Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error: failure to invoke API #113

Open
bkolodnycfsb opened this issue Jun 25, 2024 · 4 comments
Open

Error: failure to invoke API #113

bkolodnycfsb opened this issue Jun 25, 2024 · 4 comments

Comments

@bkolodnycfsb
Copy link

bkolodnycfsb commented Jun 25, 2024

When using client_id and client_secret in the provider I get an error message, but when I use bearer_auth it works fine. Of course I'd rather not have to get the token myself.

One such error message is

│ Error: failure to invoke API

│ with airbyte_destination_snowflake.this["snowflake"],
│ on destinations.tf line 56, in resource "airbyte_destination_snowflake" "this":
│ 56: resource "airbyte_destination_snowflake" "this" {

│ failed to get token: unexpected status code: 404: {"type":"about:blank","status":404}

@ex0ns
Copy link

ex0ns commented Jul 17, 2024

I'm having the same issue with the 0.5.3 when using client_id and client_secret in the provider block:

failed to get token: unexpected status code: 404: {"message":"The current request is not defined by this API.","code":404}

The same code works when using a bearer

sviande added a commit to sviande/terraform-provider-airbyte that referenced this issue Aug 16, 2024
@augustinasbutkus91
Copy link

I am encountering a 401 Unauthorized error when using client_id and client_secret to request a token via Terraform. The same request works successfully when sent using curl or Thunder Client with the payload formatted as a JSON object in the request body. However, when executed through Terraform, the request fails.

After investigating, I found that the root cause seems to be in the doTokenRequest function within the /internal/sdk/internal/hooks/clientcredentials.go file. This function encodes the request body in application/x-www-form-urlencoded format and sets the Content-Type header accordingly. The API server, however, requires the payload to be sent as a JSON object with the application/json content type.

Steps to Reproduce:

  1. Make a token request using client_id and client_secret through Terraform.
  2. Observe the 401 Unauthorized response from the server.
  3. Use curl or Thunder Client to send the same request as a JSON payload.
  4. Observe that the request succeeds with a 200 OK response.

Observed Behavior: Terraform sends the client_id and client_secret in a URL-encoded format with the application/x-www-form-urlencoded content type, resulting in a 401 Unauthorized response.

Expected Behavior: The request should be sent with the client_id and client_secret as a JSON object and the Content-Type header set to application/json, allowing the request to succeed.

Potential Fix: Update the doTokenRequest function to construct a JSON payload and set the Content-Type header to application/json instead of application/x-www-form-urlencoded.

Current code snippet
line 121-125

values := url.Values{}
values.Set("grant_type", "client_credentials")
values.Set("client_id", credentials.ClientID)
values.Set("client_secret", credentials.ClientSecret)

line 148

req.Header.Set("Content-Type", "application/x-www-form-urlencoded")

Suggested modification:

payload := map[string]interface{}{
    "grant_type":    "client_credentials",
    "client_id":     credentials.ClientID,
    "client_secret": credentials.ClientSecret,
}
jsonData, _ := json.Marshal(payload)
...
req.Header.Set("Content-Type", "application/json")

@atomkirk
Copy link

I started randomly getting this across all my sources. I make an http request in terraform to get the workspace id, so I know the credentials are correct. I think this is a misleading bug. I don't think it has to do with the creds actually be wrong. Somehow the creds are failing to load when they loaded fine before? I'm not using any secret/client key. I'm using api keys/tokens for all my sources.

│ Error: failure to invoke API
│ 
│   with airbyte_source_stripe.my_source_stripe,
│   on airbyte.tf line 346, in resource "airbyte_source_stripe" "my_source_stripe":
│  346: resource "airbyte_source_stripe" "my_source_stripe" {
│ 
│ unknown status code returned: Status 401
│ {"message":"Unauthorized","_links":{"self":{"href":"/api/public/v1/sources/71f7cc56-7882-4b36-947e-bcd3405421c4","templated":false}},"_embedded":{"errors":[{"message":"Unauthorized","_links":{},"_embedded":{}}]}}
╵
Operation failed: failed running terraform plan (exit 1)

@yannik207
Copy link

@augustinasbutkus91 do you have a code example where you've implemented it?
I am not able to get it running :D

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

5 participants