Getting 401 Unauthorized when using Feign Framework, not when using HttpRequest Library
When trying to call the request to save a case, if I use HttpRequest Library as shown below it works fine:
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
https://rms-world-check-one-api.thomsonreuters.com/v1/cases
.uri(URI.create("https://rms-world-check-one-api.thomsonreuters.com/v1/cases"))
.header("Content-Type", "application/json")
.header("Authorization", authorisationString) //authorisationString computed in a different part of the code
.header("Date", currentDateString)
.POST(HttpRequest.BodyPublishers.ofString(body)) //body of the request
.build();
HttpResponse<String> response = client.send(request,
HttpResponse.BodyHandlers.ofString());
return content.readValue(response.body(), ResponseCase.class);
The above works fine.
However, when I try to use Feign Framework along with Spring, it gives me 401 error, even though we have been using it with these frameworks for years and we haven't changed anything in the code below:
@Configuration
public class ThomsonServiceClientConfig {
@Bean
public ThomsonServiceClient caseClient(ThomsonServiceContext context) {
return Feign.builder()
.logLevel(Logger.Level.BASIC)
.logger(new Slf4jLogger())
.decoder(new JacksonDecoder())
.target(ThomsonServiceClient.class, "https://rms-world-check-one-api.thomsonreuters.com");
}
}
public interface ThomsonServiceClient {
@RequestLine("POST /v1/cases")
@Headers({ "Content-Type: application/json", "Authorization: {auth}", "Date: {date}" })
ResponseCase getCase(@Param("auth") String auth, @Param("date") String date, String requestBody);
}
Having the above classes, when calling this:
return executor.submit(() -> thomsonServiceClient.getCase(authorisationString, currentDateString, body)).get(); //same authorisationString and currentDate as in the httpRequest snippet
It returns the following Exceptions:
Caused by: java.util.concurrent.ExecutionException: feign.FeignException$Unauthorized: [401] during [POST] to [https://rms-world-check-one-api.thomsonreuters.com/v1/cases] [ThomsonServiceClient#getCase(String,String,String)]: []
at java.base/java.util.concurrent.FutureTask.report(FutureTask.java:122) ~[na:na]
at java.base/java.util.concurrent.FutureTask.get(FutureTask.java:191) ~[na:na]
at com.emso.nebula.sanction.thomson.webservice.ThomsonService.getCase(ThomsonService.java:78) ~[classes/:na]
... 99 common frames omitted
Caused by: feign.FeignException$Unauthorized: [401] during [POST] to [https://rms-world-check-one-api.thomsonreuters.com/v1/cases] [ThomsonServiceClient#getCase(String,String,String)]: []
at feign.FeignException.clientErrorStatus(FeignException.java:197) ~[feign-core-10.10.1.jar:na]
at feign.FeignException.errorStatus(FeignException.java:177) ~[feign-core-10.10.1.jar:na]
at feign.FeignException.errorStatus(FeignException.java:169) ~[feign-core-10.10.1.jar:na]
at feign.codec.ErrorDecoder$Default.decode(ErrorDecoder.java:92) ~[feign-core-10.10.1.jar:na]
We have been calling the WC1 api using Feign and Spring for a long time now, we just started seeing these errors this week.
Best Answer
-
Thank you for replying. Turns out, we updated recently spring boot that automatically updated Feign from 10.9 to 10.10.1. This introduced a bug in Feign where it automatically appends a space next to each comma in the header values. So it was messing up the authorization token and the Date.
The bug is already reported here:
0
Answers
-
Thank you for your query.
Can you please share the raw request and response headers of the failed API call along with the request body?
0
Categories
- All Categories
- 6 AHS
- 37 Alpha
- 161 App Studio
- 4 Block Chain
- 4 Bot Platform
- 16 Connected Risk APIs
- 47 Data Fusion
- 30 Data Model Discovery
- 608 Datastream
- 1.3K DSS
- 577 Eikon COM
- 4.9K Eikon Data APIs
- 7 Electronic Trading
- Generic FIX
- 7 Local Bank Node API
- Trading API
- 2.7K Elektron
- 1.3K EMA
- 236 ETA
- 519 WebSocket API
- 33 FX Venues
- 10 FX Market Data
- 1 FX Post Trade
- 1 FX Trading - Matching
- 12 FX Trading – RFQ Maker
- 5 Intelligent Tagging
- 2 Legal One
- 20 Messenger Bot
- 2 Messenger Side by Side
- 9 ONESOURCE
- 7 Indirect Tax
- 59 Open Calais
- 264 Open PermID
- 39 Entity Search
- 2 Org ID
- PAM
- PAM - Logging
- 8.4K Private Comments
- 6 Product Insight
- Project Tracking
- ProView
- ProView Internal
- 20 RDMS
- 1.4K Refinitiv Data Platform
- 367 Refinitiv Data Platform Libraries
- 3 Refinitiv Due Diligence
- LSEG Due Diligence Portal API
- 3 Refinitiv Due Dilligence Centre
- Rose's Space
- 1.1K Screening
- 18 Qual-ID API
- 13 Screening Deployed
- 23 Screening Online
- 10 World-Check Customer Risk Screener
- 990 World-Check One
- 44 World-Check One Zero Footprint
- 45 Side by Side Integration API
- Test Space
- 3 Thomson One Smart
- 1.2K TR Internal
- Global Hackathon 2015
- 2 Specialists Who Code
- 10 TR Knowledge Graph
- 150 Transactions
- 142 REDI API
- 1.7K TREP APIs
- 4 CAT
- 21 DACS Station
- 117 Open DACS
- 1.1K RFA
- 103 UPA
- 172 TREP Infrastructure
- 224 TRKD
- 886 TRTH
- 5 Velocity Analytics
- 5 Wealth Management Web Services
- 59 Workspace SDK
- 9 Element Framework
- 5 Grid
- 13 World-Check Data File
- Yield Book Analytics
- 46 中文论坛