I try sending a notification using Tizen push messaging service.
I get this error
statusCode : 3052
StatusMsg : "error of application authentication failed - header: APPID, regId: 0000000000000000"
I can't figure out why, and I can't find this error in the documentation.
I get this error only when the regId is generated by the Tizen Developer Device (os version 2.1). It works fine with the emulator.
On client-side, we used a native application based on the example 'PushClient'.
cf : https://developer.tizen.org/help/index.jsp?topic=%2Forg.tizen.native.appprogramming%2Fhtml%2Ftutorials%2Fmessaging_tutorial%2Ftask_pushclient.htm
Here's the Request details
URL :
https://apnortheast.push.samsungosp.com:8088/spp/pns/api/push
Request Header :
Content-Type: application/json
Content-Length: 302
appID: APPID
appSecret: APPSECRET
Request Body :
{"regID":["04REGID"],"requestID":"REQUESTID","message":"badgeOption=INCREASE&badgeNumber=1&action=ALERT&alertMessage=1","appData":"{\"title\":\"\",\"description\":\"test\"}"}
Response :
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
Content-Length: 162
Connection: keep-alive
{"results":[{"regID":"","requestID":"","statusCode":3052,"statusMsg":"error of application authentication failed - header: APPID, regId: 0000000000000000"}]}
Any Ideas ?
Finally, We just remove the application on our device.
A new regId has been generated and this one works.
It's still a little bit weird cause it seems that sometimes the generated token doesn't work and I really don't know why.
Related
This question already has an answer here:
How to send an HTTP 4xx-5xx response with CORS headers in an ASPNET.Core web app?
(1 answer)
Closed 3 years ago.
I am migrating and existing angular js app to angular while sticking to an existing api.
I tried to implement a logon (ASP NET / OWIN) and encountered following situation after making a http request to logon endpoint:
All possible server responses (2xx,4xx,5xx) could not be fetched in javascript code.
After researching I found the cause: CORS
This is because new angular app runs on different port than the locally hosted api while the old angular js ab is being hosted on the same port.
So I added following to ValidateClientAuthentication in API:
context.Response.Headers.Append("Access-Control-Allow-Origin", "http://localhost:4200");
context.Response.Headers.Append("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
Now I am finally able to fetch 2xx responsed but still do not get 4xx and 5xx results.
Why is that?
And how is it possible that API calls to other endpoints of same API do not require setting those headers?
UPDATE:
I receive this error message for all 4xx responses even if I have added those headers in API:
:63323/api/logon:1 Failed to load resource: the server responded with a status of 400 (Bad Request)
vendor.js:68504 ERROR TypeError: You provided an invalid object where a stream was expected. You can provide an Observable, Promise, Array, or Iterable.
at subscribeTo (vendor.js:158625)
at subscribeToResult (vendor.js:158782)
at CatchSubscriber.error (vendor.js:151269)
at MapSubscriber.Subscriber._error (vendor.js:147999)
at MapSubscriber.Subscriber.error (vendor.js:147979)
at XMLHttpRequest.onLoad (vendor.js:24621)
at ZoneDelegate.push../node_modules/zone.js/dist/zone.js.ZoneDelegate.invokeTask (polyfills.js:2785)
at Object.onInvokeTask (vendor.js:70070)
at ZoneDelegate.push../node_modules/zone.js/dist/zone.js.ZoneDelegate.invokeTask (polyfills.js:2784)
at Zone.push../node_modules/zone.js/dist/zone.js.Zone.runTask (polyfills.js:2557)
UPDATE 2:
this is the code that handles http request:
return this.httpClient
.post(this.appConfigService.buildAuthorizationUrl('/logon'), data, {
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
})
.toPromise()
.then(
(response: any) => {
// hit when 2xx and cors headers present
},
(error: any) => {
// never hit
}
)
.catch(error => {
// never hit
});
UPDATE 3:
As I understood CORS middleware might(?) drop all heades in case 4xx or 5xx responses which will prevent browsers from fetching responses. But like you can see my 400 response from a different endpoint on my api seems to be valid:
HTTP/1.1 400 Bad Request
Cache-Control: private,no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Length: 112
Content-Type: application/json; charset=utf-8
Expires: 0
Server: Microsoft-IIS/10.0
Access-Control-Allow-Origin: http://localhost:4200
X-AspNet-Version: 4.0.30319
X-SourceFiles: =?UTF-8?B?QzpcVXNlcnNcS2F5IFphbmRlclxEb2N1bWVudHNcZXZlXFNvdXJjZVxJbmZvcnNIVC5HZW5lc2lzQXBpXGF1ZGl0dHJhaWw=?=
X-Powered-By: ASP.NET
X-UA-Compatible: IE=edge
Date: Wed, 06 Nov 2019 16:01:08 GMT
[{"ErrorMessage":"Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.","PropertyName":"Exception"}]
still I encounter the mentioned error message.
