FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login

    where to find the /api/status response?

    Scheduled Pinned Locked Moved
    General Discussion
    2
    17
    36.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • danD
      dan
      last edited by

      That's interesting. I wouldn't think it would be an error. Can you do an export of the $result object and share that?

      $apiKey = "s-S2l2DNOpEgjjDlZ2MXnU4QGARj8UszS_BVnvugGoc";
              $client = new FusionAuth\FusionAuthClient( $apiKey, "http://localhost:9011");
              $applicationID="32688330-1630-4e0d-a4de-8ae45c3ca527";
      
              $request = array();
              $request["applicationId"] = $applicationID;
              $request["loginId"] = "richb201@gmail.com";
              $request["password"] = "abc123";
              $result = $client->register("richb201@gmail.com",$request);
              echo var_export($result, true);
      
      
              if (!$result->wasSuccessful()) {
                  echo "error";
              } else {
                  echo var_export($result->successResponse, true);
             }
      

      --
      FusionAuth - Auth so modern you can download it.
      https://fusionauth.io

      1 Reply Last reply Reply Quote 0
      • R
        richb201
        last edited by richb201

        Screenshot from 2020-10-16 15-56-54.png

        Logic check: Since the same code works in your environment isn't it likely that there is something wrong with the setup of my application? The lack of a decent error code is an issue.

        danD 1 Reply Last reply Reply Quote 0
        • R
          richb201
          last edited by richb201

          While I have your attention, I noticed that the passwordless login link expires quickly. Is that time setable?

          Also, I am trying to use this as the URL: http://localhost/index.php/Configure/MyFormEmployees but the menu won't seem to store that. That path works fine from my browser address line.

          1 Reply Last reply Reply Quote 0
          • danD
            dan @richb201
            last edited by

            Ah, I see the issue, I think, @richb201

            If you are trying to register, you want to build a json object as documented here

            You want to post to this url: /api/user/registration/{userId}. The userId will be something like 6fdacf40-828d-4aaa-8a5a-2119bee94b67 but it looks like you are using the email address of the user.

            You also don't need the loginId or the password field (because the user already exists). If the user didn't exist, you'd want to use the fields documented here

            I didn't try to run your code in the past, but running this now gives me an error: [couldNotConvert]userId.

            client.php:

            <?php 
            
            require __DIR__ . '/vendor/autoload.php';
            
            $apiKey = "SNjNZj8jz4A_5BeL07pF901nwlLxRQ3CK6shpuIFQkg";
            $client = new FusionAuth\FusionAuthClient($apiKey, "http://localhost:9011");
            
            $applicationId = "85a03867-dccf-4882-adde-1a79aeec50df";
            
            $request = array();
            $request["applicationId"] = $applicationId;
            #$request["loginId"] = "testanother3@example.com";
            $result = $client->register("testanother2@example.com",$request);
            echo var_export($result, true);
            
            

            composer.json:

            {
                "require": {
                  "fusionauth/fusionauth-client": "^1.19"
                }
            }
            
            composer install
            php client.php
            

            results in this:

            FusionAuth\ClientResponse::__set_state(array(
               'errorResponse' => 
              (object) array(
                 'fieldErrors' => 
                (object) array(
                   'registration' => 
                  array (
                    0 => 
                    (object) array(
                       'code' => '[missing]registration',
                       'message' => 'Your request is missing the Registration information as JSON in the entity-body.',
                    ),
                  ),
                   'userId' => 
                  array (
                    0 => 
                    (object) array(
                       'code' => '[couldNotConvert]userId',
                       'message' => 'Invalid userId [testanother2@example]. This must be a valid UUID String (e.g. 25a872da-bb44-4af8-a43d-e7bcb5351ebc).',
                    ),
                  ),
                ),
              ),
               'exception' => NULL,
               'method' => 'POST',
               'request' => 
              array (
                'applicationId' => '85a03867-dccf-4882-adde-1a79aeec50df',
              ),
               'successResponse' => NULL,
               'status' => 400,
            ))
            

            Is this not what you are seeing if you run my code?

            --
            FusionAuth - Auth so modern you can download it.
            https://fusionauth.io

            1 Reply Last reply Reply Quote 0
            • danD
              dan
              last edited by

              @richb201 said in where to find the /api/status response?:

              While I have your attention, I noticed that the passwordless login link expires quickly. Is that time setable?

              Yes. You can do it in the tenant settings under the advanced tab, or via the api; it's the passwordlessLoginTimeToLiveInSeconds setting.

