Did Plaid Change Something About It's MFA? - plaid

I had this little piece of code working perfectly returning account and transactions objects in response to the Plaid MFA questions. I'm not sure what went wrong as I (had not until it stopped working and I've since tried a few things) did not touch the code (to my recollection) and even checked several previous working versions to be safe. Anyhow I now get the following list of errors given the scenario:
1) If I try to US Bank MFA, it returns an MFA and after I answer it also returns a account and transactions object. At the end of that info in my terminal it also returns events.js 85 throw er; // Unhandled error event
2) If I try USAA or Bank of America I get the following error object for my response:
{ code: 1203,
message: 'invalid mfa',
resolve: 'The MFA response provided was not correct.',
access_token: 'test_bofa' }
It returns the MFA question though and when I answer with 'again', I get:
{ type: 'questions',
mfa: [ { question: 'You say tomato, I say...?' } ],
access_token: 'test_bofa' }
events.js:85 throw er; // Unhandled 'error' event
plaid.connect({username: req.body.cardName, password: req.body.cardPass, pin: req.body.pin}, req.body.type,
'test#plaid.com',
function (error, response, mfa) {
if (response == undefined) {
res.send(response);
} else if (response.hasOwnProperty('accounts')) {
res.send(response);
} else if (response.hasOwnProperty("mfa")) {
res.send(response);//If I remove this response it kicks me out right away. But with it, I receive an undefined MFA response.
plaid.step(response.access_token, req.body.answer, function (err, response) {
if (response == undefined) {
res.send(response);
} else if (response.hasOwnProperty("resolve")) {
res.send(response);
} else if (response.hasOwnProperty('accounts')) {
res.send(response);
} else if (response.hasOwnProperty('mfa')) {
res.send(response);
}
}
)
}
else {
response = "error";
response.send("something went wrong with Plaid");
}
}
)
}

As i understand during testing mfa code should be string or and array(if there are few questions). So if you enter mfa as an int you will get error.
'again' mfa will call one more mfa loop, and 'tomato' will finalize it.

Related

Handling REST API server response

I've been working with REST API CodeIgniter for more than a year and usually when I want to return any response I will return 200 for all kind of request. I know that there are status code provided for all response but I am actually quite wondering, is it wrong if I use 200 for all response? And determine the data status with true and false.
Here is the sample code that I always use. Let's say to check whether the user is exist or not.
CodeIgniter REST API
$user = [ 'id' => 1, 'name' => 'John Doe' ];
$this->response([
'status' => !empty($user) ? true : false,
'user' => $user
], REST_Controller::HTTP_OK);
React Native
try {
const res = await axios.get('https://www.example.com/retrieve-user?user_id=3');
if (res.status == 200){
if(res.data.status == true){
// user found
} else {
// user not found
}
} else {
alert('Internal server error.')
}
} catch (err) {
console.error(err);
}
Based on the example, I am actually depending on the status code 200 to determine if there is an error in the server (code error, invalid request, etc).
So my question is, is it okay to stick with this method?
Given your API, yes handling code 200 seems enough as your API might not return any other HttpCode.
Given a bigger API (even simple), no.
Your API might return a 204/404 if no user if found with given id.
Your API might return a 503 if your API is under deployment (and unavailable) or under maintenance, and you may retry 30 seconds later.
Your API might reject request if a given header is missing (Content-Type ...) and return a 400...
EDIT 1 :
if (res.status == 200){
// user found
} else if (res.status == 204) {
// user not found
} else {
alert('An error occured')
}

Invalid Response Error with Alexa SDK v2

For 2 days now, I have the issue that my lambda function using the ask-sdk-core v2.0.2 returns invalid responses.
A very simple setup:
HelloIntent is handled by HelloIntentHandler:
const HelloIntentHandler = {
canHandle(handlerInput) {
return handlerInput.requestEnvelope.request.type === 'HelloIntent';
},
handle(handlerInput) {
const speechText = 'Hello back';
return handlerInput.responseBuilder
.speak(speechText)
.reprompt(speechText)
.getResponse();
}
};
When I call this intent, the simulator goes straight to:
There was a problem with the requested skill's response
Using the ErrorHandler, I checked and the results of handlerInput.requestEnvelope.request.error are:
{ type: 'INVALID_RESPONSE',
message: 'An exception occurred while dispatching the request to the skill.' }
Question: What is the problem here? When I open the skill using the invocation name, the LaunchRequestHandler gets called and responds properly, but any other intent does not work.
Okay I found the problem, it is sort of difficult to deduct from the above error:
canHandle(handlerInput) {
return handlerInput.requestEnvelope.request.type === 'IntentRequest'
&& handlerInput.requestEnvelope.request.intent.name === 'HelloIntent';
},
In the canHandle function, you need to check for the request type and intent name.

How can I invoke an error in my Stripe.card.createToken function?

