BadRequest suddenly being returned when authenticating

Users of my Kanbann app (Trello on the Apple Watch) are suddenly getting Bad Request errors when they authenticate.

I use AWS API Gateway to an AWS Lambda to handle the authentication. I’ve checked the API Key and secret, and the callback URL.

This is an example request:

https://trello.com/1/OAuthGetRequestToken?oauth_callback=https%3A%2F%2Fpfqminew9l.execute-api.us-east-1.amazonaws.com%2FRelease%2Ftoken&scope=read%2Cwrite&expiration=never&name=Kanbann&oauth_nonce=f0813668-43a3-45b0-9490-516d45b5d9b5&oauth_consumer_key=key redacted&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1657575905&oauth_version=1.0&oauth_signature=d1RI%2B4LmCRD2AQKHS05CRCijvOQ%3D 

This was all working yesterday and nothing has changed on my side.

You can try it out at https://pfqminew9l.execute-api.us-east-1.amazonaws.com/Release/token (I mask the Trello error and just return an internal server error to the user).

The account the app is connected to is kranban_watchos@atadore.com

Any ideas? Any way to find out what Trello thinks is bad about the request?

Thanks,
Damian

Hi, Did you check to see if you actually have a bad request? We encountered something similar with our power-up to discover we were sending an invalid-signature on an integration that was working for years without issues, and fixed it when we discovered this.

My recommendation would be to try and see if you can isolate the authentication call within your system to understand if it is correct or not, and try to fix it there. You could also use tools like postman to see if you can get the flow working correctly.

Looping in @bentley from Trello as well.

I’m trying to use a different OAUTH 1.0 library (from C#). At this stage there aren’t many to choose from, and those that do exist have not been updated in years.

I was using GitHub - bittercoder/DevDefined.OAuth: An OAuth Consumer and Provider implemented for .Net now I’m looking into others, although I have a sinking feeling I’ll end up rolling my own.

The example Glitch works Glitch :・゚✧

I have it working.

In case someone else hits this, previously in the Request Token URL (“https://trello.com/1/OAuthGetRequestToken”) I was including the scope, expiration and name, which I should not have been doing. I guess the server-side validation tightened and this no longer was accepted.

1 Like