We began seeing these DocuSign exceptions 09/24/2019:
DocuSign \ eSign \ ApiException (401)
[401] Error connecting to the API (https://NA3.docusign.net/restapi/v2/login_information)
None of the code surrounding our DocuSign logic has been touched for almost six months. So I'm at a loss as to why this exception is being thrown.
We're using the following packages (relating to this):
laravel/framework v5.8.35
docusign/esign-client 3.0.1
tucker-eric/docusign-rest-client 1.0.0
tucker-eric/laravel-docusign 0.1.1
I've tried to update the packages with composer thinking they might have made updates to fix something, but it didn't change anything other than throw USER_AUTHENTICATION_FAILED instead of the exceptions' message above.
As I said, no code has been touched, and I have very little experience with the DocuSign API, and making matters worse this was an old developer's code...
I am able to hit the endpoint, and authenticate with our credentials, using Postman and it seems to work fine. So again, I'm not sure how this just started happening.
The code from our controller:
$parcel = request('parcel_id');
$subdivision = $user->subdivision_id;
$subEmail = Subdivision::where('id', $user->subdivision_id)->pluck('email')->first();
$move = Move::create([
'full_name' => request('full_name'),
'email' => request('email'),
'phone_number' => request('phone_number'),
'parcel_id' => $parcel,
'direction' => request('direction'),
'action_date' => request('action_date'),
'user_id' => auth()->id(),
'subdivision_id' => $subdivision
]);
$residentTabs = array(
array(
'tabLabel' => env('MOVE_IN_ADDRESS_FIELD'),
'value' => $move->parcel->MailingAddress
),
array(
'tabLabel' => env('MOVE_IN_DATE_RESIDENT_FIELD'),
'value' => $move->action_date->format('m/d/Y')
),
array(
'tabLabel' => env('MOVE_IN_EMAIL_FIELD'),
'value' => $move->email
),
array(
'tabLabel' => env('MOVE_IN_PRIMARY_PHONE_FIELD'),
'value' => $move->phone_number
),
array(
'tabLabel' => env('MOVE_IN_FULL_NAME_FIELD'),
'value' => $move->full_name
)
);
$pmTabs = array(
array(
'tabLabel' => env('MOVE_IN_PM_ADDRESS_FIELD'),
'value' => $move->parcel->MailingAddress
),
array(
'tabLabel' => env('MOVE_IN_PM_DATE_FIELD'),
'value' => $move->action_date->format('m/d/Y')
),
);
$templateRoles = array(
array(
'email' => $move->email,
'name' => $move->full_name,
'roleName' => 'Resident',
'tabs' => array(
'textTabs' => $residentTabs
)
),
array(
'email' => $subEmail,
'name' => $user->name,
'roleName' => 'Property Manager',
'tabs' => array(
'textTabs' => $pmTabs
)
)
);
$envelopeDefinition = array(
'status' => 'sent',
'templateId' => env("DOCUSIGN_TEMPLATE_ID"),
'templateRoles' => $templateRoles
);
$contract = DocuSign::get('envelopes')->createEnvelope($envelopeDefinition);
The last line is where the exception is thrown, and the function throwing the exceptions is:
vendor/docusign/esign-client/src/ApiClient.php::callApi
We expect it to work as it has, throwing no exceptions and creating the envelope successfully.
However, we have been seeing USER_AUTHENTICATION_FAILED and general 401 exceptions.
Any help is appreciated!
Your token may have expired. Not sure how it was created and what authentication mechanism you are using. You need to check where is the token and the header in the REST API calls that is using it. It may be that was hardcoded, or was there a refresh token used to keep obtaining new tokens and that process broke.
If you're getting an Authentication failure while trying to hit the login_information endpoint, it's likely that your application is using Legacy Header authentication with an invalid password.
I'd recommend the following:
Try to log in to the web console at www.docusign.net, and perform a Password Reset if necessary
Once you are able to log in, update the stored credentials in the application
2FA or forced Single Sign-On will both block Legacy Header auth. If either is in place, they will need to be disabled, or you will need to switch to one of the Account Server auth workflows.
