Mautic Community Forums

token_rejected

I am making API call to get list fields and I am getting back error 401 token_rejected



I turnned on the debug mode to see what is wrong. There has to be something wrong with my code, because apitester cn make the call



this is how I am making the call:

Code:
$auth = MauticAuthApiAuth::initiate($settings); $auth->enableDebugMode(); $leadApi = MauticMauticApi::getContext( "leads", $auth, $mauticBaseUrl . '/api/' );

$fields = $leadApi->getFieldList();


In settings, I am sending this:
Code:
Array ( [baseUrl] => http://mautic.mywii.cz [version] => OAuth1a [clientKey] => 4nxz1hk50nswcskc8go0s08gg48ws4wkgookogcgw80sw4ss4o [clientSecret] => 211ban4nwz28sw8s40wwo8g0k8ko4okcgc0k88sw0cgo0g4wss [callback] => http://mywii.cz/?edd-listener=mautic [accessToken] => 1f6fcp35d5msow800ogccgg8swkww8kgw4sowk4k8wg04s4ss4 [accessTokenSecret] => 548qjq0yfhssw40g8og8ggwko8wc8gw44o0w4wc48co0soswsg )

the $leadApi also looks good:
Code:
MauticApiLeads Object ( [endpoint:protected] => leads [baseUrl:protected] => http://mautic.mywii.cz/api/ [auth:MauticApiApi:private] => MauticAuthOAuth Object ( [_client_id:protected] => 4nxz1hk50nswcskc8go0s08gg48ws4wkgookogcgw80sw4ss4o [_client_secret:protected] => 211ban4nwz28sw8s40wwo8g0k8ko4okcgc0k88sw0cgo0g4wss [_callback:protected] => http://mywii.cz/?edd-listener=mautic [_access_token:protected] => 1f6fcp35d5msow800ogccgg8swkww8kgw4sowk4k8wg04s4ss4 [_access_token_secret:protected] => 548qjq0yfhssw40g8og8ggwko8wc8gw44o0w4wc48co0soswsg [_expires:protected] => [_refresh_token:protected] => [_token_type:protected] => [_access_token_updated:protected] => [_redirect_type:protected] => code [_scope:protected] => Array ( )
        [_authorize_url:protected] => http://mautic.mywii.cz/oauth/v1/authorize
        [_access_token_url:protected] => http://mautic.mywii.cz/oauth/v1/access_token
        [_request_token_url:protected] => http://mautic.mywii.cz/oauth/v1/request_token
        [_debug:protected] => 1
    )

[logger:MauticApiApi:private] => PsrLogNullLogger Object
    (
    )

)


And from debug, this is what was happening
Code:
Array ( [oauth] => Array ( [debug] => Array ( [flow] => Array ( [04-03 15:12:49] => Array ( [0] => makeRequest(http://mautic.mywii.cz/api/leads/list/fields, , GET,...) [1] => making request using OAuth1.0a spec )
                    )

                [basestring] => GET&http%3A%2F%2Fmautic.mywii.cz%2Fapi%2Fleads%2Flist%2Ffields&oauth_consumer_key%3D4nxz1hk50nswcskc8go0s08gg48ws4wkgookogcgw80sw4ss4o%26oauth_nonce%3Dbb6696fbf6fe2cb9%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1459696369%26oauth_token%3D1f6fcp35d5msow800ogccgg8swkww8kgw4sowk4k8wg04s4ss4%26oauth_version%3D1.0
                [headers] => Array
                    (
                        [oauth_consumer_key] => 4nxz1hk50nswcskc8go0s08gg48ws4wkgookogcgw80sw4ss4o
                        [oauth_nonce] => bb6696fbf6fe2cb9
                        [oauth_signature_method] => HMAC-SHA1
                        [oauth_timestamp] => 1459696369
                        [oauth_version] => 1.0
                        [oauth_token] => 1f6fcp35d5msow800ogccgg8swkww8kgw4sowk4k8wg04s4ss4
                        [oauth_signature] => iRkmX+bkd8qL54EFD4KQJzSyJAM=
                    )

                [info] => Array
                    (
                        [url] => http://mautic.mywii.cz/api/leads/list/fields
                        [content_type] => application/json
                        [http_code] => 401
                        [header_size] => 261
                        [request_size] => 392
                        [filetime] => -1
                        [ssl_verify_result] => 0
                        [redirect_count] => 0
                        [total_time] => 0.203015
                        [namelookup_time] => 0.004553
                        [connect_time] => 0.004657
                        [pretransfer_time] => 0.004711
                        [size_upload] => 0
                        [size_download] => 49
                        [speed_download] => 241
                        [speed_upload] => 0
                        [download_content_length] => 49
                        [upload_content_length] => -1
                        [starttransfer_time] => 0.202981
                        [redirect_time] => 0
                        [certinfo] => Array
                            (
                            )

                        [redirect_url] => 
                    )

                [returnedHeaders] => HTTP/1.1 401 Unauthorized

Date: Sun, 03 Apr 2016 15:12:49 GMT
Server: Apache
Vary: Authorization
Set-Cookie: 860fa4dd776973d8b170d66e4cff7b5d=psvqhb859q0qofku6f8sken502; path=/
Cache-Control: no-cache
Content-Length: 49
Content-Type: application/json
[returnedBody] => {“error”:{“message”:“token_rejected”,“code”:401}}
)

    )

)


now, the obvious question: why am I getting this error?

