[$250] BUG: No RBR occurs when invalid credentials used to connect to Sage Intacct

[dylanexpensify]

Testing doc: here (request, will share)

Pre-testing steps

• Make sure the email address does not already have existing workspaces/policies
• Make sure emails sent to the testing email addresses go to an inbox you can access to validate your account(s)
• Create a new collect policy on OldDot and;
• Set the approval mode to “submit and approve”
• Enable scheduled submit with a frequency of Daily or “slower”
• Invite an additional user to the policy to play the member role in these testing flows
• Run the script stated here to enable workspace chat creation for a paid plan.

Pre-testing steps

• Make sure that your test account is on the intacctOnNewExpensify beta
• Make sure you have Sage Intacct web services user ID, password and Company ID to initiate a connection
• Make sure you create a new workspace/policy for each test run
• Make sure emails sent to the testing email addresses go to an inbox you can access to validate your account(s)

Steps:

1. Head to Workspace settings
2. Head to Accounting
3. Under Sage Intacct Connection click Connect
4. Enter incorrect validation tokens

Expected result: A RBR is shown on Accounting in LHN and on the Connections card in Accounting. Actual result: No RBR is present, and the #admins page shows that the connection occurred

Screenshot LHN:

Upwork Automation - Do Not Edit

• Upwork Job URL: https://www.upwork.com/jobs/~01f23c70a65cf3f85e
• Upwork Job ID: 1815806620903385053
• Last Price Increase: 2024-07-23
• Automatic offers:
• situchan | Reviewer | 103316519

Issue Owner

Current Issue Owner: @NikkiWines

[melvin-bot[bot]]

Triggered auto assignment to @stephanieelliott (Bug), see https://stackoverflow.com/c/expensify/questions/14418 for more details. Please add this bug to a GH project, as outlined in the SO.

[melvin-bot[bot]]

Job added to Upwork: https://www.upwork.com/jobs/~01f23c70a65cf3f85e

[melvin-bot[bot]]

Triggered auto assignment to Contributor-plus team member for initial proposal review - @situchan (External)

[kabeer95]

Proposal

Please re-state the problem that we are trying to solve in this issue.

When invalid credentials are used to connect to Sage Intacct, no Retry, Backup, and Retry (RBR) mechanism is triggered, resulting in an "invalid credentials" or "authentication failure" error.

What is the root cause of that problem?

The root cause of this problem is likely due to an incorrect implementation of the Sage Intacct API or a misconfiguration of the connection settings, which prevents the RBR mechanism from kicking in when invalid credentials are used.

What changes do you think we should make in order to solve the problem?

To solve this problem, we need to review and adjust the Sage Intacct API implementation to ensure that it correctly handles invalid credentials and triggers the RBR mechanism. Specifically, we should:

Verify Sage Intacct credentials and connection settings. Set API endpoint and headers correctly. Set XML payload to retrieve subsidiary information. Send request to Sage Intacct API and check if response is invalid credentials error. If invalid credentials error, trigger RBR mechanism. Here is an example code snippet to illustrate the solution:

// Verify Sage Intacct credentials and connection settings
const sageIntacctCredentials = {
  userId: 'your_user_id',
  password: 'your_password',
  companyId: 'your_company_id'
};

// Set API endpoint and headers
const endpoint = 'https://api.intacct.com/ia/xml/xmlgw.aspx';
const headers = {
  'Content-Type': 'application/xml',
  'Authorization': `Basic ${sageIntacctCredentials.userId}:${sageIntacctCredentials.password}`
};

// Set XML payload to retrieve subsidiary information
const payload = `
<?xml version="1.0" encoding="UTF-8"?>
<request>
  <control>
    <senderid>${sageIntacctCredentials.companyId}</senderid>
    <password>${sageIntacctCredentials.password}</password>
    <controlid>string</controlid>
    <uniqueid>false</uniqueid>
    <dtdversion>3.0</dtdversion>
  </control>
  <operation>
    <authentication>${sageIntacctCredentials.companyId}</authentication>
    <get>
      <object>subsidiary</object>
    </get>
  </operation>
</request>
`;

// Send request to Sage Intacct API
const response = await fetch(endpoint, {
  method: 'POST',
  headers,
  body: payload
});

// Check if response is invalid credentials error
if (response.status === 401) {
  // Trigger RBR mechanism
  console.log('Invalid credentials, triggering RBR...');
  // Implement RBR logic here
} else {
  console.log('Error:', response.statusText);
}

[situchan]

@kabeer95 Can you please familiarize yourself with our codebase and some old proposals on closed issues to understand what is expected in a proposal?

[jayeshmangwani]

@dylanexpensify @stephanieelliott Script link is of internal SO and is not accessible to everyone. Is there any way to add(or access script) the for adding/testing the test Sage Intacct?

[SzymczakJ]

I was implementing this so you can assign me. This is probably caused by the way we handle incorrect credentials on Sage Intacct. @NikkiWines should have more context. I guess our solution to incorrect credentials has some downsides 😅

[situchan]

@stephanieelliott please assign @SzymczakJ from SWM

[melvin-bot[bot]]

📣 @situchan 🎉 An offer has been automatically sent to your Upwork account for the Reviewer role 🎉 Thanks for contributing to the Expensify app!

Offer link Upwork job

[NikkiWines]

This one's a backend bug so i'll try and patch it when I've got some spare cycles - adjusting the labels accordingly

[melvin-bot[bot]]

@NikkiWines @stephanieelliott @SzymczakJ @situchan this issue was created 2 weeks ago. Are we close to a solution? Let's make sure we're treating this as a top priority. Don't hesitate to create a thread in #expensify-open-source to align faster in real time. Thanks!

[NikkiWines]

Sorry guys, been swamped with competing priorities these last few weeks, will try to prioritize this as soon as i have time

[NikkiWines]

🤔 Seems to be a RBR for me when I enter invalid creds locally, but I do see the connected to Sage Intacct message still. I'll update it so we don't send that message if the connection fails

https://github.com/user-attachments/assets/374aab41-69c6-4676-b8c0-a13068ca8122

[NikkiWines]

Not overdue