Related
I have configured an identification provider (IdP) part of a SSO system, using SimpleSAMLphp.
The main sections of my configuration files:
config/config.php
$config = array(
[...]
'enable.saml20-idp' => true,
'enable.shib13-idp' => true,
[...]
);
config/authsources.php
$config = array(
[...]
'*-sql' => array(
'sqlauth:SQL',
'dsn' => 'mysql:host=*.*.*.*;port=*;dbname=*',
'username' => '*',
'password' => '*',
'query' => 'SELECT *
FROM users
WHERE username = *
AND password = *',
),
[...]
);
metadata/saml20-idp-hosted.php
$metadata['__DYNAMIC:1__'] = array(
'host' => '__DEFAULT__',
'privatekey' => '../cert/*.key',
'certificate' => '../cert/*.pem',
'auth' => '*-sql',
'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
'authproc' => array(
3 => array(
'class' => 'saml:AttributeNameID',
'attribute' => 'uid',
'Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent',
),
),
);
metadata/saml20-idp-remote.php
$metadata['https://www.video2brain.com/shibboleth'] = array(
'AssertionConsumerService' => 'http://*/Shibboleth.sso/SAML2/POST',
'SingleSignOnService' => 'http://*/Shibboleth.sso/SAML2/POST',
'SingleLogoutService' => 'http://*/Shibboleth.sso/SLO/POST',
);
The certificates and metadata were successfully configurated. The SSO works fine.
But the service provider (SP) has requested that the IdP has to pass more info of the logged user. The authentication is passed when the query returns a row, but i can't access to the fields in the SELECT.
Currently, the final POST request that my IdP sent to their SP has the following parameters:
HTTP_SHIB_IDENTITY_PROVIDER=https://*/metadata.php,
HTTP_SHIB_AUTHENTICATION_INSTANT=2015-10-20T09:04:42Z,
HTTP_SHIB_AUTHENTICATION_METHOD=urn:oasis:names:tc:SAML:2.0:ac:classes:Password,
HTTP_SHIB_AUTHNCONTEXT_CLASS=urn:oasis:names:tc:SAML:2.0:ac:classes:Password,
HTTP_EMAIL=*#*.*,
HTTP_PERSISTENT_ID=!https://*/shibboleth-sp!6faa919dda0e40e5e42088bcd9beb639ed4dfa5e
And they want the full name of the user in a new parameter. Something like that:
[...]
HTTP_USER_NAME=FooUserName
I have tried using the "Adding attributes (core:AttributeAdd)" method but doesn't work. Is possible do that? Any doc, resource or example for this will be helpful.
Thanks.
I set the parameter as "givenName" instead of "name", and it works!
In the auth query, I put an alias for the user "name" as "givenName".
In the idp-hosted, in the "authproc" key I used de AttributeMap method to add the "givenName".
I did these things before, but I was trying to use "name" as the final parameter "name", and didn't work until I use "givenName".
Someone could say me why?
The parameter name is no configurable?
May be the SP and the IdP has to configure the same name in both sides?
For MailChimp API 2.0 there was a method 'batch-subscribe', to send in an array of email addresses to be added to a specific list in MailChimp.
How to implement this in the new Rest Architecture based MailChimp API 3.0?
See https://github.com/mailchimp/APIv3-examples/wiki/Overview
It says it would work with array of objects
But by the schema it only accepts an object
Schema https://us9.api.mailchimp.com/schema/3.0/Lists/Members/Collection.json
MailChimp API v3.0 is now live! and they've also added a better batch operations feature which lets you make multiple operations in just one call.
You can use below code with the help of this php wrapper for MailChimp apiV3 for the batch operations.
