I've created a new API Proxy and deployed revision 1 into production, but when I call my API I just get:
HTTP 500 Internal Server Error
{
"fault": {
"faultstring": "Internal server error APIProxy revision 1 of MyProxy does not exist in environment prod of organization MyOrg",
"detail": {
"errorcode": "messaging.adaptors.http.ServerError"
}
}
}
Not the most helpful error message in history. Any pointers where to start debugging this would be very helpful, thanks!
You appear to be using the wrong url for your API, so it could not be found. If you haven't added any API key checking or additional authorization, you should be able to copy the url directly from the API details page in the prod Deployments line. Start a trace session and paste that url into the URL box. Test what happens when you do that trace.
If you have any additional security or other features that would alter the API, you would need to make those changes to the URL before sending it. If you're still having a problem, send an email to help#apigee.com.
Related
I have a web service with basic auth (via custom database check in code) that returns HTTP 401 + SOAP FAULT message when user credentials are wrong. This works in my local IIS 7 but not in Azure...
When I move it to Azure, via App Service, and I insert bad credentials, I always get the following message:
HTTP 401
"You do not have permission to view this directory or page.".
But I want my custom error message in SOAP Fault format!
After hours of research I have found that if my code returns a response with HTTP 401 status, Azure translate this to the end-user like the message above, ignoring my custom error message.
I made another example with a "hello world" SOAP endpoint:
[WebMethod]
public string HelloWorld()
{
HttpContext.Current.Response.StatusCode = 401;
return "Hello world";
}
In my local IIS I got HTTP 401 "Hello world", but when I deploy this to Azure I got the same "Yout do not have permissions..."
¿How can I disable/avoid/dodge Azure 401 message transformation and return my own custom error message (SOAP FAULT)?
Note: I've already tried to disable authentication in Azure app service, enabling with "allow anonymous requests", etc.
Solution
The problem was in IIS. Adding the following line to my web.config works.
<httpErrors existingResponse="PassThrough" />
More info: https://stackoverflow.com/a/47307706/3763467
I will keep the same title/tags for other people facing the same problem and thinks the problem is in Azure.
It sounds like your web.config file might be setup to have custom errors turned on.
Can you please check your web.config file and set customer errors to on?
<customErrors="off" />
I'm trying to generate requests to fire at our new versions of our .net web apps in IIS in order to start the app pools and warm them up.
The different versions are bound to local IPs and I'm trying to hit them with the following request as it looks like it will do the job:
Invoke-WebRequest 'http://172.28.36.31' -Headers #{host="www.mydomain.com"}
Now got the above working.
Any ideas on getting the same request to work over https and ignore and self signed cert warnings? There's a couple of options to ignore the warnings but haven't seen anything to use an ip with a custom host (akin to a local host entry)
You are getting a non-success http status code from the server which makes PowerShell throw an exception. Based on the "Object moved to here" message I assume it's going to be a redirect response.
You can check the status code by modifying your call like this:
try {
$response = Invoke-WebRequest 'http://172.28.36.31' -Headers #{host="www.mydomain.com"}
} catch {
$_.Exception.Response.StatusCode.Value__
}
EDIT: I was able to resolve the original error here when I realized my ROOT URL was set to my IP address rather than my domain. However, I now have a new issue. My client ID is the same as the original post below. This works fine in the local app, but in production, the popup flashes for a second and then the login box displays "Internal Server Error". I can't see any other messages that would explain it.
I am using the service-configuration package to load the settings, as follows:
ServiceConfiguration.configurations.upsert(
{ service: "google" },
{
$set: {
clientId: "************",
loginStyle: "popup",
secret: "***********"
}
}
);
If I add ?close to the end of my Authorized redirect URI, the Google popup comes up with a redirect_uri_mismatch error, showing the URI without ?close. I think there was an issue resolved here but it at least shows me that my project in Google is being recognized.