Most likely your ASP.NET backend doesn't have CORS enabled, according to the fact that if you set it manually you're able to make a request. If you set a header (e.g. Content-Type) to your request, whether it was manually set or automatically, Angular sends a preflight request for the backend to determine if the resource can be accessed with the specific request headers or not.
There's a built-in support for preflight request handling, which you can enable using attributes to your controllers, and a little configuration in the initial startup class.
For ASP.NET (.NET Framework based) check this guide: https://learn.microsoft.com/en-us/aspnet/web-api/overview/security/enabling-cross-origin-requests-in-web-api
For ASP.NET Core check this one: https://learn.microsoft.com/en-us/aspnet/core/security/cors?view=aspnetcore-3.0
I have a SOAP b2b web service to consume. I'm trying to understand the basic elements of the call and eventually consume it without an app.config / wsdl import and will be using c#.
I imported the wsdl to SOAP UI entered some dummy values for the request data and typed in the password to the request properties. I returned a 500 error, details restricted to local machines.
1 strange aside properties say Authentication Type: No Authorization but without the correct credential I do get a 401.
The Raw SOAP UI Call
GET https://b2b.example.com/yyyb2b/zzz.asmx HTTP/1.1
Host: b2b.example.com
Accept-Encoding: gzip,deflate
Content-Type: text/xml;charset=UTF-8
SOAPAction: "http://www.example.com/yyy/GDDA"
Content-Length: 424
Host: b2b.example.com
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
So I tried to replicate the call in fiddler to see if I could get any better information:
The headers there:
POST /yyyb2b/zzz.asmx HTTP/1.1:
Host: b2b.example.com
Content-Type: text/xml; charset=utf-8
Content-Length: 419
SOAPAction: "http://www.example.com/yyy/GDDA"
Authentication: Basic base64(username:Password)
Fiddler returns a 302 (found) and then a 400 saying bad request - Invalid Header
I tried removing POST /yyyb2b/zzz.asmx HTTP/1.1: as the 'bad header' and got redirected to sign into the gui portion of the web app. The other possible difference I see is the method of authentication.
Why am I getting different errors?
I'm sending a request from my MVC application to my WebAPI where the OAuth2 is implemented. Request is something like:
Content-Type: application/application/x-www-form-urlencoded
Accept: application/json
grant_type:password
username:someusername
password:somepassword
Everything is ok, user is validated with a success, but the response that returns to my MVC is:
StatusCode:BadRequest
Content:invalid_grant
CORS is allowed:
app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
No idea what's wrong. It was working quite good before...
No idea what's wrong. It was working quite good before...
Your request payload is wrong. You indicated application/application/x-www-form-urlencoded as Content-Type which is invalid and unsupported by Web API. The reason you are getting invalid_grant error is because the Web API didn't understand this request and couldn't even read the grant_type parameter from it.
So you could fix your request:
Content-Type: application/x-www-form-urlencoded
Accept: application/json
grant_type=password&username=someusername&password=somepassword
Here we use a standard and correct Content-Type of application/x-www-form-urlencoded and also the request body respects the content type that we indicated.
Alternatively you could have used JSON:
Content-Type: application/json
Accept: application/json
{
"grant_type": "password",
"username": "someusername",
"password": "somepassword"
}
You need to check that you have the "users" in "AspnetUsers" table.
In my case the problem was in the connection string. I have given a wrong db name and it was returning error 400 "invalid_grant". Fixed Db name and now it is working like before.
Got the same issue today.
Local: works fine
Test: works fine
Prod: "invalid_grant"
2 hours of research - nothing
Removed some special chars from password and this start work fine :)
I am trying to watch events resource based on given example using API explorer and Chrome Advanced Rest Client.
