Search code examples
cakephpngrokxero-apicaddy

Why is Xero OAUTH api is no longer returning JSON

I had a working Xero API OAUTH integration, which has suddenly stopped working. I'm getting the following error:

Error: [UnexpectedValueException] Invalid response received from Authorization Server. Expected JSON. in /var/www/html/mnr-be/vendor/league/oauth2-client/src/Provider/AbstractProvider.php on line 539

Here's the relevant part of the composer.lock file:

{
  "name": "cakephp/app",
  ...
  "type": "project",
  "version": "0.4.2",
  "license": "Private, no license granted",
  "repositories": [],
  "require": {
    "php": ">=7.2",
    "burzum/cakephp-service-layer": "^2.0",
    "cakephp/authentication": "^2.6",
    "cakephp/authorization": "^2.0",
    "cakephp/bake": "2.5.x",
    "cakephp/cakephp": "4.2.*",
    "cakephp/migrations": "^3.0",
    "cakephp/plugin-installer": "^1.2",
    "friendsofcake/crud-json-api": "^1.0.1",
    "friendsofcake/search": "^6.0",
    "josegonzalez/dotenv": "dev-master",
    "league/oauth2-client": "^2.5",
    "mobiledetect/mobiledetectlib": "^2.8",
    "robmorgan/phinx": "^0.12.4",
    "symfony/yaml": "^5.1",
    "xeroapi/xero-php-oauth2": "^2.1"
  },

Any idea why? Has the API been changed?

UPDATE The response from the server:

<html>
  <head>
    <title>Access Denied</title>
  </head>
  <body>
    <h1>Access Denied</h1>
    You don't have permission to access
    "http&#58;&#47;&#47;identity&#46;xero&#46;com&#47;connect&#47;token" on this
    server.
    <p>Reference&#32;&#35;18&#46;b0c35068&#46;1667675819&#46;108773f6</p>
  </body>
</html>

According to Xero's documentation (https://developer.xero.com/documentation/guides/oauth2/troubleshooting/#tls-errors):

enter image description here

But I'm using ngrok v2 and caddy v2, which both implement TLS 1.2, so that can't be the problem.

I've also tried updating to "xeroapi/xero-php-oauth2": "2.17.0", the latest version of the library and I get the same error.

Solution

  • Turns out there was an issue with the Xero API's firewall that wasn't letting ngrok through. I wrote to them and they've made a change that solves the issue.