              --
              FusionAuth - Auth so modern you can download it.
              https://fusionauth.io

              1 Reply Last reply Reply Quote 0
              • R
                richb201
                last edited by

                Solved (I think). This line above needed to be changed
                from
                $client = new FusionAuth\FusionAuthClient($apiKey, "http://localhost:9011");
                to
                $client = new FusionAuth\FusionAuthClient( $apiKey, "http://fusionauth:9011");

                Now I get the error code lijke in your example that will allow me to fix this thing. In your example above you use localhost too. So how does yours work when mine does not? I am using Docker btw. If using fusionauth:9011 will cause me other headaches, please let me know before I break out the champagne!

                Also, we discussed putting my client secret in the Oauth login URL. I was concerned about security when doing that. Can you please recommend an easy, more secure place to keep those fields?

                1 Reply Last reply Reply Quote 1
                • danD
                  dan
                  last edited by

                  I'm not sure how your docker is set up, but if the php code is running in a docker container as well, it won't know what "localhost" refers to. You also have to make sure that port 9011 is mapped which is this section of the docker file:

                      ports:
                        - 9011:9011
                  

                  I guess the first step I'd take to troubleshoot this would be to see if I could visit localhost:9011 from my browser to see if FusionAuth in docker was accessible from my local machine.

                  Also, we discussed putting my client secret in the Oauth login URL. I was concerned about security when doing that. Can you please recommend an easy, more secure place to keep those fields?

                  I don't recall that discussion, but in general you shouldn't provide the client secret in a url. Can you refresh my memory 🙂 ?

                  --
                  FusionAuth - Auth so modern you can download it.
                  https://fusionauth.io

                  1 Reply Last reply Reply Quote 0
                  • R
                    richb201
                    last edited by

                    Inside the oauth login URL I need to customize the text. To do that I need to get the access token with the following:

                    $provider = new \League\OAuth2\Client\Provider\GenericProvider([
                    'clientId' => $client_id,
                    'clientSecret' => $client_secret,
                    'redirectUri' => $redirect_uri,
                    'urlAuthorize' => $fa_url.'/oauth2/authorize',
                    'urlAccessToken' => $fa_url.'/oauth2/token',
                    'urlResourceOwnerDetails' => $fa_url.'/oauth2/userinfo'
                    ]);

                    $accessToken = $provider->getAccessToken('authorization_code', ['code' => $_GET['code']]);

                    This will allow me to get the data that I need to customize the login page. But i am scared to keep clientID and clientSecret in a page accessible to the world. The page is a .php page, so you said I might be OK with it having the clientSecret in it.

                    Also now that I am getting an error code 🙂 I can see that the error is not having the data in json format.

                    stdClass::__set_state(array(
                    'code' => '[missing]registration',
                    'message' => 'Your request is missing the Registration information as JSON in the entity-body.',

                    So I modified this line of the sample code to json encode the array. But I still get the error.
                    $request = array();
                    $request["applicationId"] = $applicationID;
                    $request["loginId"] = "me";
                    $request["password"] = "abc123";
                    $requestJ = json_encode($request); //convert the array into json
                    $result = $client->register("",$requestJ);

                    1 Reply Last reply Reply Quote 0
                    • danD
                      dan
                      last edited by

                      @richb201 said in where to find the /api/status response?:

                      This will allow me to get the data that I need to customize the login page. But i am scared to keep clientID and clientSecret in a page accessible to the world. The page is a .php page, so you said I might be OK with it having the clientSecret in it.

                      Ah, you should pull that value from the environment (if you are deploying via heroku) or AWS secrets manager (if deploying to AWS) or some other secured manner. I'm not sure how you are hosting the app, but you can ask your hosting provider how they recommend storing app secrets.

                      'message' => 'Your request is missing the Registration information as JSON in the entity-body.',

                      If you want to register a user, you need to provide a registration key. That's what the error message is telling you.

                      I find it helpful to pull up the API documentation and look at the sample request and response JSON docs. That's what FusionAuth is expecting, and all the client libs do is wrap that up in a nice, language specific interface.

                      HTH.

                      --
                      FusionAuth - Auth so modern you can download it.
                      https://fusionauth.io

                      1 Reply Last reply Reply Quote 0
                      • R
                        richb201
                        last edited by richb201

                        This post is deleted!
                        1 Reply Last reply Reply Quote 0
                        • R
                          richb201
                          last edited by

                          Thx. I am working on the AWS secrets "angle" and I managed to get a user registered via the API :). One question regarding testing? I see that even though I have deleted a user via the console, I can't add that same user again (get a 400). How do you deal with this when testing a new system? Once a user has been registered is there no way to delete them so they can be registered again (and again and again) ?

                          1 Reply Last reply Reply Quote 0
                          • R
                            richb201
                            last edited by

                            solved. I needed to type DELETE.

                            1 Reply Last reply Reply Quote 1
                            • First post
                              Last post