$data1 =array(
'email_address' => 'testingmail1#gmail.com',
'status' => 'subscribed',
'merge_fields' => array('FNAME' => 'Testing', 'LNAME' => 'Mail1'));
$data2 =
array(
'email_address' => 'testingmail2#example.com',
'status' => 'subscribed',
'merge_fields' => array('FNAME' => 'Testing', 'LNAME' => 'Mail2'));
$attributes = array(
'operations' => array(
array(
'path' => 'lists/' . $listID . '/members',
'method' => 'POST',
'body' => json_encode($data1)
),
array(
'path' => 'lists/' . $listID . '/members',
'method' => 'POST',
'body' => json_encode($data2)
),
));
$response = $MailChimp->post('batches/', $attributes);
The page you're linking to look like docs from the beta, but either way, they say that batch operations aren't yet implemented. FWIW, the real docs also list Batch Operations as a part of the roadmap, so I doubt they're done yet.
This is not an issue at the Mailchimp end. You just need to use arrays and objects properly.
Good batch subscribe example you can find here https://rudrastyh.com/wordpress/wp-users-to-mailchimp-list.html#batch_subscribe_php
Yeah. It was an issue at the Mailchimp end. We reported it and they got it fixed in a day or so.
I am working on a project where we will be creating both subdomains as well as domains in Route53. We are hoping that there is a way to do this programmatically. The SDK for PHP documentation seems a little light, but it appears that createHostedZone can be used to create a domain or subdomain record and that changeResourceRecordSets can be used to create the DNS records necessary. Does anyone have examples of how to actually accomplish this?
Yes, this is possible using the changeResourceRecordSets call, as you already indicated. But it is a bit clumsy since you have to structure it like a batch even if you're changing/creating only one record, and even creations are changes. Here is a full example, without a credentials method:
<?php
// Include the SDK using the Composer autoloader
require 'vendor/autoload.php';
use Aws\Route53\Route53Client;
use Aws\Common\Credentials\Credentials;
$client = Route53Client::factory(array(
'credentials' => $credentials
));
$result = $client->changeResourceRecordSets(array(
// HostedZoneId is required
'HostedZoneId' => 'Z2ABCD1234EFGH',
// ChangeBatch is required
'ChangeBatch' => array(
'Comment' => 'string',
// Changes is required
'Changes' => array(
array(
// Action is required
'Action' => 'CREATE',
// ResourceRecordSet is required
'ResourceRecordSet' => array(
// Name is required
'Name' => 'myserver.mydomain.com.',
// Type is required
'Type' => 'A',
'TTL' => 600,
'ResourceRecords' => array(
array(
// Value is required
'Value' => '12.34.56.78',
),
),
),
),
),
),
));
The documentation of this method can be found here. You'll want to take very careful note of the required fields as well as the possible values for others. For instance, the name field must be a FQDN ending with a dot (.).
Also worth noting: You get no response back from the API after this call by default, i.e. there is no confirmation or transaction id. (Though it definitely gives errors back if something is wrong.) So that means that if you want your code to be bulletproof, you should write a Guzzle response handler AND you may want to wait a few seconds and then run a check that the new/changed record indeed exists.
Hope this helps!
Yes, I done using changeResourceRecordSets method.
<?php
require 'vendor/autoload.php';
use Aws\Route53\Route53Client;
use Aws\Exception\CredentialsException;
use Aws\Route53\Exception\Route53Exception;
//To build connection
try {
$client = Route53Client::factory(array(
'region' => 'string', //eg . us-east-1
'version' => 'date', // eg. latest or 2013-04-01
'credentials' => [
'key' => 'XXXXXXXXXXXXXXXXXXX', // eg. VSDFAJH6KXE7TXXXXXXXXXX
'secret' => 'XXXXXXXXXXXXXXXXXXXXXXX', //eg. XYZrnl/ejPEKyiME4dff45Pds54dfgr5XXXXXX
]
));
} catch (Exception $e) {
echo $e->getMessage();
}
/* Create sub domain */
try {
$dns = 'yourdomainname.com';
$HostedZoneId = 'XXXXXXXXXXXX'; // eg. A4Z9SD7DRE84I ( like 13 digit )
$name = 'test.yourdomainname.com.'; //eg. subdomain name you want to create
$ip = 'XX.XXXX.XX.XXX'; // aws domain Server ip address
$ttl = 300;
$recordType = 'CNAME';
$ResourceRecordsValue = array('Value' => $ip);
$client->changeResourceRecordSets([
'ChangeBatch' => [
'Changes' => [
[
'Action' => 'CREATE',
"ResourceRecordSet" => [
'Name' => $name,
'Type' => $recordType,
'TTL' => $ttl,
'ResourceRecords' => [
$ResourceRecordsValue
]
]
]
]
],
'HostedZoneId' => $HostedZoneId
]);
}
If you get any error please check into server error.log file. If you get error from SDK library then there is might PHP version not supported.
