I verified my domain successfully via Apple Developer Account. But, when I try to call Apple's registerMerchant API they respond with:
statusMessage: Payment Services Exception Domain verification failed for merchantId...
errorMessage=\"exception decoding Hex string: invalid characters encountered in Hex string\""
statusCode: 400
Did anyone encounter this error?
Apple was expecting to find a specific domain-verification-file (that they provided us). When I uploaded the correct file, the issue was resolved.
Related
I use the standard go library golang.org/x/oauth2 to acquire an OAuth2 token from Microsoft users.
This is the oauth2 config I use:
return oauth2.Config{
ClientID: clientID,
ClientSecret: clientSecret,
Endpoint: microsoft.AzureADEndpoint("common"),
Scopes: []string{
"https://graph.microsoft.com/.default",
},
}
This is how I get the redirect URL:
oauth2Config.AuthCodeURL(state, oauth2.ApprovalForce, oauth2.AccessTypeOffline)
And this is how I exchange the code acquired in my oauth2 callback to the oauth2 token:
oauth2Config.Exchange(ctx, code)
I use the same code for integrating with github, google cloud platform, bitbucket and digitalocean. It has been working fine for me and it does work with Microsoft but sometimes I randomly get one of the following errors:
AADSTS90013 Invalid input received from the user
or
AADSTS900144: The request body must contain the following parameter: 'grant_type'.
And I don't understand what might be the reason. The first error potentially could be caused by some JS bugs in the Microsoft consent screen. The second error makes no sense – oauth2 lib sets grant_type value correctly, I search for this error and it says the issue could be in the incorrect encoding which should be x-www-form-urlencoded but I've looked up oauth2 library and confirmed that's exactly what it does.
Or maybe there's a timeout for a repeated acquisition of a token under the same user.
UPD: I get these errors during the exchange of a code to a token
UPD2: I started to get oauth2 errors randomly with other providers, such as DigitalOcean, the errors also happens during the code to a token exchange. Errors like this:
ERROR STACKTRACE: oauth2: cannot fetch token: 400 Bad Request
Response: {"error":"bad_request","error_description":"invalid semicolon separator in query"}{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed."}
could not get auth token
I've looked up values in my oauth2 config, it's all correct, the values however are not url encoded (I assume oauth2 lib handles this).
I've recently upgraded my go to 1.17.6
UPD3: I've noticed that my oauth2 configs both for DigitalOcean and Microsoft didn't have AuthStyle specified, so I've set it manually to oauth2.AuthStyleInParams. But this still didn't resolve the issue. After a few repeated attempts with DigitalOcean it started to randomly return the following error:
Response: {"error":"bad_request","error_description":"invalid semicolon separator in query"}{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed."}
which I don't even think is a valid error, there's no semicolon symbol neither in the request URL nor the body
UPD4. It may sound stupid but when I restart my app (I run-debug it via GoLand) DigitalOcean oauth works just fine until I connect a Microsoft account via oauth2 (which also works fine), but then if I connect (reconnect) DigitalOcean account again then it just stops working ¯_(ツ)_/¯
UPD5. Below is the debug watch of doTokenRoundTrip function inside oauth2 library. The token exchange request returns 400 bad request
The request body:
client_id=[redacter]&client_secret=[redacted]&code=e50e6dc91ec6b855becdef7a32cc4e28684851ccf385b2f6bb667ed6ec1172df&grant_type=authorization_code&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fv1%2Fdigitalocean%2Foauth2%2Fcallback
The URL and the body both looks good to me. However this returns the following error:
Response: {"error":"bad_request","error_description":"invalid URL escape "%\x9b\x06""}{"error":"invalid_request","error_description":"The request is missing a required parameter, includes an unsupported parameter value, or is otherwise malformed."}
UPD6. Exchange request headers:
The issue caused by the extra headers. Normally it should be only Content-Type: application/x-www-form-urlencoded header but as you can see above there are extra headers including Content-Encoding: gzip which probably causes the issues. These headers added after I connect Microsoft account via oauth2, more specifically is because I use microsoft graph sdk (github.com/microsoftgraph/msgraph-sdk-go) after acquiring the token. This SDK implements RoundTripper interface that eventually adds extra headers.
