Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Response 401 when creating or editing a segment with filters (when using oauth) #259

Open
stef000 opened this issue Oct 18, 2021 · 0 comments
Open

Response 401 when creating or editing a segment with filters (when using oauth) #259

stef000 opened this issue Oct 18, 2021 · 0 comments

Comments

@stef000
Copy link

stef000 commented Oct 18, 2021
edited by RCheesley
Loading

Whenever creating or updating a segment with filters included the response shows error 401 unauthorized.

{
    "name": "test",
    "alias": null,
    "description": "test",
    "isPublished": 1,
    "isGlobal":	true,
    "filters": [
          {
            "glue": "and",
            "field": "city",
            "type": "text",
            "filter": "Prague",
            "display": null,
            "operator": "="
          }
    ]
}

To my knowledge the error occurs because the filter parameters are stored and sent not only inthe body of the cURL request but also in the header where the authorization params are stored as well.

in the file maut_connector\vendor\mautic\api-library\lib\Auth\OAuth.php

$oAuthHeaders = array_merge($oAuthHeaders, $parameters);

The parameters and the oAuthHeaders are merged and both stored as oAuthHeaders. Now when there are multiple entries in the filter (glue, field, type, etc...) the values in the headers would look something like this if you dump them:

array:2 [
  0 => "Authorization: OAuth filters=%3D, filters=Prague, filters=and, filters=city, filters=text, isGlobal=1, isPublished=1, name=this%20is%20a%20test%20segment, oauth_consumer_key=key, oauth_nonce=nonce, oauth_signature=sing%3D, oauth_signature_method=HMAC-SHA1, oauth_timestamp=12341234234, oauth_token=token, oauth_version=1.0"
  1 => "Expect:"
]

This is a problem because 'filters' is set multiple times. If you do that the mautic endpoint will return 401 unauthorized.

I don't have a general fix for this problem, however I can provide my workaround:

Replace:

$oAuthHeaders = array_merge($oAuthHeaders, $parameters);

With:

$cleanedParameters = $parameters;
if (array_key_exists('filters', $cleanedParameters)) {
    unset($cleanedParameters['filters']);
    $oAuthHeaders = array_merge($oAuthHeaders, $cleanedParameters);
} else {
    $oAuthHeaders = array_merge($oAuthHeaders, $parameters);
}

If you just remove the array merge of $oAuthHeaders and $parameters other endpoints (e. g. fetching companies) will not work anymore for some reason so you probably don't want to do that.

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@stef000