Skip to content

[Bug]: deleteUser Request is missing API Key #35

New issue
New issue
Open
Open
[Bug]: deleteUser Request is missing API Key#35
Labels
bugSomething isn't working
@romulus-ai

Description

@romulus-ai
romulus-ai
opened on Nov 13, 2024

What happened?

I get an 403 Exception everytime I want to delete a User via API. Creating and Updating works fine.

Problem is here:

onesignal-java-api/api/openapi.yaml

Line 926 in 31e327e

delete:

this is missed:
security:

  • app_key: []

Here the app_key will not be used when trying to delete the user. I will create a PR.

Steps to reproduce?

1. Create a User via API, OpenAPI Object should have defined an "app_key"
2. Try to delete it via deleteUser(...) function (neither via external_id nor onesignal_id it will work)

What did you expect to happen?

User should be deleted

Relevant log output

Message: 
HTTP response code: 403
HTTP response body: {"errors": ["Access denied.  Please include an 'Authorization: ...' header with a valid API key (https://documentation.onesignal.com/docs/accounts-and-keys)."]}

HTTP response headers: {access-control-allow-headers=[OneSignal-Subscription-Id], alt-svc=[h3=":443"; ma=86400], cf-cache-status=[DYNAMIC], cf-ray=[8e1fbc9edf0ed399-FRA], content-type=[text/plain], date=[Wed, 13 Nov 2024 15:18:51 GMT], server=[cloudflare], set-cookie=[__cf_bm=MGjCrFcok.9q0MuLQnDT7KBABDhv11Wmt6JEk7pVK1M-1731511131-1.0.1.1-Fg_mW_7B.ZtHBrqxjVgaeLEan2tj2ZZjU4vQCMdtbLfH5HjSEky5QB2FwdjlddpY21GvKZMA3l9_qONAt_ETBw; path=/; expires=Wed, 13-Nov-24 15:48:51 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None], strict-transport-security=[max-age=15552000; includeSubDomains], via=[1.1 google]}
com.onesignal.client.ApiException: Message: 
HTTP response code: 403
HTTP response body: {"errors": ["Access denied.  Please include an 'Authorization: ...' header with a valid API key (https://documentation.onesignal.com/docs/accounts-and-keys)."]}

HTTP response headers: {access-control-allow-headers=[OneSignal-Subscription-Id], alt-svc=[h3=":443"; ma=86400], cf-cache-status=[DYNAMIC], cf-ray=[8e1fbc9edf0ed399-FRA], content-type=[text/plain], date=[Wed, 13 Nov 2024 15:18:51 GMT], server=[cloudflare], set-cookie=[__cf_bm=MGjCrFcok.9q0MuLQnDT7KBABDhv11Wmt6JEk7pVK1M-1731511131-1.0.1.1-Fg_mW_7B.ZtHBrqxjVgaeLEan2tj2ZZjU4vQCMdtbLfH5HjSEky5QB2FwdjlddpY21GvKZMA3l9_qONAt_ETBw; path=/; expires=Wed, 13-Nov-24 15:48:51 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None], strict-transport-security=[max-age=15552000; includeSubDomains], via=[1.1 google]}
	at app//com.onesignal.client.ApiClient.handleResponse(ApiClient.java:1081)
	at app//com.onesignal.client.ApiClient.execute(ApiClient.java:994)
	at app//com.onesignal.client.ApiClient.execute(ApiClient.java:977)
	at app//com.onesignal.client.api.DefaultApi.deleteUserWithHttpInfo(DefaultApi.java:2074)
	at app//com.onesignal.client.api.DefaultApi.deleteUser(DefaultApi.java:2052)

Code of Conduct

  • I agree to follow this project's Code of Conduct

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions