where to find the /api/status response?

richb201

@richb201 said in where to find the /api/status response?:

$request = array();

Here you go. I am trying to register a user (richb201@gmail.com). When I run this I get successResponse=NULL. As I alluded to, richb201@gmail.com, was already registered via the console. Albeit, with a different userid.

$apiKey = "s-S2l2DNOpEgjjDlZ2MXnU4QGARj8UszS_BVnvugGoc";
        $client = new FusionAuth\FusionAuthClient( $apiKey, "http://localhost:9011");
        $applicationID="32688330-1630-4e0d-a4de-8ae45c3ca527";

        $request = array();
        $request["applicationId"] = $applicationID;
        $request["loginId"] = "richb201@gmail.com";
        $request["password"] = "abc123";
        $result = $client->register("richb201@gmail.com",$request);
        if (!$result->wasSuccessful()) {
            echo "error";
        }

dan

What does adding the else statement print?

$apiKey = "s-S2l2DNOpEgjjDlZ2MXnU4QGARj8UszS_BVnvugGoc";
        $client = new FusionAuth\FusionAuthClient( $apiKey, "http://localhost:9011");
        $applicationID="32688330-1630-4e0d-a4de-8ae45c3ca527";

        $request = array();
        $request["applicationId"] = $applicationID;
        $request["loginId"] = "richb201@gmail.com";
        $request["password"] = "abc123";
        $result = $client->register("richb201@gmail.com",$request);
        if (!$result->wasSuccessful()) {
            echo "error";
        } else {
            echo var_export($result->successResponse, true);
       }

richb201

@dan said in where to find the /api/status response?:

} else {
echo var_export($result->successResponse, true);
}

error. I also tried a different email address. I also got an error. Could there be an issue with using $request["loginId"] = "richb201@gmail.com" or register("richb201@gmail.com" ?

dan

That's interesting. I wouldn't think it would be an error. Can you do an export of the $result object and share that?

$apiKey = "s-S2l2DNOpEgjjDlZ2MXnU4QGARj8UszS_BVnvugGoc";
        $client = new FusionAuth\FusionAuthClient( $apiKey, "http://localhost:9011");
        $applicationID="32688330-1630-4e0d-a4de-8ae45c3ca527";

        $request = array();
        $request["applicationId"] = $applicationID;
        $request["loginId"] = "richb201@gmail.com";
        $request["password"] = "abc123";
        $result = $client->register("richb201@gmail.com",$request);
        echo var_export($result, true);


        if (!$result->wasSuccessful()) {
            echo "error";
        } else {
            echo var_export($result->successResponse, true);
       }

richb201

Screenshot from 2020-10-16 15-56-54.png

Logic check: Since the same code works in your environment isn't it likely that there is something wrong with the setup of my application? The lack of a decent error code is an issue.

richb201

While I have your attention, I noticed that the passwordless login link expires quickly. Is that time setable?

Also, I am trying to use this as the URL: http://localhost/index.php/Configure/MyFormEmployees but the menu won't seem to store that. That path works fine from my browser address line.

dan

Ah, I see the issue, I think, @richb201

If you are trying to register, you want to build a json object as documented here

You want to post to this url: /api/user/registration/{userId}. The userId will be something like 6fdacf40-828d-4aaa-8a5a-2119bee94b67 but it looks like you are using the email address of the user.

You also don't need the loginId or the password field (because the user already exists). If the user didn't exist, you'd want to use the fields documented here

I didn't try to run your code in the past, but running this now gives me an error: [couldNotConvert]userId.

client.php:

<?php 

require __DIR__ . '/vendor/autoload.php';

$apiKey = "SNjNZj8jz4A_5BeL07pF901nwlLxRQ3CK6shpuIFQkg";
$client = new FusionAuth\FusionAuthClient($apiKey, "http://localhost:9011");

$applicationId = "85a03867-dccf-4882-adde-1a79aeec50df";

$request = array();
$request["applicationId"] = $applicationId;
#$request["loginId"] = "testanother3@example.com";
$result = $client->register("testanother2@example.com",$request);
echo var_export($result, true);

composer.json:

{
    "require": {
      "fusionauth/fusionauth-client": "^1.19"
    }
}

composer install
php client.php

results in this:

