IBM MobileFirst (MFP 8) weird behavior on isSuccessful response field - ibm-mobilefirst

Our application have been running in production for about 6 months now. Suddenly we experience weird errors in our mobile app. We found out from the logs that there was a sudden change in the behavior of the response thrown by MFP.
Our MFP adapter interfaces to the app on one side, and connects to REST web services in the back end side.
Before, the behavior was like the one below. isSuccessful returns "true" even if HTTP status code returned from the REST web service was any other http code besides 200.
{
"statusCode":401,
"errors":[
],
"isSuccessful":true,
}
Now, if the status code is not 200, isSuccessful is showing false. We did not change anything in the MFP adapter code nor made any changes in MFP as well. This causes our application to behave in a different way than before.
{
"statusCode":401,
"errors":[
],
"isSuccessful":false,
}
Does anyone know the reason for this sudden change in behavior? we want to return the behavior as how it was before.

Mobile App will receive an 401 HTTP Status code whenever the user invokes an adapter endpoint with invalid Access token.
Check whether you have protected your Adapter Endpoint Custom OAuth Scope with any Security Check in Mobilefirst Operations Console.
If not, MFP SDK will handle this error and obtain's a fresh access token for default OAuth Scope and returns the adapter response.

Related

Dummy Rest API not working on phone React Native

I am using http://dummy.restapiexample.com/ API .While using POSTMAN and creating a new employee using POST ,it seems to work .But when I use axios in React Native and do the same thing the POST is returning success response but when I try GET method to get all the new employees I'm not seeing the newly created employee which worked on POSTMAN
This is my POST method
create(){
axios.post('http://dummy.restapiexample.com/api/v1/create',{
"name":this.state.name,
"salary":this.state.sal,
"age":this.state.age
}).then((res)=>console.log(res.data)).then(()=>this.setState({createModal:false})).catch(err=>console.log(err))
}
and this is my GET method
async getData(){
await axios.get('http://dummy.restapiexample.com/api/v1/employees').then((res)=>this.setState({employees:res.data.data},()=>console.log(res.data.data))).catch((err)=>console.log(err))
}
From your example code it seems that you are making a call over http. Note that such calls are blocked by iOS and Android unless you explicitely specify a domain that is allowed to be reached over http.
More information about networking can be found here:
https://reactnative.dev/docs/network
By default, iOS will block any request that's not encrypted using SSL.
If you need to fetch from a cleartext URL (one that begins with http)
you will first need to add an App Transport Security exception. If you
know ahead of time what domains you will need access to, it is more
secure to add exceptions only for those domains; if the domains are
not known until runtime you can disable ATS completely. Note however
that from January 2017, Apple's App Store review will require
reasonable justification for disabling ATS. See Apple's documentation
for more information.
Either allow the domain for non-secure request or use https.
The problem had something to do with running on Android device. Once run on the emulator it seemed to work fine

Failure response with status "201" and error message "Created" When invoking WLAuthorizationManager.obtainAccessToken

Environment:
Windows Server 2012 R2
JRE 1.8.0_101
IBM WAS Liberty Core 8.5.5.5
IBM MFP 8.1
Apache Web server
We have set up the UAT with the above environment. We have deployed our application on the server, have deployed adapter for user authentication and a resource adapter to fetch the data.
When we invoke an adapter procedure without security (unprotected) the app is fetching the data. But when we try to invoke an adapter procedure with default scope or with a custom scope Instead of triggering the challenge handler, we are getting failure response with error status ‘201’ and error message ‘Created’.
Another observation is that, when the WLAuthorizationManager.ObtainAccessToken is invoked with default scope or with push.mobileclient, it is giving the same failure response with error status ‘201’ and error message ‘Created’. The same application works fine in the development environment.
When I try to obtain a token from postman using https://domain:port/mfp/api/az/v1/token and pass the scope, grant_type and the necessary authorization header, it is providing the valid response with token. But from the app when we try by obtain token it is given failure response.
Failure response
{"status":201,"statusText":"Created","responseText":"","responseHeaders":{"connection":"Keep-Alive","content-language":"en-US","content-length":"0","date":"Fri, 17 May 2019 05:42:45 GMT","keep-alive":"timeout=5, max=100","location":"/mfp/api/registration/clients/1e746550-e804-4ee7-88ba-b99896qqqqpwo","server":"Apache/2.4.39 (Win64) OpenSSL/1.1.1b","via":"1.1 ","x-powered-by":"Servlet/3.0"},"errorMsg":"Created","errorCode":"201"}
201 is not a response code that is expected from the /token endpoint. This is very likely coming from an intermediate element in your topology. You've mentioned about the Apache Web Server as part of the configuration - is this sending the 201 ?
Moreover, the actual response from the server shows "server":"Apache/2.4.39 (Win64) OpenSSL/1.1.1b"
So, here is what you can do
a. Try bypassing the web server and see if resolves the issue - in all likeliness, it should.
b. Validate the configuration settings of the Apache Web server to see why the 201 is being returned.
Late to the party, but for anyone that is still running into this error:
Install the following interim fix: 8.0.0.0-MFPF-IF202006151151
This solved the error for me. Seems to be a bug in MobileFirst, took me ages to find.

