Page 1 of 1
API 401 Unauthorized - Cannot handle token with nbf prior to xxx
Posted: Sat Jun 15, 2024 10:16 pm
by andyrav
Hi
the following was working in V2023, now failing in 2024.
I have emailed 2fa email, does this cause a issue.
I can get the token ok
put when i try and do a post, response is null
$url = "https://xxxx.net/api/";
$ch2 = curl_init();
$data = array(
"method" => 'post',
"reference" => rand(5, 15),
"formdata" => json_encode($details),
);
curl_setopt($ch2, CURLOPT_URL, $url . 'add/tablename');
curl_setopt($ch2, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch2, CURLOPT_POST, 1);
curl_setopt($ch2, CURLOPT_POSTFIELDS, json_encode($data));
$headers = array();
$headers[] = 'X-Authorization: '.$token['JWT'];
$headers[] = 'Content-Type: application/json';
curl_setopt($ch2, CURLOPT_HTTPHEADER, $headers);
$result = curl_exec($ch2);
$errNo = curl_errno($ch2);
if ($errNo !== 0) {
throw new NetworkException(curl_error($ch2), $errNo);
}
// check HTTP status code
$http_code = curl_getinfo($ch2, CURLINFO_HTTP_CODE);
curl_close($ch2);
$res = json_decode($result);
any ideas?
thanks
Re: Api add 401 Unauthorized V2024
Posted: Sat Jun 15, 2024 10:37 pm
by andyrav
- old SSL session ID is stale, removing
- Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Date: Sat, 15 Jun 2024 14:35:46 GMT
< Server: Apache/2.4.58 (Ubuntu)
< Expires: Thu, 19 Nov 1981 08:52:00 GMT
< Cache-Control: no-store, no-cache, must-revalidate
< Pragma: no-cache
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
< Access-Control-Allow-Headers: X-Requested-With, Origin, X-Authorization
< Access-Control-Allow-Credentials: true
< Set-Cookie: PHPSESSID=ejfu256a24mc7ie46akfu6qccs; path=/; Secure; HttpOnly; SameSite=Strict;
< Transfer-Encoding: chunked
< Content-Type: application/json
<
- Connection #0 to host xxx.xxx.net left intact
object(stdClass)#3 (3) {
["failureMessage"]=>
string(62) "Cannot handle token with nbf prior to 2024-06-15T14:35:56+0000"
["success"]=>
bool(false)
["version"]=>
string(7) "24.12.0"
}
Is is somthing do to with timezone?
timedatectl
Local time: Sat 2024-06-15 15:28:08 BST
Universal time: Sat 2024-06-15 14:28:08 UTC
RTC time: Sat 2024-06-15 14:28:08
Time zone: Europe/London (BST, +0100)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no
Re: Api add 401 Unauthorized
Posted: Sun Jun 16, 2024 10:26 am
by arbei
andyrav wrote:
$headers[] = 'X-Authorization: '.$token['JWT'];
Where is the $token['JWT'] from?
Re: Api add 401 Unauthorized
Posted: Sun Jun 16, 2024 12:21 pm
by andyrav
I have another curl command above to get the token.
Which works find.
Do you have a working example for using php curl to login and add a record.
Thanke
Re: Api add 401 Unauthorized
Posted: Sun Jun 16, 2024 4:49 pm
by arbei
andyrav wrote:
I have another curl command above to get the token.
You better double check that command and make sure the token is created correctly with the expected time or timezone. Make sure the token is retrieved from the same API from the same server or you may have time difference. (The error message clearly said that "Cannot handle token with nbf prior to 2024-06-15T14:35:56+0000".) Also double check your advanced setting API expire time after login (seconds).
Otherwise everything is done on the same server and there should no timeout issue. Also don't try to store the JWT token longer than the expiry time. You may post your complete code for discussion.
Re: API 401 Unauthorized - Cannot handle token with nbf prior to xxx
Posted: Mon Jun 17, 2024 9:28 pm
by andyrav
Many thanks, working now was API access time after login (seconds) was set to 10 seconds