Description
Whenever creating or updating a segment with filters included the response shows error 401 unauthorized.
{
"name": "test",
"alias": null,
"description": "test",
"isPublished": 1,
"isGlobal": true,
"filters": [
{
"glue": "and",
"field": "city",
"type": "text",
"filter": "Prague",
"display": null,
"operator": "="
}
]
}
To my knowledge the error occurs because the filter parameters are stored and sent not only inthe body of the cURL request but also in the header where the authorization params are stored as well.
in the file maut_connector\vendor\mautic\api-library\lib\Auth\OAuth.php
$oAuthHeaders = array_merge($oAuthHeaders, $parameters);
The parameters and the oAuthHeaders are merged and both stored as oAuthHeaders. Now when there are multiple entries in the filter (glue, field, type, etc...) the values in the headers would look something like this if you dump them:
array:2 [
0 => "Authorization: OAuth filters=%3D, filters=Prague, filters=and, filters=city, filters=text, isGlobal=1, isPublished=1, name=this%20is%20a%20test%20segment, oauth_consumer_key=key, oauth_nonce=nonce, oauth_signature=sing%3D, oauth_signature_method=HMAC-SHA1, oauth_timestamp=12341234234, oauth_token=token, oauth_version=1.0"
1 => "Expect:"
]
This is a problem because 'filters' is set multiple times. If you do that the mautic endpoint will return 401 unauthorized.
I don't have a general fix for this problem, however I can provide my workaround:
Replace:
$oAuthHeaders = array_merge($oAuthHeaders, $parameters);
With:
$cleanedParameters = $parameters;
if (array_key_exists('filters', $cleanedParameters)) {
unset($cleanedParameters['filters']);
$oAuthHeaders = array_merge($oAuthHeaders, $cleanedParameters);
} else {
$oAuthHeaders = array_merge($oAuthHeaders, $parameters);
}
If you just remove the array merge of $oAuthHeaders and $parameters other endpoints (e. g. fetching companies) will not work anymore for some reason so you probably don't want to do that.
Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.