FusionAuth\ClientResponse::__set_state(array(
   'errorResponse' => 
  (object) array(
     'fieldErrors' => 
    (object) array(
       'registration' => 
      array (
        0 => 
        (object) array(
           'code' => '[missing]registration',
           'message' => 'Your request is missing the Registration information as JSON in the entity-body.',
        ),
      ),
       'userId' => 
      array (
        0 => 
        (object) array(
           'code' => '[couldNotConvert]userId',
           'message' => 'Invalid userId [testanother2@example]. This must be a valid UUID String (e.g. 25a872da-bb44-4af8-a43d-e7bcb5351ebc).',
        ),
      ),
    ),
  ),
   'exception' => NULL,
   'method' => 'POST',
   'request' => 
  array (
    'applicationId' => '85a03867-dccf-4882-adde-1a79aeec50df',
  ),
   'successResponse' => NULL,
   'status' => 400,
))

Is this not what you are seeing if you run my code?

dan

@richb201 said in where to find the /api/status response?:

While I have your attention, I noticed that the passwordless login link expires quickly. Is that time setable?

Yes. You can do it in the tenant settings under the advanced tab, or via the api; it's the passwordlessLoginTimeToLiveInSeconds setting.

richb201

Solved (I think). This line above needed to be changed
from
$client = new FusionAuth\FusionAuthClient($apiKey, "http://localhost:9011");
to
$client = new FusionAuth\FusionAuthClient( $apiKey, "http://fusionauth:9011");

Now I get the error code lijke in your example that will allow me to fix this thing. In your example above you use localhost too. So how does yours work when mine does not? I am using Docker btw. If using fusionauth:9011 will cause me other headaches, please let me know before I break out the champagne!

Also, we discussed putting my client secret in the Oauth login URL. I was concerned about security when doing that. Can you please recommend an easy, more secure place to keep those fields?

dan

I'm not sure how your docker is set up, but if the php code is running in a docker container as well, it won't know what "localhost" refers to. You also have to make sure that port 9011 is mapped which is this section of the docker file:

    ports:
      - 9011:9011

I guess the first step I'd take to troubleshoot this would be to see if I could visit localhost:9011 from my browser to see if FusionAuth in docker was accessible from my local machine.

Also, we discussed putting my client secret in the Oauth login URL. I was concerned about security when doing that. Can you please recommend an easy, more secure place to keep those fields?

I don't recall that discussion, but in general you shouldn't provide the client secret in a url. Can you refresh my memory ?

richb201

Inside the oauth login URL I need to customize the text. To do that I need to get the access token with the following:

$provider = new \League\OAuth2\Client\Provider\GenericProvider([
'clientId' => $client_id,
'clientSecret' => $client_secret,
'redirectUri' => $redirect_uri,
'urlAuthorize' => $fa_url.'/oauth2/authorize',
'urlAccessToken' => $fa_url.'/oauth2/token',
'urlResourceOwnerDetails' => $fa_url.'/oauth2/userinfo'
]);

$accessToken = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]);

This will allow me to get the data that I need to customize the login page. But i am scared to keep clientID and clientSecret in a page accessible to the world. The page is a .php page, so you said I might be OK with it having the clientSecret in it.

Also now that I am getting an error code I can see that the error is not having the data in json format.

stdClass::__set_state(array(
'code' => '[missing]registration',
'message' => 'Your request is missing the Registration information as JSON in the entity-body.',

So I modified this line of the sample code to json encode the array. But I still get the error.
$request = array();
$request["applicationId"] = $applicationID;
$request["loginId"] = "me";
$request["password"] = "abc123";
$requestJ = json_encode($request); //convert the array into json
$result = $client->register("",$requestJ);

dan

@richb201 said in where to find the /api/status response?:

This will allow me to get the data that I need to customize the login page. But i am scared to keep clientID and clientSecret in a page accessible to the world. The page is a .php page, so you said I might be OK with it having the clientSecret in it.

Ah, you should pull that value from the environment (if you are deploying via heroku) or AWS secrets manager (if deploying to AWS) or some other secured manner. I'm not sure how you are hosting the app, but you can ask your hosting provider how they recommend storing app secrets.

'message' => 'Your request is missing the Registration information as JSON in the entity-body.',

If you want to register a user, you need to provide a registration key. That's what the error message is telling you.

I find it helpful to pull up the API documentation and look at the sample request and response JSON docs. That's what FusionAuth is expecting, and all the client libs do is wrap that up in a nice, language specific interface.

HTH.

richb201

This post is deleted!

richb201

Thx. I am working on the AWS secrets "angle" and I managed to get a user registered via the API :). One question regarding testing? I see that even though I have deleted a user via the console, I can't add that same user again (get a 400). How do you deal with this when testing a new system? Once a user has been registered is there no way to delete them so they can be registered again (and again and again) ?

richb201

solved. I needed to type DELETE.