Yodlee QuesAndAnswerDetails - yodlee

I am attempting to debug a Yodlee site authentication issue I am having. I'm sending the credentials via the following endpoint:
POST https://rest.developer.yodlee.com/services/srest/restserver/v1.0/jsonsdk/Refresh/putMFARequestForSite
And this is the error message I am receiving:
{
"errorOccurred": "true",
"exceptionType": "com.yodlee.core.IllegalArgumentValueException",
"referenceCode": "_4ef2f3e7-a750-4dfe-a16e-fa4254451897",
"message": "Null argument specified for: QuesAndAnswerDetails[]"
}
I need to be able to test authenticating via MFA with dropdowns (selects). I created a DAG catalog, and replaced one of the DAG Security QA sites with the following configuration I found when googling:
<login>
<flowControlInfo>
<delayBeforeChallenge>-1</delayBeforeChallenge>
<delayBeforeLoginComplete>1</delayBeforeLoginComplete>
<delayAfterLoginComplete>1</delayAfterLoginComplete>
<expireToken>false</expireToken>
</flowControlInfo>
<MFAFlows>
<MFAFlow flowOrder="1" isModeOfCommunication="1">
<HelpTitle>MFA Help Title1</HelpTitle>
<HelpContent>MFA Help Content1</HelpContent>
<InfoTitle>MFA Info Title1</InfoTitle>
<InfoContent>MFA Info Content1</InfoContent>
<MFAChallengeList>
<MFAChallenge questionType="text" >
<MFAOption answerType = "dropdown">
<questionLabel>Please select desired OTP
destination...</questionLabel>
<answerOptions>
<!-- The actual email or token will not be sent and is just a
placeholder to show the form -->
<option isDefaultSelected="1" value="MOBILE_XXX-XXX-1234">MOBILE
XXX-XXX-1234</option>
<option isDefaultSelected="0" value="HOME_XXX-XXX-2345">HOME XXXXXX-2345</option>
<option isDefaultSelected="0" value="WORK_XXX-XXX-3456">WORK XXXXXX-3456</option>
</answerOptions>
</MFAOption>
</MFAChallenge>
<MFAChallenge questionType="text" >
<MFAOption answerType = "dropdown">
<questionLabel>Please select desired OTP
destination1...</questionLabel>
<answerOptions>
<!-- The actual email or token will not be sent and is just a placeholder to show the form -->
<option isDefaultSelected="1" value="TEXT">TEXT message</option>
<option isDefaultSelected="0" value="PHONE">Phone Call</option>
</answerOptions>
</MFAOption>
</MFAChallenge>
</MFAChallengeList>
</MFAFlow>
<MFAFlow flowOrder="2">
<HelpTitle>MFA Help Title1</HelpTitle>
<HelpContent>MFA Help Content1</HelpContent>
<InfoTitle>MFA Info Title1</InfoTitle>
<InfoContent>MFA Info Content1</InfoContent>
<TokenDetails>
<DisplayString>Security Key</DisplayString>
<Value>123456</Value>
</TokenDetails>
</MFAFlow>
</MFAFlows>
</login>
In order to get back MFA form info, I am calling:
POST https://rest.developer.yodlee.com/services/srest/restserver/v1.0/jsonsdk/Refresh/getMFAResponseForSite
I can see the dropdowns with real sites, but I can't get a DAG site to reproduce the same behavior. I've also read https://developer.yodlee.com/assets/images/OTP_Documents/Implementation%20Manual%20for%20Enhanced%20MFA%20Support.pdf however when using Site/Provider Id 16442 I get a 403 yodlee internal error response.
I am aware of Can you provide an example of calling putMFARequestForSite with com.yodlee.core.mfarefresh.MFAQuesAnsResponse? and am attempting to implement the the suggested fix however I am unable to test using dag accounts.
Thanks!


