Getting resources with a cursor results in a Unauthorized 401 error after the first pageSize has been reached

[wucherpfennig]

Hi there

PIM Version: 5.0.10

When using the api client as follows:

            $apiClient = $this->getApiClient($tenantMachineName);
            $attributes = $apiClient->getAttributeApi()->all(50);
            foreach ($attributes as $index => $attribute) {
                $data[$attribute['code']] = $attribute;
            }

after the first pageSize the following error occurs: Unauthorized (see https://api.akeneo.com/php-client/exception.html#unauthorized-exception)

the approach from above has been working since v1.7 (I have another installation running on v1.7 and the code runs flawlessly).

any help very much appreciated

BR wucherpfennig

[wucherpfennig]

the apiClient is initially built with:

    /**
     * Returns the API Client for a given tenant
     * @param string $tenant
     * @return AkeneoPimClientInterface
     */
    public function getApiClient(string $tenant){
        $settings = $this->getCredentials($tenant);
        $clientBuilder = new AkeneoPimClientBuilder($settings['baseUri']);
        return $clientBuilder->buildAuthenticatedByPassword($settings['client_id'], $settings['secret'], $settings['apiUser'], $settings['apiUserPassword']);
    }

The API user role has the following permissions:

and after playing around I assume that somehow the api token refresh does not work for the subsequent api calls...

any help / suggestions are really appreciated because this issue is really bad for us :-/

[wucherpfennig]

hi guys, I think I found a clue to my issue.

My setup: docker + traefik

the described error occurs only if I access the API via traefik. the first request is ok but the subsequents will fail.
If I expose the httpd container directly then the API everything works just fine.

so my question: has anybody a working traefik (v2) configuration that works with the api too? currently I am using the following configuration:

 labels:
      # Traefik configuration, Hostname needs to be changed
      - traefik.enable=true
      - traefik.http.routers.pim-acme-http.rule=Host(`pim.acme.com`)
      - traefik.http.routers.pim-acme-http.entrypoints=http
      - traefik.http.routers.pim-acme-http.middlewares=redirect
      - traefik.http.routers.pim-acme-https.rule=Host(`pim.acme.com`)
      - traefik.http.routers.pim-acme-https.entrypoints=https
      - traefik.http.routers.pim-acme-https.tls=true
      - traefik.http.routers.pim-acme-https.tls.certresolver=letsencrypt
      - traefik.http.middlewares.redirect.redirectscheme.scheme=https 

[junjielyu13]

Hello wucherpfennig

I also encountered the same problem, but I am using nginx + docker, do you have any good solutions?

[wucherpfennig]

Yes but it is definitively a hack: In addition expose the whole service on a custom port and make all the api calls with IP + Port... It works but 💩 I would very much appreciate if you would find a better solution 😉

[jonaschen623]

for me, Calling API with HTTPS, but the return result for next href is HTTP. Same issue as #169

"_links": {
    "self": {
        "href": "http://URL/api/rest/v1/products***"
    },
    "first": {
        "href": "http://URL/api/rest/v1/products***"
    },
    "next": {
        "href": "http://URL/api/rest/v1/products***&search_after=74812"
    }
},

After API returns HTTPS, the issue is solved.
Hope could help someone

[junjielyu13]

Thanks guys, I've solved it with Calling API using GuzzleHttp, but please note that it may have a timeout problem.

[wucherpfennig]

for me, Calling API with HTTPS, but the return result for next href is HTTP. Same issue as #169

"_links": {
    "self": {
        "href": "http://URL/api/rest/v1/products***"
    },
    "first": {
        "href": "http://URL/api/rest/v1/products***"
    },
    "next": {
        "href": "http://URL/api/rest/v1/products***&search_after=74812"
    }
},

After API returns HTTPS, the issue is solved. Hope could help someone

Just saw your comment. Works! Thank you