Here's the error message I get when doing a query :
[Network error]: ServerParseError: JSON.parse: unexpected character at line 1 column 1 of the JSON data
The query works fine locally, when setting the uri of my ApolloClient to http://localhost:4000/graphql, and running the server locally.
However, if I deploy my server to heroku, then set the client's uri to https://my-app.herokuapp.com/ it does not work, I get the error message above. The network tab shows a 404 to the POST request to my heroku app, "cannot POST"
The heroku logs show no error upon pushing.
Any idea what I am missing here ? I have checked all the tutorials I could find, and I don't see anything obvious missing.
Here's my client request :
const client = new ApolloClient({
uri: 'https://my-app.herokuapp.com/',
headers: {
authorization: "Bearer API_KEY",
'content-type': 'application/json'
}
});
Shouldn't the URI be uri: https://my-app.herokuapp.com/graphql ? Since your localhost endpoint is /graphql.
Hope it helps :)
Related
I'm not getting a token back from my epic app.
I'm calling my app (PFI_app, non-prod. client id: [my_client_id]) from a browser script:
FHIR.oauth2.authorize({
'client_id':[my_client_id],
'scope':'openid, fhirUser,PATIENT.READ, PATIENT.SEARCH, OBSERVATION.READ, OBSERVATION.SEARCH',
'redirect_uri':[my_redirect_uri],
'state':'abc123',
'aud':'https://fhir.epic.com/interconnect-fhir-oauth/api/fhir/r4'
});
I get prompted to login at signin.epic.com and i use the credentials FHIR (username) and EpicFhir11!(password), which i got from this page: https://fhir.epic.com/Documentation?docId=testpatients.
at my redirect url page i use the following to get the access token:
FHIR.oauth2.ready()
.then(function(client){
myapp.smart = client
console.log(client);
})
BUT, i keep getting the following error message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
app.html:39 https://fhir.epic.com/interconnect-fhir-oauth/oauth2/token
i get another message saying: URL: https://fhir.epic.com/interconnect-fhir-oauth/oauth2/token
unauthorized_client
this leads me to believe that i logged in with an improper user who isn't authorized.
ultimately, i don't get a token. any idea why? is it because I'm using improper login credentials and therfore that user doesn't have access to get a token.
also, I'm using fhir-client.js not, fhir-client-v2.js, is that a problem?
UPDATE:
so I just waited and token issue resolved itself. perhaps there was a time period I had to wait after changing my epic fhir app information at fhir.epic.com. I changed the "Application Audience" from patients to "clinicians and administrative users." I had been logging in to epic when prompted as an admin for many hours before I wrote this post, but I can't think of anything that I changed to my code. I just waited.
now my last remaining problem is that when I try and search for patients from the sandbox with this code:
var obs = await fetch(myapp.smart["state"]["serverUrl"]+"/Patient?address=123%20Main%20St.&address-city=Madison&address-postalcode=53703&address-state=Wisconsin&family=Mychart&gender=Female&given=Allison&telecom=608-123-4567",{
headers:{
"Accept":"application/json+fhir",
"Authorization":"Bearer"+myapp.smart["state"]["tokenResponse"]["access_token"]
}
}).then(function(data){
return data;
});
var response = await obs.json();
console.log( response );
I get another "unauthorized message":
Failed to load resource: the server responded with a status of 401 (Unauthorized) https://fhir.epic.com/interconnect-fhir-oauth/api/FHIR/R4/Patient?address=123%20Main%20St.&address-city=Madison&address-postalcode=53703&address-state=Wisconsin&family=Mychart&gender=Female&given=Allison&telecom=608-123-4567
this is where I got the syntax for structuring this call to the Patient.search resource:
https://fhir.epic.com/Sandbox?api=932
any ideas why I'm unauthorized to make this call? again, I'm logged in using the provider-facing app user credentials listed here: https://fhir.epic.com/Documentation?docId=testpatients (username: FHIR)
UPDATE:
so I changed the FHIR.oauth2.ready call to include the request and it worked. I'm not sure why I couldn't include the provided token as a Bearer token in fetch but the following worked:
var req = "/Patient?address=123%20Main%20St.&address-city=Madison&address-postalcode=53703&address-state=Wisconsin&family=Mychart&gender=Female&given=Allison&telecom=608-123-4567"
FHIR.oauth2.ready( client => client.request(req) ).then(function(output){
console.log(output); /* should include search results for the patient */
});
thanks for any help
To summarize, I changed the FHIR.oauth2.ready call to include the request and it worked.:
var req = "/Patient?address=123%20Main%20St.&address-city=Madison&address-postalcode=53703&address-state=Wisconsin&family=Mychart&gender=Female&given=Allison&telecom=608-123-4567"
FHIR.oauth2.ready( client => client.request(req) ).then(function(output){
console.log(output); /* should include search results for the patient */
});
In addition, I had to wait a period of time, possibly due to the fact that I made some changes in my epic fhir app.
I am using google business API and trying to get location list.
I am going trough their documentation and using project from the link below as basis
https://developers.google.com/my-business/content/implement-oauth
Using that project I am able to successfully retrieve accounts list.