I am making API call to get list fields and I am getting back error 401 token_rejected

I turnned on the debug mode to see what is wrong. There has to be something wrong with my code, because apitester cn make the call

this is how I am making the call:

$auth = MauticAuthApiAuth::initiate($settings);
$auth->enableDebugMode();
$leadApi    = MauticMauticApi::getContext(
    "leads",
    $auth,
    $mauticBaseUrl . '/api/'
);  

$fields = $leadApi->getFieldList();

In settings, I am sending this:

Array
(
    [baseUrl] => http://mautic.mywii.cz
    [version] => OAuth1a
    [clientKey] => 4nxz1hk50nswcskc8go0s08gg48ws4wkgookogcgw80sw4ss4o
    [clientSecret] => 211ban4nwz28sw8s40wwo8g0k8ko4okcgc0k88sw0cgo0g4wss
    [callback] => http://mywii.cz/?edd-listener=mautic
    [accessToken] => 1f6fcp35d5msow800ogccgg8swkww8kgw4sowk4k8wg04s4ss4
    [accessTokenSecret] => 548qjq0yfhssw40g8og8ggwko8wc8gw44o0w4wc48co0soswsg
)

the $leadApi also looks good:

MauticApiLeads Object
(
    [endpoint:protected] => leads
    [baseUrl:protected] => http://mautic.mywii.cz/api/
    [auth:MauticApiApi:private] => MauticAuthOAuth Object
        (
            [_client_id:protected] => 4nxz1hk50nswcskc8go0s08gg48ws4wkgookogcgw80sw4ss4o
            [_client_secret:protected] => 211ban4nwz28sw8s40wwo8g0k8ko4okcgc0k88sw0cgo0g4wss
            [_callback:protected] => http://mywii.cz/?edd-listener=mautic
            [_access_token:protected] => 1f6fcp35d5msow800ogccgg8swkww8kgw4sowk4k8wg04s4ss4
            [_access_token_secret:protected] => 548qjq0yfhssw40g8og8ggwko8wc8gw44o0w4wc48co0soswsg
            [_expires:protected] => 
            [_refresh_token:protected] => 
            [_token_type:protected] => 
            [_access_token_updated:protected] => 
            [_redirect_type:protected] => code
            [_scope:protected] => Array
                (
                )

            [_authorize_url:protected] => http://mautic.mywii.cz/oauth/v1/authorize
            [_access_token_url:protected] => http://mautic.mywii.cz/oauth/v1/access_token
            [_request_token_url:protected] => http://mautic.mywii.cz/oauth/v1/request_token
            [_debug:protected] => 1
        )

    [logger:MauticApiApi:private] => PsrLogNullLogger Object
        (
        )

)

And from debug, this is what was happening

Array
(
    [oauth] => Array
        (
            [debug] => Array
                (
                    [flow] => Array
                        (
                            [04-03 15:12:49] => Array
                                (
                                    [0] => makeRequest(http://mautic.mywii.cz/api/leads/list/fields, , GET,...)
                                    [1] => making request using OAuth1.0a spec
                                )

                        )

                    [basestring] => GET&http%3A%2F%2Fmautic.mywii.cz%2Fapi%2Fleads%2Flist%2Ffields&oauth_consumer_key%3D4nxz1hk50nswcskc8go0s08gg48ws4wkgookogcgw80sw4ss4o%26oauth_nonce%3Dbb6696fbf6fe2cb9%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1459696369%26oauth_token%3D1f6fcp35d5msow800ogccgg8swkww8kgw4sowk4k8wg04s4ss4%26oauth_version%3D1.0
                    [headers] => Array
                        (
                            [oauth_consumer_key] => 4nxz1hk50nswcskc8go0s08gg48ws4wkgookogcgw80sw4ss4o
                            [oauth_nonce] => bb6696fbf6fe2cb9
                            [oauth_signature_method] => HMAC-SHA1
                            [oauth_timestamp] => 1459696369
                            [oauth_version] => 1.0
                            [oauth_token] => 1f6fcp35d5msow800ogccgg8swkww8kgw4sowk4k8wg04s4ss4
                            [oauth_signature] => iRkmX+bkd8qL54EFD4KQJzSyJAM=
                        )

                    [info] => Array
                        (
                            [url] => http://mautic.mywii.cz/api/leads/list/fields
                            [content_type] => application/json
                            [http_code] => 401
                            [header_size] => 261
                            [request_size] => 392
                            [filetime] => -1
                            [ssl_verify_result] => 0
                            [redirect_count] => 0
                            [total_time] => 0.203015
                            [namelookup_time] => 0.004553
                            [connect_time] => 0.004657
                            [pretransfer_time] => 0.004711
                            [size_upload] => 0
                            [size_download] => 49
                            [speed_download] => 241
                            [speed_upload] => 0
                            [download_content_length] => 49
                            [upload_content_length] => -1
                            [starttransfer_time] => 0.202981
                            [redirect_time] => 0
                            [certinfo] => Array
                                (
                                )

                            [redirect_url] => 
                        )

                    [returnedHeaders] => HTTP/1.1 401 Unauthorized
Date: Sun, 03 Apr 2016 15:12:49 GMT
Server: Apache
Vary: Authorization
Set-Cookie: 860fa4dd776973d8b170d66e4cff7b5d=psvqhb859q0qofku6f8sken502; path=/
Cache-Control: no-cache
Content-Length: 49
Content-Type: application/json
                    [returnedBody] => {"error":{"message":"token_rejected","code":401}}
                )

        )
)

now, the obvious question: why am I getting this error?

SOLVED Obvious error is obvious: I was storing the token in complete wrong way, so the rejection code was correct… I will write about it bit more in separate thread, because I think I actually exploited weird bug in Mautic API.

Edit. The issue is descried here: https://www.mautic.org/community/index.php/3098-mautic-api-requires-session-running-in-order-to-generate-tokens