but when there is no delay between the requests, it fails.

I added a fix, overwriting the "connect" method adding the delay before sending the response and waiting the confirmation if it is working ok.

It is not the best solution, but hope that working back again...

Thanks

danihuge avatar Oct 14 '22 05:10 danihuge