The problem occures when I try to retrieve locations list using accountID. Here is a link for their documentation
https://developers.google.com/my-business/content/manage-locations
Acording to documentation, to get location list for specific account, I should use following request
GET
https://mybusinessbusinessinformation.googleapis.com/v1/{accountId}/locations
Authorization: Bearer <access_token>
This is the code snippet, that I added to their sample project
function retrieveGoogleMyBusinessLocations(accessToken) {
$.ajax({
type: 'GET',
url: 'https://mybusinessbusinessinformation.googleapis.com/v1/{accID}/locations',
headers: {
'Authorization' : 'Bearer ' + accessToken
},
success: function(returnedData) {
var e = document.createElement("pre")
e.innerHTML = JSON.stringify(returnedData, undefined, 2);
document.body.appendChild(e);
}
});
}
When I do this request, it gives "CORS error".
The error in the console is following
Access to XMLHttpRequest at 'https://mybusinessbusinessinformation.googleapis.com/v1/xxx/locations' from origin 'http://localhost:8001' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
GET https://mybusinessbusinessinformation.googleapis.com/v1/xxx/locations net::ERR_FAILED
From the error message it seems that server does no accept requests from localhost:8001, but if I do request to different endpoint it will return result.
For example if I change utl from
https://mybusinessbusinessinformation.googleapis.com/v1/{accID}/locations
to
https://mybusinessbusinessinformation.googleapis.com/v1/accounts/{accID}/locations?readMask=categories
With the second url it will return successfull result.
I am confused why it is allowing requests to one endpoint and blocks requests to other endpoint.
Can anyone help with this problem?
Have you tried making direct API requests via the Google Developers OAuth 2.0 Playground?
I tried to reproduce your error but got the expected 404 Not Found response for the unsupported endpoint pattern.
I created a microservice in Go that unmarshals the data off of a request body and stores it in DynamoDB. The REST URL runs pretty much anywhere but a browser it seems. When I run the fetch in a browser I get a 403 with no response. I can get a 200 response using a Node script, curl command, or even when using a tool like repl.it to test. For some reason though, it never wants to work in a web app, or the dev console (I'm using Chrome). I tried running the request in multiple websites including the web app I'm building to run it in and all of them gave the same 403 no response result.
In API Gateway, Authorization is set to "none", and API Key is set to "not required", so I'm having a lot of difficulty in seeing how I can get a 403 on my endpoint. On the frontend, my fetch request looks like something below. The curl command that worked is below as well. I followed this post before creating this, and although it's similar, this person does actually get a response, while mine gives me no response. It works as a script, but just doesn't work in the browser. How does this work anywhere but inside a browser? If I can just get some info on what's going on, that would be awesome. If I can get some info on how this can be solved, that would be REALLY awesome.
js
fetch(url, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
data: JSON.stringify({
Email: 'example#test.com'
}),
})
.then(res => res.json())
.then(json => console.log(json))
.catch(e => console.error(e))
curl
curl -H 'application/json' -d '{ "Email": "example#test.com" }' $URL
UPDATE: I discovered what I had going wrong. It was a CORS issue. I was not handling the OPTIONS method that was sent as a preflight request prior to my POST request. The OPTIONS method gets sent automatically when in the browser, but does not if you're running the code anywhere else.
I have a AWS Lambda function that is triggered via AWS API Gateway. When I test my function on Lambda it is working. When I send a POST request to the API url via ajax, I get a 502 bad gateway error.
XMLHttpRequest cannot load https://xxxxxxxx.execute-api.us-east-1.amazonaws.com/prod/myLambdaFunction. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'mywebsite.com' is therefore not allowed access. The response had HTTP status code 502.
Obviously this was a CORS issue, so I thought I could change the CORS settings in my AWS API Gateway URL which I did, but I am still getting an error for this.
What do I have to change on AWS side or my own to be able to POST to the URL?
Unfortunately there is a known issue with many classes of 4xx and 5xx errors where CORS headers will not be sent, even if you've added CORS support via the console.
As noted in comments, the CORS error is a side effect of the fact that your API is returning a 502. This often occurs if you are using the LAMBDA_PROXY integration type and are returning invalid JSON from your Lambda function.
Please try either using the test invoke functionality from the console or enable logging in your API to debug further.
I solved that exact same problem by outputting the CORS header myself.
See below - and I hope that'll help.
Teebo
Amazon docs
function respond(context, responseData) {
var response = {
statusCode: 200,
body: JSON.stringify(responseData),
headers: {
"Content-Type": "application/json; charset=utf-8",
"Access-Control-Allow-Origin": "*"
}
};
context.succeed(response); }
I am testing the jquery ajax calls to the API server from a different domain. Unfortunately I am getting an OPTIONS error. Here is my request code:
$.ajax({
url: "https://localhost:44356/api/Default/",
headers: {
"Authorization": "Bearer " + user.access_token
},
success: function (res) {
logAjaxResult(res);
},
error: function() {
logAjaxResult('Error');
}
}))
Which gives
XMLHttpRequest cannot load https://localhost:44356/api/Default/. Response for preflight has invalid HTTP status code 405.
Normally this is an easy fix - I install Microsoft.AspNet.WebApi.Cors, set up a provider and allow OPTIONS through always. I can see how I would normally do this on the Identity Server box too as there is a CorsProvider you can register up. My issue however is on the API box I am using IdentityServerBearerTokenAuthenticationOptions and I see no CORs options. When I try to set up the WebAPI.cors provider though I get an error saying there are multiple origins set on the server to allow. This indicates to me (correct me if I'm wrong) that the WebApi box has somehow got the CORs settings from my identity server box that is registered as it's authority. Is this right?
How do I configure to allow pre-flight requests with app.UseIdentityServerBearerTokenAuthentication(options)?
Many thanks
This issue was resolved when I found the documentation uses
Microsoft.Owin.Cors
I was using the package
Microsoft.AspNet.WebApi.Cors