https://developers.google.com/google-apps/calendar/v3/push#watch_request_examples
Requst
POST https://www.googleapis.com/calendar/v3/calendars/XXX%40gmail.com/events/watch?key={YOUR_API_KEY}
Content-Type: application/json
Authorization: Bearer ya29.AHES6ZSNBYiHYPu6Y1_5P08hdb-EX5pdF4Ygj5ou_RKp_jOCS5beiDDH
X-JavaScript-User-Agent: Google APIs Explorer
{
"id": "01234567-89ab-cdef-0123456789ab",
"type": "web_hook",
"address": "https://www.example.com/WebHook/Index",
"token": "token=123546"
}
Response
401 Unauthorized
cache-control: private, max-age=0
content-encoding: gzip
content-length: 188
content-type: application/json; charset=UTF-8
date: Thu, 17 Oct 2013 12:49:00 GMT
expires: Thu, 17 Oct 2013 12:49:00 GMT
server: GSE
www-authenticate: Bearer realm="https://www.google.com/accounts/AuthSubRequest", error=invalid_token
{
"error": {
"errors": [
{
"domain": "global",
"reason": "push.webhookUrlUnauthorized",
"message": "Unauthorized WebHook callback channel: https://www.example.com/WebHook/Index"
}
],
"code": 401,
"message": "Unauthorized WebHook callback channel: https://www.example.com/WebHook/Index"
}
}
I have already whitelisted my domain www.example.com
I have already got ssl certificate which is mandatory to receive push
notifications
I googled about this issue , but could not find much help.
Posted same question on google group of calender api, but no response yet. https://groups.google.com/forum/#!topic/google-calendar-api/ZHKwm2xWuNE
can anybody guide, whats wrong with request ?
when you try with API Explorer,it will not use your OAuth2.0 project keys where you have registerd whitelisted domains, maybe it would use another keys
try to use client/lib
Your auth token may be incorrect. Please make sure you are using correct auth token for the calendar you are trying to set watch for
The one step I was missing to get this working was to actually enable the Calendar API in the console. The 401 push.webhookUrlUnauthorized error is really not helpful here.
Finally It worked for me , cause of error "Unauthorized WebHook callback channel" was in Configuration of Project in
Go to Google Developers Console.
Click your project name
Click "API & Auth" Menu on left
then click on sub menu "Push"
Click on Add Domains button which Allows webhook notifications to be
sent to the entered domains
Happy coding :)
PLEASE HELP!! Can't figure out why this simple code given by MSDN doesn't work....
I am using the following code in GetAccessToken() as given in the this MSDN article to get the access token to be used in windows notifications, but it returns "Bad Request 400"
PACKAGE_SECURITY_IDENTIFIER, CLIENT_SECRET are the values obtained when the app was registered with the Windows Store Dashboard
string urlEncodedSid = HttpUtility.UrlEncode(PACKAGE_SECURITY_IDENTIFIER);
string urlEncodedSecret = HttpUtility.UrlEncode(CLIENT_SECRET);
string body = String.Format("grant_type=client_credentials&client_id={0}&client_secret={1}&scope=notify.windows.com", urlEncodedSid, urlEncodedSecret);
string response;
using (WebClient client = new WebClient())
{
client.Headers.Add("Content-Type", "application/x-www-form-urlencoded");
response = client.UploadString("https://login.live.com/accesstoken.srf", body);
}
Any help would be highly appreciated.......
I suspect the problem has to do with either an incorrect package identifier, and / or incorrect client secret.
From the MSDN page Push notification service request and response headers:
RESPONSE DESCRIPTION
--------------- --------------------------
200 OK The request was successful.
400 Bad Request The authentication failed.
Update - I ran the code from the question, using FAKE credentials.
Here is the RAW HTTP request:
POST https://login.live.com/accesstoken.srf HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: login.live.com
Content-Length: 88
Expect: 100-continue
Connection: Keep-Alive
grant_type=client_credentials&client_id=test&client_secret=test&scope=notify.windows.com
Here is the server's RAW response:
HTTP/1.1 400 Bad Request
Cache-Control: no-store
Content-Length: 66
Content-Type: application/json
Server: Microsoft-IIS/7.5
X-WLID-Error: 0x80045A78
PPServer: PPV: 30 H: BAYIDSLGN2A055 V: 0
Date: Thu, 21 Mar 2013 12:34:19 GMT
Connection: close
{"error":"invalid_client","error_description":"Invalid client id"}
You will note that the response is a 400. There is also some json that indicates the type of error. In my case, the error is Invalid client id. You probably want to take a look at your response - it will give you an indication of what happened.
I used Fiddler to debug the request/ response.
I found the reason for the error response. In fact it is the wrong PACKAGE_SECURITY_IDENTIFIER and CLIENT_SECRET.
DO NOT type the values. Because associated ASCII values differ. Therefore it is always better to copy and paste directly.
You will probably will get the access token with the simple code snippet.
Cheers
If you're using the new HttpClient API and you're sure you've copied and pasted the SID/secret values correct, you might be experiencing this issue because of encoding, provided you're using the FormUrlEncodedContent class as the content of your POST operation.
Contrary to the examples in the MSDN documentation, you don't want to URL encode the SID and secret values before adding them to the KeyValuePair collection. This is because encoding is implied by the FormUrlEncodedContent class, though I'm not seeing any documentation for this behavior. Hopefully this saves someone some time because I've been wrestling with this all night...