Some special characters in attachment upload names cause 401s about elixero HOT 11 OPEN

@MJMortimer Do you mean this type of 401?

%{message: %{"oauth_problem" => "token_rejected",
    "oauth_problem_advice" => "Token XXX does not match an expected ACCESS token"},
  status_code: 401}

Is there any workaround? The SDK seems to work fine for my test Xero account but not for the real one :( It works fine with https://www.npmjs.com/package/xero Can you point me to where I might need to make a fix?

from elixero.

No, the 401 error that this produces are "Failed to validate signature" errors. Reason being, the SDK signs it one way but the API signs it differently and so the signatures don't match

from elixero.

Hmm any idea why I might be getting that error with one xero account but not another (bearing in mind it works fine with a Node SDK so is not an issue with the credentials)? Can I ask why you wrote your own oauth module rather than using one of the oauth modules from mix? Is it worth trying that?

from elixero.

What type of application have you created?
If it's a public app you'll need to make sure you are going through the oauth flow each time the token expires after 30 minutes and for each organisation you connect to.

The oauth 1.0 implementation used in the Xero API is a little bit custom and so I wasn't sure if any other oauth modules would work correctly. If you'd like to look into switching it out for another module from mix I'll be happy to look through any changes.

from elixero.

It's a private app.

Hmm ok I might try using another module. I noticed the node implementation used an off the shelf oauth module which gives me hope.

from elixero.

Have you created a private app for each organisation?

from elixero.

Yeah it works for one organisation but not the other.

from elixero.

Weird.
Have you tried recreating the failing private app or generating new keys for the failing private app?

Also, I'm sure you've checked this but, have you definitely provided the consumer key and secret in the correct properties in the config (they haven't been mixed up or a character missing off the end etc)

from elixero.

Yeah I have. Will try again just in case.

from elixero.

Also if you've created different signing keys for each you should make sure you're using the correct one

from elixero.

For some reason running mix deps.compile fixed this issue. Don't understand why 🤷‍♂️
Thanks for your help!

from elixero.