Getting a 401 http response (sometimes) while request is proper

i've been facing a problem lately and i don't know how to handle it, or even what the problem might be coming from.
Tools:
-MYSQL(for data base)
-JAVA EE web application(to service as back-end)
-Jersey 2.26 dependency (to service as API on top of web application /CORS filter implemented)
-Apache Tomcat/7.0.69 ( as web server where web app sets )
-Angular 4 ( as website and client to the API)
-CentOS Linux release 7.3 (Core) (Server operating system )
Problem:
once the request is sent to the API ( to a specific secured Endpoint ) lets call it customers, Sometimes the response is 401 Unauthorized, and in other times it works just fine, from the angular website for instance, if press f12 and follow the requests, i send the same request again ( for the one i got 401 for ) but this time it works, the JWT is valid and it works just fine, and its not that there is too many request going to the server, even if its few sometimes i get 401, but most of the time it works great.
the only thing in the code that can return 401 is the authentication filter, which checks the validity of token, but it looks fine to me.
i checked this article that talks about 401 response, but still, its hard for me to grasp the idea why it works good sometimes and not work other times for the same request. i get the 401 while checking with the website and also with checking with postman. so i guess it's not a cache or cookies thing, but i might be wrong to assume this.
any ideas on what might be wrong ? or where should i be checking for bugs or errors ?
Thanks allot
Set tomcat security to false .

Possible proxy issue with WSO2 API Manager

Whenever I try to add the following endpoint, "http://ws.cdyne.com/phoneverify/phoneverify.asmx", during the Managed API setup process and press the Test button I get an error on the server. ERROR - APIProviderHostObject Error occurred while connecting to backend : "stackOverflow preventing me from showing this link", reason: Connect to ws.cdyne.com:80 timed out
When I try this exact same process on a machine outside of our proxy it works fine. I have gone into the axis2.xml file and added proxy information and even went as far as installing cntlm and setting the proxy to localhost - same error.
I can browse to the above link just fine on this machine.
My environment is Windows 10.
I assume you talk about clicking the Test button when providing Backend Endpoint in API publisher.
The way that Test button works at the moment (as far as I understand) is that it invokes HTTP HEAD method on the endpoint provided (because according to RFC 2616, "This method is often used for testing hypertext links for validity, accessibility, and recent modification.")
Then it checks response. If response is valid or 405 (method not allowed), then the URL is marked as Valid.
Thus sometimes, if backend is not properly following RFC, you might get otherwise working URLs declared as Invalid during the test because of that improper HEAD response evaluation. Obviously, this is just a check for your convenience and you can ignore the check if you know the endpoint works for the methods and resources you need it to work.
So my advice would be to try ignoring the Test and just finishing setting up and publishing the API.
P.S. I am checking it on WSO2 API Cloud but behavior is identical to downloadable API Manager.

How do I capture the Worklight defaultOptions:onFailure event?

I have a Worklight 6.1.0.1 hybrid app that I'm running on iOS. The app uses adapter-based authentication. The app prepares the invocation data makes the following call when the Login button is clicked:
singleStepAuthRealmChallengeHandler.submitAdapterAuthentication(invocationData, {});
If the WL service is down, or if the mobile device has no network access, the invocation will timeout. I see the following in the Xcode console:
defaultOptions:onFailure Request timed out for http://myipaddress:10080/myapp/apps/services/../../invoke. Make sure the host address is available to the application (especially relevant for Android and iPhone apps).
How can I capture this timeout event, so that I can update the UI with a proper message?
Update May 23rd based on comments:
What is your exact flow?
You should first use WL.Client.connect({onSuccess: ..., onFailure:...});
If connection to the server is successful, you will enter the challenge handler. Otherwise, you will enter onFailure and there you can create the custom error handling.
Previous answer attempt:
The below is when trying to connect() to the Worklight Server.
If you want custom handling for when the client fails connecting to the server I believe you need to enable and use the option onConnectionFailure in initOptions.js:
var wlInitOptions =
// # The callback function to invoke in case application fails to connect to Worklight Server
//onConnectionFailure: function (){},
}
Otherwise, Worklight's default dialog will be displayed.