Closed ajbeach2 closed 8 years ago
can you attach information about the request from JS? (url, get params, headers) as well as the value of user.id
server-side?
Request
Request URL:https://api.getstream.io/api/v1.0/feed/user/1/?limit=5&offset=0&api_key=te5vptfdhrss&location=unspecified
Request Method:GET
Status Code:403 Forbidden
Remote Address:54.230.90.148:443
Reponse
HTTP/1.1 403 Forbidden
Content-Type: application/json
Content-Length: 126
Connection: keep-alive
Access-Control-Allow-Origin: *
Allow: GET, POST, DELETE, HEAD, OPTIONS
Content-Encoding: gzip
Date: Fri, 06 May 2016 18:03:02 GMT
Server: nginx/1.4.6 (Ubuntu)
Vary: Accept
X-Cache: Error from cloudfront
Via: 1.1 650859fa2cd80d54569500386ec0cbcc.cloudfront.net (CloudFront)
X-Amz-Cf-Id: QGLpLNfj7Lm8zKyPal7EaWJ7UxPb7pY9j48xYid8AHY8tBOXcOZWvg==
Request
Request Headers
GET /api/v1.0/feed/user/1/?limit=5&offset=0&api_key=te5vptfdhrss&location=unspecified HTTP/1.1
Host: api.getstream.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Authorization: user1 b'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJyZWFkIiwicmVzb3VyY2UiOiIqIiwiZmVlZF9pZCI6InVzZXIxIn0.IfVux-ZWZAkWTCzgH0sBibRWhFpB9HEriVYtf-lSRAQ'
stream-auth-type: simple
Origin: http://localhost:8080
X-Stream-Client: stream-javascript-client-browser-unknown
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.86 Safari/537.36
accept: application/json
Referer: http://localhost:8080/
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
Query String params
limit:5
offset:0
api_key:te5vptfdhrss
location:unspecified
response body
{"code": null, "detail": "url signature missing or invalid", "duration": "7ms", "exception": "AuthenticationFailed", "status_code": 403}
The user.id server side is 1
you are converting the readonly_token (bytes) into string incorrectly, the result is that you end up with its representation (which is almost the same except for the b'' wrap).
this change should get fix your problem:
str(readonly_token)
with:
readonly_token.decode("utf-8")
Thank you. That fixed my issues. Should this be added to the documentation that it needs to be decoded in this way? Its confusing, because .token doesn't need to be decoded in this way, and .token is automatically serialized to json without decoding in this manner.
next release does that, thank you for reporting this!
My server side generation of read only tokens looks like the following:
My client side code looks like the following:
I get an error message of the following:
HOWEVER: if i change the token to be read/write, the client side code doesn't produce an error.