enter image description hereI want to handle the errors which Paypal returns when payment failed while using Paypal smart button. Here, I am using 'actions.order.authorize' method to make payment authorization. In this scenario, If I get payment failed or any payment errors I have to handle that, So I want to receive the error response as JSON object type. But I am not getting the error in JSON type. I need the error details like debug_id, description, links in JSON type to proceed with the error handling process from our app. Here is the error returns as callback Click to view image
There is some documentation here, though not much about handling errors on the client-side: https://developer.paypal.com/docs/checkout/integration-features/auth-capture/#integrate-authorize-capture
You can see if the "authorization" object has those error details, otherwise maybe the onError function will be called with them
Related
We're calling a REST-API technical profile in the OrchestrationStep. In the event where the REST-API returns an error, it redirects back to the application and displays the error as a query string.
(e.g.#error=server_error&error_description=AADB2C%3a+No+code+provided%3a+Conflict+error%3b+RequestId%3a+No+request+id+provided.%3b+Additional+Info%3a+No+additional+info+provided.%...)
Is there a way that instead of displaying the error in the query string, it will display a custom error page?
Also why is api.error not displayed in this case?
Note: The REST-API is needed to be called in the OrchestrationStep rather than the ValidationTechnicalProfile
Assuming you are using Oauth/OpenId, the way B2C responds to the application is based on the response_mode query parameter that's passed to it when you call the policy. The response_mode can be query, form_post, or fragment.
Here's a link to the Microsoft's auth code flow docs that shows the response_mode query parameter in action along with it's available options: https://learn.microsoft.com/en-us/azure/active-directory-b2c/authorization-code-flow#1-get-an-authorization-code
api.error only displays for unhandled exceptions and doesn't cover every use case.
An answer to another post (Error handling in Azure B2C Custom Policy REST Call) from someone on the engineering team states that anything but a 200 from an API halts the journey execution and returns an error to the app immediately, so unless you put the rest call in a validation tech profile, this is the behavior you're going to get.
For compliance reasons, we need to change the error returned from a failed token validation from invalid_grant to invalid_request.
The logic that drives this is in TokenRequestValidator.cs specifically the method ValidateResourceOwnerCredentialRequestAsync. If you peruse the code you will see that everything it returns is OidcConstants.TokenErrors.InvalidGrant.
My first thought for this was to override the event sink to look for a TokenIssuedFailureEvent with an Error equal to invalid_grant. You can see that the event is dispatched when there is an error in TokenEndpoint.cs but when the event is raised, the error is wrapped in the TokenIssuedFailureEvent and the error is copied by value which means that this approach won't work.
Is there a way that I can alter this behaviour without having to make a code change to IdentityServer4 itself?
Thanks in advance!
When an app fails to handle a Slack slash command, the text is brought back to allow the user to edit it and immediately send it again. I have a slash-command that searches, but might fail to find any results. In that case, I would like the user to immediately be able to modify their search. The Slack docs explain that I should always return a 200 HTTP status, but then Slack also erases the command and the user can't immediately try again. When I tried to respond with a 404 status, the users get an alarming message like failed with the error "http_client_error". Is there a way to fail but also provide a custom message to the user why?
Yes, but you must not use HTTP status codes to community a failed search.
Just always return HTTP OK 200 and then add a response message telling the user what went wrong. You can do that by directly replying to the request from Slack within 3 seconds, or alternatively by sending a message to the response_url.
This is also clearly expressed in the offical documentation for slash commands:
Sending Error Responses
There are going to be times when you need to let the user know that something went wrong - perhaps the user supplied an incorrect text parameter alongside the command, or maybe there was a failure in an API being used to generate the command response.
It would be tempting in this case to return an HTTP 500 response to
the initial command, but this isn't the right approach. The status
code returned as a response to the command should only be used to
indicate whether or not the request URL successfully received the data
payload - while an error might have occurred in processing and
responding to that payload, the communication itself was still
successful. (Source)
As far as I know it is not possible to signal Slack that the user should be able to edit his last command though.
i'm trying to follow the example code on google's website here, but it seems a little broken - the javascript references getting a list of people from the server, but in the server-side code there's no reference to calling those functions of the api, it just returns an HTTP status code and a text status, so i'm wondering if there's a step missing and i'm exchanging the wrong code at the wrong time.
my current flow is
login button button clicked, magic happens, my callback gets passed an object with a whole bunch of properties in it
I take the code property from that object, and post it back to my server in an ajax request
on my server, i run the following python, where auth_code_from_js is the data of my post request:
oauth_flow = client.flow_from_clientsecrets('client_secrets.json', scope='')
credentials = oauth_flow.step2_exchange(auth_code_from_js)
python throws a FlowExchangeError with the message invalid request and no other useful information
am i missing a step? is that initial 'code' property what i'm supposed to be passing in to the 'step2_exchange' method?
Let's say that a request is sent to server via xhrPost and server finds that request needs more information to be processed (for example a variable is missing), so, a response is sent back to client informing that request may have not been completely processed and this message is shown in a dialog box.
I was doing it sending from server an HTTP 202 status code, which I believe is not correct, and treating it on load function, where this message was displayed on a dialog box. But if I respond with some HTTP error code (ex: 400) the error is displayed in console (Note: in this case the message is treated in error function), as well as in my dialog box.
What is the best and correct way to do it?
Note that it is called a load handler, not a success handler.
The load hander is for valid, well formatted responses. These can contain a verity of status codes generated by your server side app that indicates success, failure, or something in between.
The error is just that, the server blew up while trying to process the request and whatever you get back is probably not something your widget was written to expect. For this reason, I recommend using the same error handler across your whole app.
The dojo documentation states:
Sometimes xhrGet calls will fail. Often these are 404 errors or server errors such as 500. The error parameter is another callback function that is only invoked when an error occurs. This allows you to control what happens when an error occurs without having to put a lot of logic into your load function to check for error conditions. The first parameter passed to the error function is a JavaScript Error object indicating what the failure was. Dojo doc