if you run this code from your local machine then you might get "SignatureDoesNotMatch" error then Make sure run this code into same (AWS)server environment.
Explanation:
Attempting to use this OAuth2 Plugin for CakePHP:
https://github.com/thomseddon/cakephp-oauth-server
Have followed the instructions, and am now going to this URL:
http://mysite/oauth/login?response_type=code&client_id=NGYcZDRjODcxYzFkY2Rk&
redirect_url=http%3A%2F%2Fwww.return_url.com
(We had made a client in the database with the same info he used in the example)
It brings up a log-in box for Email and Password, but fails authentication every time. I believe it's failing because by the time it gets to Cake's FormAuthenticate->authenticate() method, the settings have reverted to 'username'=>'username' and 'passwordHasher'=>'Simple'.
If we add these lines to the FormAuthenticate (above $fields = ...):
$this->settings['fields']['username'] = 'email';
$this->settings['passwordHasher'] = 'Blowfish';
Then the log-in works successfully.
Things We've tried:
Putting this in our AppController, the OAuthAppController, the OAuthController (all in beforeFilter):
$this->OAuth->authenticate = array(
'userModel' => 'Members',
'fields' => array(
'username' => 'email'
)
);
We've tried changing it to the new format like 2.3 in all of those places, as well as in the initial $components array in my AppModel:
$this->OAuth->authenticate = array(
'Form' => array(
'passwordHasher' => 'Blowfish',
'fields' => array('username'=>'email', 'password'=>'password'),
)
);
Closing:
At this point, I'm looking for any way (other than modifying the actual CakePHP core) to get it to be able to log-in with email instead of username (and hopefully that will solve the same issue with having it revert from Blowfish to Simple as well.
We've already tried heavily modifying the OAuth Plugin (to no avail) and aren't opposed to trying that again, but we can't figure out what to change.
Instead of using this in the OAuthController:
$this->OAuth->authenticate = array(
'Form' => array(
'passwordHasher' => 'Blowfish',
'fields' => array('username'=>'email', 'password'=>'password'),
)
);
Change it to this (notice removal of the "O" so it calls the regular "Auth"):
$this->Auth->authenticate = array(
'Form' => array(
'passwordHasher' => 'Blowfish',
'fields' => array('username'=>'email', 'password'=>'password'),
)
);
Or, take it a step further, and set your $this->OAuth->authenticate array in your own AppController, then, in the OAuthController do this (instead of the above):
$this->Auth->authenticate = $this->OAuth->authenticate;
I am trying to create a coupon in big commerce using their API. I am using the following code after connecting with the store.
$coupon = array('name' => 'somecoupon', 'type' => 'percentage_discount', 'amount' => '50.0', 'code' => '50off', 'enabled' => true);
echo Bigcommerce::createCoupon($coupon);
I simply copied the code from their
Support Page
All the other codes on that page work but create coupon doesnt work. If I use get coupons codes, they work perfectly but creating coupon is not working what so ever. Any ideas on this?
Any help would be highly appreciated.
Thanks
The developer page neglects to mention that 'applies_to' is also a required field, hence why your code is failing.
Try
$coupon = array('name' => 'somecoupon', 'type' => 'percentage_discount', 'amount' => '50.0', 'code' => '50off', 'enabled' => true, 'applies_to'=> array('entity' => 'categories', 'ids' => array('value' => 0)));
echo Bigcommerce::createCoupon($coupon);