I was able to resolve the issue in production by ensuring only the expected values are passed, and sending them in the expected order as Can you provide an example of calling putMFARequestForSite with com.yodlee.core.mfarefresh.MFAQuesAnsResponse? goes into details about which resolved the "Null argument specified for: QuesAndAnswerDetails[]" error.
No update to the providor accounts APIs was required which would have required a major rework. Was still unable to get DAG to work.


From your ask, I see that your are checking our legacy APIs.
We recommend you to use our new Yodlee APIs to integrate into your system.
Integration Guide- https://developer.yodlee.com/Account_Verification/Getting_Started
API Flow-https://developer.yodlee.com/Yodlee_API/API_Flow/Add_Account_With_ProviderAccount
Test our APIs here- https://developer.yodlee.com/apidocs/index.php#!/
If you are interested to get your dedicated and secure environment, then please contact
Sales:1 866-374-0948

Related

Workday Rest API - POST Call For Work Email Change

I currently have a use case where I need to update work email for users in Workday using Workday Rest API. I have added all the required scopes and BP permissions but still have been receiving the below error when I try to do the POST staffing/workers/{ID}/workContactInformationChanges
{
"error": "not found: staffing",
"code": "S21"
}
Is there any additional permissions that need to be enabled in order to get access to the staffing api collection?

When I was setting up the connection to Workday I had included too much info in the connection URL and was getting this same error,
ex: https://wdX-impl-servicesX.workday.com/ccx/api/v1/XXXx1
Here is what I shortened it to:
ex: https://wdX-impl-servicesX.workday.com
This allowed the API call to construct the rest of the URL... otherwise it was constructing the URL incorrectly like this:
https://wdX-impl-servicesX.workday.com/ccx/api/v1/XXXx1/ccx/api/v1/XXXx1/filename

"integrationuser" is not an Active user in KissFlow

I am using kissflow API to attach file but I am getting this error
{
"error": "ValidationError The user integrationuser#xxxxxxx is not an
Active user" }
I am using this url with data {Name:'xxxxx','Url':'xxxxxx'} as suggested in Doc
https://sxxxxxxxxx.appspot.com/api/1/Print Quotation/Sxxxxxx9/attachment/create
I already created request for this with this url
http://sxxxxxxxxx8.appspot.com/api/1/PrintQuotation/create
And got success result with id and subject
{
.......
Id": "d442c98a-bca2-11e8-9ac6-c7734a25d32a",
"Subject": "Request from integrationuser#ap9d9afe30_96bd_11e8_a251_0e8f5e2360a0"
}
Please help me to understand why this error comes.
Note : I am using test account.
And there is no such user with name integrationuser in Users

I got the same error, in my case im using a real account.
SOLUTION 1 :
Create a valid account for use in integrations e.g. integration#companydomain.com
Add the header "email_id" with the email of this user "integration#companydomain.com"
It works for me with a valid account.
However i need to pay by a license for it =P.
I'm talking with support for a better solution using default integrationuser, i will post here the answer from support for clarify this situation.
You can see this solution on documentation here :
https://help.kissflow.com/tips-and-tricks/api-documentation/rest-api-points

odoo res.partner address fields access error on website

I am trying to show address fields on website but it gives access error. For some reason I can't use the contact widget on website.
When I visit the page as public user it shows 500 Internal Server error. But if I am admin, everything works.
In my xml template I wrote following:
<span t-field="event.address_id.city" groups="base.group_public"/>,
<span t-field="event.address_id.country_id.name" groups="base.group_public"/>
In ir.model.access.csv file I wrote following:
access_res_partner,res.partner,base.model_res_partner,base.group_public,1,0,0,0
also tried
access_res_partner,res.partner,base.model_res_partner,,1,0,0,0
But it shows following error:
AccessError: (u'The requested operation cannot be completed due to
security restrictions. Please contact your system
administrator.\n\n(Document type: res.partner, Operation: read)',
None)
Error to render compiling AST AccessError: (u'The requested operation
cannot be completed due to security restrictions. Please contact your
system administrator.\n\n(Document type: res.partner, Operation:
read)', None) Template: website_event.index Path:
/templates/t/t/div/div[2]/div[2]/div[1]/ul/li/div/div/div[3]/div/div[3]/span[1]
Node: ,
I also tried this in xml without groups, but result is same:
<span t-field="event.address_id.city"/>,
<span t-field="event.address_id.country_id.name"/>
How can I resolve this.