ORIGINAL POST
I am setting up an OAuth 2.0 client ID for accounts-google in Meteor and am seeing the following error:
400. That’s an error.
Error: invalid_request
Invalid parameter value for redirect_uri: Raw IP addresses not allowed:
http://***.***.***.***/_oauth/google
My Client ID in Google:
Authorized Javascript Origins
http://localhost:3000
http://myApp.com
Authorized redirect URIs
http://localhost:3000/_oauth/google
http://myApp.com/_oauth/google
I understand I must not be properly pointing the domain to the IP address. I have already set up an A record and the site works fine in other regards though, so not sure what step I missed.
I have recently moved a project over to another server. The domain name is the same, it has just been pointed to the new server. The URL is exactly the same. Since moving the project over however I get this error when the app tries to connect to googles OAuth api.
{
"name": "Error calling GET https:\/\/www.googleapis.com\/analytics\/v3\/management\/accounts\/~all\/webproperties\/~all\/profiles?key=AIzaSyBKUP8JriiOnFnbJm_QYt_bHTMuHf-ilAI: (403) There is a per-IP or per-Referer restriction configured on your API key and the request does not match these restrictions. Please use the Google Developers Console to update your API key configuration if request from this IP or referer should be allowed.",
"url": "\/analytics\/statistics.json"
}
The obvious reason (based on the error message) would be that I haven't added the new server IP into the list of allowed IP's in the devlopers console under APIs & auth->Credentials->Key for server applications.
I have added the IP. I've checked the domain has propagated by pinging it and the new IP comes up which has been entered in the console so i'm struggling to work out why it doesn't work.
Has anybody come across this before that may be able to help me solve it?
Go to Project -> APIs & Auth -> Credentials -> API Key -> Create New Key -> Browser Key. It may take upto 5 minutes to reflect changes.
And it worked for me.
After you added your new server IP you need to generate a new API key from the Console. This message shows up when access in not properly configured. Look here and scroll down to "accessNotConfigured".
So, go to your developer console, Project -> APIs & Auth -> Credentials -> Public API Access -> Create New Key -> Server Key. Use this new key and you should be good to go.
I've had this problem for a while as well but finally solved it:
I noticed when trying wget http://bot.whatismyipaddress.com/ from my server it would actually return an IPv6-address, when on the API key's config page I had entered the IPv4-Address of my server. Once I added the IPv6-Address, my requests where finally accepted.
Go to Project -> APIs & Auth -> Credentials -> Public API Access -> Create New Key -> Server Key >> Accept requests from these server IP addresses (Optional) section,
then remove all the IP Address and Update it first, then try it. And, later you can add the specific IP address which did weirdly work for me.
I have an Apigee proxy that has two resources (/resource1 and /resource2). If tried to access /resource3. How do I return a 404 error instead of the Apigee default fault?
Apigee displays the below fault string:
{
"fault": {
"faultstring": "The Service is temporarily unavailable",
"detail": {
"errorcode": "messaging.adaptors.http.flow.ServiceUnavailable"
}
}
}
Thanks
Currently the way flows work in apigee this way - It parses through your default.xml (in proxy) and tries to match your request with one of the flow either through the path-suffix like "/resource1, /resource2" or VERB or any other condition you might have. If it does not find any matching condition, it throws the error like above.
You can add a special flow which will be kicked in if the condition matches none of the valid flows you have. You can add a raisefault policy in that flow and add a custom error response through that flow.
A better solution is to:
be sure to define something in the base path of all Proxy APIs
create an additional Proxy API called "catchall" with a base path of "/" and with just a Raise fault throwing a 404
Apigee execute Proxy APIs from longest Base Path to shortest; the catchall will run last and always throw back a 404
I just want to clarify Vinit's answer. Vinit said:
If it does not find any matching condition, it throws the error like above.
Actually, if no matching flow condition is found, the request will still be sent through to the backend. The error you mentioned:
{
"fault": {
"faultstring": "The Service is temporarily unavailable",
"detail": {
"errorcode": "messaging.adaptors.http.flow.ServiceUnavailable"
}
}
}
was returned after attempting to connect to the backend without matching a flow.
Vinit's solution to raise a fault to create the 404 is the best solution for your requirements.
In some cases, however, it is appropriate to pass all traffic through to the backend (for example, if you don't need to modify each resource at the Apigee layer, and you don't want to have to update your Apigee proxy every time you add a new API resource). Not matching any flow condition would work fine for that use case.