Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: deleteUser Request is missing API Key #35

Open
1 task done
romulus-ai opened this issue Nov 13, 2024 · 1 comment
Open
1 task done

[Bug]: deleteUser Request is missing API Key #35

romulus-ai opened this issue Nov 13, 2024 · 1 comment
Labels
bug Something isn't working

Comments

@romulus-ai
Copy link

What happened?

I get an 403 Exception everytime I want to delete a User via API. Creating and Updating works fine.

Problem is here:

onesignal-java-api/api/openapi.yaml

Line 926 in 31e327e

delete:

this is missed:
security:

  • app_key: []

Here the app_key will not be used when trying to delete the user. I will create a PR.

Steps to reproduce?

1. Create a User via API, OpenAPI Object should have defined an "app_key"
2. Try to delete it via deleteUser(...) function (neither via external_id nor onesignal_id it will work)

What did you expect to happen?

User should be deleted

Relevant log output

Message: 
HTTP response code: 403
HTTP response body: {"errors": ["Access denied.  Please include an 'Authorization: ...' header with a valid API key (https://documentation.onesignal.com/docs/accounts-and-keys)."]}

HTTP response headers: {access-control-allow-headers=[OneSignal-Subscription-Id], alt-svc=[h3=":443"; ma=86400], cf-cache-status=[DYNAMIC], cf-ray=[8e1fbc9edf0ed399-FRA], content-type=[text/plain], date=[Wed, 13 Nov 2024 15:18:51 GMT], server=[cloudflare], set-cookie=[__cf_bm=MGjCrFcok.9q0MuLQnDT7KBABDhv11Wmt6JEk7pVK1M-1731511131-1.0.1.1-Fg_mW_7B.ZtHBrqxjVgaeLEan2tj2ZZjU4vQCMdtbLfH5HjSEky5QB2FwdjlddpY21GvKZMA3l9_qONAt_ETBw; path=/; expires=Wed, 13-Nov-24 15:48:51 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None], strict-transport-security=[max-age=15552000; includeSubDomains], via=[1.1 google]}
com.onesignal.client.ApiException: Message: 
HTTP response code: 403
HTTP response body: {"errors": ["Access denied.  Please include an 'Authorization: ...' header with a valid API key (https://documentation.onesignal.com/docs/accounts-and-keys)."]}

HTTP response headers: {access-control-allow-headers=[OneSignal-Subscription-Id], alt-svc=[h3=":443"; ma=86400], cf-cache-status=[DYNAMIC], cf-ray=[8e1fbc9edf0ed399-FRA], content-type=[text/plain], date=[Wed, 13 Nov 2024 15:18:51 GMT], server=[cloudflare], set-cookie=[__cf_bm=MGjCrFcok.9q0MuLQnDT7KBABDhv11Wmt6JEk7pVK1M-1731511131-1.0.1.1-Fg_mW_7B.ZtHBrqxjVgaeLEan2tj2ZZjU4vQCMdtbLfH5HjSEky5QB2FwdjlddpY21GvKZMA3l9_qONAt_ETBw; path=/; expires=Wed, 13-Nov-24 15:48:51 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None], strict-transport-security=[max-age=15552000; includeSubDomains], via=[1.1 google]}
	at app//com.onesignal.client.ApiClient.handleResponse(ApiClient.java:1081)
	at app//com.onesignal.client.ApiClient.execute(ApiClient.java:994)
	at app//com.onesignal.client.ApiClient.execute(ApiClient.java:977)
	at app//com.onesignal.client.api.DefaultApi.deleteUserWithHttpInfo(DefaultApi.java:2074)
	at app//com.onesignal.client.api.DefaultApi.deleteUser(DefaultApi.java:2052)

Code of Conduct

  • I agree to follow this project's Code of Conduct
@romulus-ai romulus-ai added the bug Something isn't working label Nov 13, 2024
@romulus-ai romulus-ai mentioned this issue Nov 13, 2024
Open
6 tasks
@sherwinski
Copy link
Contributor

Thanks for reporting this @romulus-ai. Our team will work on patching in the fix and releasing a new version to address this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@romulus-ai @sherwinski