Try this code.
<span t-field="event.address_id.sudo().city"/>,
<span t-field="event.address_id.sudo().country_id.name"/>
Please make sure you understand the security section in the odoo documentation. In my opinion, it is no good idea to give the base.group_public group generally read access to your customer data.

Unable to test login using jmeter

I am newbie to jmeter. I am trying to test to login to my site say (example.com/session/new).
I have added the http cookie manager and 2 http request defaults.
In the first, am visiting example.com/session/new and extracting the authenticity token in the response data using regex meta content="(.+?)"name="csrf-token" . Now, in the second http request, I have a post request with the parameters as
name:utf value:(tickmark)
name :authenticity_token value: ${token}
name:email value:test#test.com
name:password value:test.
name:commit value:Sign In
And then am asserting for a text post login.
When I run the test, the assertion fails. as it results in 404.
In the request, I can see utf8=%E2%9C%93+&authenticity_token=%24%7Btoken%7D&email=test%40test.com&password=test&commit=Sign+In. Please help me fix this.

I know this is an old post, but I've been struggling with this exact same query, so I've decided to post my answer in case it helps anyone - it worked first time for me. So after requesting the login page for my site, the following csrf token is embedded in the html response;
<input type="hidden" name="csrfToken" value="fe5a48ebda7b98cbbf885b4a220ebe0c23b11125-1459096615520-1ac64aa945986cb1bd318d9c"/>
So when making the initial request for the login page, instead of using a Regular Expression Extractor, if the token is in the body of the HTML response, use an XPath Extractor instead.
If your response is not XML/XHTML compliant then tick the 'use tidy' checkbox.
For reference name add the reference you wish to refer to the token as e.g. token. When you add your parameters to the login request, you can then refer to your csrfToken as ${token}
Then for X-Path query use;
//input[#name="csrfToken"]/#value
The following tutorial shows you how to use a Regular Expression Extractor, but it should also help you to understand how to set up the query a bit more;
https://www.youtube.com/watch?v=SVxB3Tk4O4A&feature=iv&src_vid=hGkrSFKcj10&annotation_id=annotation_85358

Looks like you did every thing good , except correlation . After decoding your error url , I found that you correlation is not working . Below is the decoding URL "utf8=✓ &authenticity_token=${token}&email=test#test.com&password=test&commit=Sign In."
In your "Regular expression extractor" add below details
1. Reference Name:token
2. Regular Expression : name="csrfToken" value="(.+?)"
3. Template : $1$
4. Match No: 1
Note: Check the occurrences of "csrfToken", if you required first occurrence then enter 1 , if you required 2nd occurrence enter 2 ....etc.

Unable to get loginForm after addSiteAccount to update credentials

I am using the rest api. After retrieving the login form for a site, I input incorrect login information. I need to now go back and correct the mistake. At first I tried calling GetSiteLoginForm, which isn't allowed since the user is already associated to the site. I then tried to SiteTraversal/getSiteInfo with valid cobSessionToken and &siteFilter.reqSpecfier=16&siteFilter.siteId=643.
The response I get is:
{"popularity":0,"siteId":643,"orgId":520,"defaultDisplayName":"Chase (US)","defaultOrgDisplayName":"Chase Manhattan Bank","contentServiceInfos":[{"contentServiceId":663,"siteId":643,"containerInfo":{"containerName":"bank","assetType":1}},{"contentServiceId":10441,"siteId":643,"containerInfo":{"containerName":"bill_payment","assetType":0}},{"contentServiceId":3163,"siteId":643,"containerInfo":{"containerName":"credits","assetType":2}},{"contentServiceId":3483,"siteId":643,"containerInfo":{"containerName":"stocks","assetType":1}},{"contentServiceId":7100,"siteId":643,"containerInfo":{"containerName":"loans","assetType":2}},{"contentServiceId":3861,"siteId":643,"containerInfo":{"containerName":"mortgage","assetType":2}},{"contentServiceId":12049,"siteId":643,"containerInfo":{"containerName":"miles","assetType":0}}],"enabledContainers":[{"containerName":"bank","assetType":1},{"containerName":"bill_payment","assetType":0},{"containerName":"credits","assetType":2},{"containerName":"stocks","assetType":1},{"containerName":"loans","assetType":2},{"containerName":"mortgage","assetType":2},{"containerName":"miles","assetType":0}],"baseUrl":"http://www.chase.com/","loginForms":[],"isHeld":false,"isCustom":false,"siteSearchVisibility":true}
Note loginForms is empty. How do I get this value? I tried different values of siteFilter.reqSpecfier and always get the same result. Other things I tried were using both the our public and private urls. I duplicated all of this with Dag Site as well.

