Skip to content

Client expiration handling issue: 401 Unauthorized errors wrapped as 500 Internal Server Error #108

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
4reha opened this issue Jun 19, 2024 · 1 comment
Open

Client expiration handling issue: 401 Unauthorized errors wrapped as 500 Internal Server Error #108

4reha opened this issue Jun 19, 2024 · 1 comment

Comments

@4reha
Copy link

4reha commented Jun 19, 2024
edited
Loading

Expected Behaviour

According to the documentation, the refreshClient function should be called when the ACC session expires due to token expiration. This allows the client to refresh the token and retry the failed SOAP call.

Actual Behaviour

When the token expires, the refresh callback never called, and the sdk returns a 500 Internal Server Error with the following error message:

CampaignException {
name: 'CampaignException',
message: "500 - Error SOAP-ENV:Client calling method 'xtk:persist#GetEntityIfMoreRecent': SOP-330007 Error while reading parameters of method 'GetEntityIfMoreRecent' of service 'xtk:persist'. XSV-350114 Unknown error during '/ims/profile/v1' IMS call, HTTP response code is 401",
statusCode: 500,
// ... (rest of the error object)
}

The error message indicates that the underlying issue is a 401 Unauthorized error, but it's being wrapped as a 500 Internal Server Error. As a result, the SDK's condition ex.statusCode == 401 is not met, and the refreshClient function is never called.

 // Call session expiration callback in case of 401
if (ex.statusCode == 401 && that._refreshClient && soapCall.retry) {
    return this._retrySoapCall(soapCall);
} else
    return Promise.reject(ex);

Reproduce Scenario (including but not limited to)

Steps to Reproduce

  1. Initialize the SDK with a refreshClient function, similar to the following:
const connectionParameters = sdk.ConnectionParameters.ofImsBearerToken(
  "https://myInstance.campaign.adobe.com",
  "ims_bearer_token",
  {
    timeout: 10000,
    refreshClient: async (client) => {
      // Token refresh logic here
      return client;
    }
  }
);
  1. Perform a SOAP call that requires an active token.
  2. Wait 24hrs for the token to expire. (or you can sipmly try with invalid one, to see if the refresh callback will be called once)
  3. Observe the 500 Internal Server Error with the error message indicating a 401 Unauthorized error.

Platform and Version

  • NestJS
  • @adobe/acc-js-sdk: "^1.1.47",
@mkiki
Copy link
Contributor

mkiki commented Jun 21, 2024

Hello, thanks for the detailed bug report, this is indeed an issue when using IMS authentication: the HTTP 401 error is hidden inside the error message and therefore not correctly handled by the SDK.
I'll provide a fix shortly.

@mkiki mkiki mentioned this issue Sep 4, 2024
Closed
@mkiki mkiki mentioned this issue Oct 1, 2024
Open
8 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mkiki @4reha