Confirm Craft 3.5/Commerce 3.2 compatibility

[timkelty]

I've just upgraded a site and have had the client report that that "401 unauthorized when trying to use the URL for shipstation connect"

I haven't dug in yet, but wanted to start with an issue to see if this has been tested/confirmed on 3.5/3.2.

• Craft CMS 3.5.8
• Craft Commerce 3.2.3
• ShipStation Connect: 1.3.2

[sjcallender]

@timkelty - We'll take a look today.

[sjcallender]

@timkelty Can you share an example request to the export endpoint?

[paddling]

@sjcallender I am the client for this issue. @timkelty has a crazy day today so I am hoping I can help out. I just emailed the curl command to support@fostercommerce.com

[paddling]

FWIW - everything was working fine with the plugin up until we upgraded Craft and Commerce

[rickwiltsie]

I have a little more information on this bug. I believe it has to do with this setting in config/general.php...

'enableBasicHttpAuth' => true

It seems that Craft is intercepting the Basic Auth request and rejecting it before it reaches ShipstationConnect auth check.

[paddling]

So we found a hack as a temporary solution. We created a user account in the CMS with the same username and password as the credentials we setup in the SS plugin settings and it works.
Once you fix the underlying issue, we can delete that user.

[sjcallender]

Good find @rickwiltsie. Thanks for debugging.

@paddling Glad you got it working with that temporary solution. We'll take a look at this next week when @johnnynotsolucky is back from moving.

[johnnynotsolucky]

This should be resolved in 1.3.3.

If your site has enableBasicHttpAuth => true then you'll need to add a Craft user with the shipstationconnect-processOrders permission. That user's username and password can be used by ShipStation to access the plugins actions and the username/password in the settings will not be used and can be blank:

Alternatively, you can disable enableBasicHttpAuth and keep using the original username/password in the plugins settings page.