There is typo in one of the input parameters because of which the parameter is not being recognized by our API’s and hence returning Null LoginForms.
[ siteFilter.reqSpecifier is incorrectly spelled as siteFilter.reqSpecfier ]
Your Excerpt from below email:
cobSessionToken=11182013_0%3A8e8a9caa264e3b26f15c3c9a3ee05680b2edb76272d0a425852a803e6002383b89847d388de38394b4f08efbb881536b496e323ee4e42c9df7dfdcdc8ae10e16&siteFilter.**reqSpecfier**=16&siteFilter.siteId=643
This should be :
cobSessionToken=11182013_0%3A8e8a9caa264e3b26f15c3c9a3ee05680b2edb76272d0a425852a803e6002383b89847d388de38394b4f08efbb881536b496e323ee4e42c9df7dfdcdc8ae10e16&siteFilter.**reqSpecifier**=16&siteFilter.siteId=643
With corrected parameter I was able to query Site 643 and get the loginForm Array. Below is the response with loginForms[]
{"popularity":0
"siteId":643
"orgId":520
"defaultDisplayName":"Chase"
"defaultOrgDisplayName":"Chase Manhattan Bank"
"contentServiceInfos":[{"contentServiceId":663}
{"contentServiceId":10441}
{"contentServiceId":3163}
{"contentServiceId":3483}
{"contentServiceId":7100}
{"contentServiceId":3861}
{"contentServiceId":12049}]
"enabledContainers":[{
"containerName":"bank","assetType":1}
{"containerName":"bill_payment","assetType":0}
{"containerName":"credits","assetType":2}
{"containerName":"stocks","assetType":1}
{"containerName":"loans","assetType":2}
{"containerName":"mortgage","assetType":2}
{"containerName":"miles","assetType":0}]
"baseUrl":"http://www.chase.com/"
"loginForms":[{"conjunctionOp":{"conjuctionOp":1}
"componentList":[
{"valueIdentifier":"LOGIN","valueMask":"LOGIN_FIELD","fieldType":{"typeName":"TEXT"},"size":20,"maxlength":32
"name":"LOGIN","displayName":"User ID","isEditable":true,"isOptional":false,"isEscaped":false,"helpText":"4710","isOptionalMFA":false
"isMFA":false},
{"valueIdentifier":"PASSWORD","valueMask":"LOGIN_FIELD","fieldType":{"typeName":"IF_PASSWORD"},"size":20,"maxlength":40
"name":"PASSWORD","displayName":"Password","isEditable":true,"isOptional":false,"isEscaped":false,"helpText":"11976","isOptionalMFA":false
"isMFA":false}
]
"defaultHelpText":"324"}]
"isHeld":false
"isCustom":false
"siteSearchVisibility":true}
This should resolve your problem
Regards,
Vishal
Yodlee Team

The flow for updating the credentials is listed in this article UpdateCredentials Flow
You can follow the exact steps from the article.
Even when the user is associated to a particular site , you can still pull the login form using getSiteLoginForm and show the form to the user to enter the correct credentials and then pass the login form in updateSiteAccountCredentials and then proceed with the normal refresh flow.