I'm using stripe in React and processing the charge through an AJAX call.
I've tried to strip down the Stripe.card.createToken function to the bare essentials for this question.
The if else statement checks if the response has any errors.
I use the 4100000000000019 card number to ensure a card declined error but the else statement(the successful charge) fires regardless which card number is entered.
Entering the 4100000000000019 card number results in a blocked charge in the Stripe dashboard. An error definitely gets generated:
{
"error": {
"message": "Your card was declined.",
"type": "card_error",
"code": "card_declined",
"decline_code": "generic_decline",
"charge": "ch_19gMBaIWHxnqld7LCdbCtdNz"
}
}
But the if(response.error) is ignored and runs the else statement.
Stripe.card.createToken({
number: $('.card-number').val(),
cvc: $('.card-cvc').val(),
exp_month: $('.card-expiry-month').val(),
exp_year: $('.card-expiry-year').val(),
name: $('.first-name').val()
}, function(status, response){
if (response.error) {
this.reportError(response.error.message);
} else { // No errors, submit the form.
var token = response.id;
$.ajax({
type: 'POST',
url: 'components/charge.php',
data : {
stripeToken: token
},
success: function(data,response) {
paymentSuccessful();
},
error: function(data,textStatus) {
console.log("Ajax Error!");
}
});//$.ajax
}//else
});//Stripe.card.createToken
Any help is much appreciated.
Moe
UPDATE: Thanks to this awesome tutorial by Larry Ullman and it's section on stripe error handling, I came up with a fairly good solution.
http://www.larryullman.com/2013/01/30/handling-stripe-errors/
So I added the if else statment inside the AJAX success function.
success: function(data,response) {
if(data == "success"){
$('#payment-error-copy').text("Your payment was successful. Thank you for ordering!");
paymentSuccessful();
} else {
$('#payment-error-copy').text(data);
}
};//success function
Inside the charge we can return the error response and the precise reason for the error.
my charge.php file
<?php
require_once('vendor/autoload.php');
// Get the payment token submitted by the form:
$token = $_POST['stripeToken'];
try{
\Stripe\Stripe::setApiKey("<secret_KEY>");
$customer = \Stripe\Customer::create(array(
"source" => $token,
"email" => $email
)
);
// Charge the Customer instead of the card
\Stripe\Charge::create(array(
"amount" => $price, // amount in cents, again
"currency" => "aud",
"description" => $email." ".$first_name,
"customer" => $customer->id
)
);
echo "success";
} catch (\Stripe\Error\ApiConnection $e) {
// Network problem, perhaps try again.
$e_json = $e->getJsonBody();
$error = $e_json['error'];
echo "Sorry, your charge couldn't be processed. Reason: ".$error['message'];
} catch (\Stripe\Error\InvalidRequest $e) {
// You screwed up in your programming. Shouldn't happen!
$e_json = $e->getJsonBody();
$error = $e_json['error'];
echo "Sorry, your charge couldn't be processed. Reason: ".$error['message'];
} catch (\Stripe\Error\Api $e) {
// Stripe's servers are down!
$e_json = $e->getJsonBody();
$error = $e_json['error'];
echo "Sorry, your charge couldn't be processed. Reason: ".$error['message'];
} catch (\Stripe\Error\Card $e) {
// Card was declined.
$e_json = $e->getJsonBody();
$error = $e_json['error'];
echo "Sorry, your charge couldn't be processed. Reason: ".$error['message'];
}
?>
The try catch statement returns a precise message about the charge error and returns it to our success function, so if the charge is anything other than success it runs the error function.
Although my question remains unanswered, the build works as expected and still remains safe for the user to enter their billing info.
Thanks to the other SO users for their input, it is really appreciated.
I think this particular card number only gives an error when Stripe actually tries to use it.
Just built a change-card-function for my SaaS and noticed that when I update my StripeCustomer default source with the token received, it fails.

Cloud Code Error - This user is not allowed to perform the get operation on _User

I am using the master key but still see this error.
Error: This user is not allowed to perform the get operation on _User. You can change this setting in the Data Browser. (Code: 119, Version: 1.2.19)
This also seems to break a lot of other stuff like registration. I just want to make sure users can only change or set their username to something that does NOT start with a number and is alphanumeric. (compliant with channel names)
function usernameIsValid(username) {
if (isNaN(parseInt(username[0])) && username.match(/^[a-z0-9]+$/i)) {
return true;
} else {
return false;
}
}
Parse.Cloud.beforeSave(Parse.User, function(request, response) {
Parse.Cloud.useMasterKey();
if (usernameIsValid(request.object.get("username"))) {
response.success();
} else {
response.error();
}
});

How to properly throw and handle errors in promises in Sails.js?

I'm starting to convert my callback code to promises in Sails.js, but I don't understand how I can raise custom errors and handle them in the promise chain. Sails.js uses Q as its promise library.
User.findOne({email: req.param('professorEmail'), role: 'professor'})
.then(function (user) {
if (user) {
return Course.create({
user_id: user.id,
section: req.param('section'),
session: req.param('session'),
course_code: req.param('course_code')
});
} else {
// At this point `user` is undefined which means that no professor was found so I want to throw an error.
// Right now the following statement does throw the error, but it crashes the server.
throw new Error('That professor does not exist.');
// I want to be able to handle the error in the .fail() or something similar in the promise chain.
}
}).then(function (createSuccess) {
console.log(createSuccess);
}).fail(function (err) {
console.log(err);
});
Right now the .fail() is never called because the thrown error crashes the server.
Use .catch() instead of .fail().
Waterline's claim complete Q promise object after the first then seems untrue by your test. I've verified it myself as well and found a workaround.
You can do this :
var Q = require('q');
[...]
Q(User.findOne({email: req.param('professorEmail'), role: 'professor'}))
.then(function (user) {
if (user) {
return Course.create({
user_id: user.id,
section: req.param('section'),
session: req.param('session'),
course_code: req.param('course_code')
});
} else {
// At this point `user` is undefined which means that no professor was found so I want to throw an error.
// Right now the following statement does throw the error, but it crashes the server.
throw new Error('That professor does not exist.');
// I want to be able to handle the error in the .fail() or something similar in the promise chain.
}
}).then(function (createSuccess) {
console.log(createSuccess);
}).fail(function (err) {
console.log(err);
});
This will return a true Q promise.

Resources