question

itiievskyi avatar image
0 Likes"
itiievskyi asked ·

OAuth2 fails with code 400 and empty response (PROD only)

Hi,

I created small python library to serve and eBay application and work with clients' orders using access tokens. I used this flow https://developer.ebay.com/api-docs/static/oauth-authorization-code-grant.html and my application successfully worked for about a month.

But now every time I try to exchange the user's auth code to access token, I get 400 error from eBay API. The main problem is that the response content is empty so I can't see any kind of explanation of what is going on (see response). As for sandbox, all works well. I didn't change anything after ~40 users successfully authorized through my application.


I'll appreciate any help.

oauth2auth-tokenaccess tokenauthorization
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

lapstore-muenster avatar image
0 Likes"
lapstore-muenster answered ·

Uh, oh, we actually had an extra white space in the Authorization header nobody noticed, not even the sandbox server.
(e.g. "Authorization : ..." instead of "Authorization: ...")

·
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

lapstore-muenster avatar image
0 Likes"
lapstore-muenster answered ·

Solved! My conjecture is that eBay added some low level filters to their proxy on the https://api.sandbox.ebay.com/identity/v1/oauth2/token endpoint to reduce brute force load and those filters now filter out your legit call. As a temporary workaround I now use command line curl (escapeshellarg() for teh win!) for oauth token retrieval.

·
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.