Submitted the issue to graph sdk https://github.com/microsoftgraph/msgraph-sdk-go/issues/91
I think second error refers to the grant_type missing in the config
grant_type:authorization_code,
code: {code you got from the authorization step},
client_secret: ****
Other way of accessing the OAuth 2.0 Token, Please refer this Document
I have deployed the java service (Spring-boot) under the docker container and have been using embedded tomcat with SSL configurations specified in application.properties file.(I am using cert.pem file generated by let's encrypt authority.)
Before making the service https, I was receiving webhooks from Twilio but as soon as I make my services https secured, I stopped receiving callbacks.
In Twilio console, debugger events shows following error:
Twilio was unable to fetch content from: https://example.com:8081/twilio/room-events
Error: Handshake failure: certificate exception
While sending events -> Twilio receiving error:
Msg "Video: Callback request was unsuccessful"
httpResponse "502"
and in header:
X-Twilio-WebhookAttempt 2
X-Twilio-WebhookRetriable true
X-Twilio-Reason Certificate exception: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Content-Length 462
Content-Type text/html
I won't be able to find any solution as I don't have idea about what is happening here.
To resolve the error, I have tried adding certificates in the keystore to resolve the issue (DigicertGlobalRootCA.cert) (source:https://support.twilio.com/hc/en-us/articles/360007853433-Troubleshooting-Certificate-Errors-from-the-Twilio-REST-API)
But it is not resolved yet.
I am using this MultiValueMap<String,String> as a request parameter with POST request to receive the events.
PS : When I am using it in a local with the ngrok setup. it's working perfectly fine.
Thank you for your help.
I was using the cert.pem file provided by the Let's encrypt. Instead of cert.pem, fullchain.pem needs to be used in order to communicate with the external world.(In java keystore)
Used the below URL to find out the SSL validation:
https://www.sslshopper.com/ssl-checker.html
Took reference from this wonderful article for getting information about the certificate chain.
https://medium.com/#superseb/get-your-certificate-chain-right-4b117a9c0fce
I'm using APNS to send push notifications from my app to ~300 devices. I get an error response from APNS with code 8 (invalid token) for some of the devices. When I send again to all devices, I get the code 8 error response again, but for different devices (for some of the devices I always get this error, and for some I never get it).
I sent a request to the APNS feedback service but it did not return any errors for the app (this service should return "expired" tokens - in case the intended app doesn't exist on the device anymore).
I know that the "invalid token" error is commonly a result of environment mismatch - trying to send notifications from the APNS production server to a token that came from the sandbox environment, or vice versa. I can't see how that can be the case here, because the same token sometimes gets an error and sometimes doesn't.
Does anyone know of a different reason for APNS "invalid token" response?
When I try to fetch contacts from gmail, I received this error message:
The page you have requested cannot be displayed. Another site was requesting access to your Google Account, but sent a malformed request. Please contact the site that you were trying to use when you received this message to inform them of the error. A detailed error message follows:
The site "http://url.com" has not been registered.
May I know how to rectify it? Thanks!
Have you tried registering the domain with Google's API?
docs:
https://developers.google.com/accounts/docs/RegistrationForWebAppsAuto#new
resgister url:
https://accounts.google.com/ManageDomains
Also if you are making calls from http and not https you may be seeing problems there too.
I'm working with WebClient for some time now. (using the Mango SDK)
Each time I have an error, the error message is always "Not Found". Either the error is due to login problem, server or page not found. Any error code >= 400 cause the same Exception with the same message and no data.
I tried to use the WebRequest/WebResponse but it seems the problem is always the same.
I mean, I know how to write it correctly in C# (for desktop), but on windows phone, I have no way to access the error code nor the response body.
I found many posts talking about the problem, but no solutions are pointed.
Does anyone have a solution or a workaround (even a dirty one...) I'm open to any suggestion.
That (very misleading) error is often caused by an underlying HTTP error.
If you are using HTTPS, it could be because it's a self-signed (or otherwise unsupported) certificate. You can temporarily get around this by emailing the certificate to an account on the phone, but this won't fly in the marketplace.
If the requests aren't HTTPS, you can run Fiddler to find out what the underlying error is. (Pro tip: The WP emulator will only the use Fiddler if Fiddler was running when it started up so you may have to close it down).
To access the data, you need to get the WebException (it may be the InnerException of what is being thrown) and then you can access the Response