question

Arnout Cator avatar image
Arnout Cator asked ·

500 internal server error on Amazon Developer Portal over curl (and Postman and Alexa nodejs backend)

What is wrong with this auth/02/token curl attempt ?

curl -X POST \

'https://api.amazon.com/auth/o2/token?grant_type=authorization_code&code=RHanZbMtzOukHHGOgGxn&client_id=amzn1.application-oa2-client.852d0f938fbe4bce91b4e3d665f08358&client_secret=a49a7a2c533b52f3a7206f9078f193305ebd397ba293d1ea9eb8c4726e63dadf' \

-H 'Accept: */*' \

-H 'Accept-Encoding: gzip, deflate' \

-H 'Cache-Control: no-cache' \

-H 'Connection: keep-alive' \

-H 'Content-Length: 0' \

-H 'Content-Type: application/x-www-form-urlencoded' \

-H 'Host: api.amazon.com' \

-H 'Postman-Token: e4a80167-d343-42da-b1ee-d67216f72951,aed0c7be-7f89-4ba8-8933-8888102635be' \

-H 'User-Agent: PostmanRuntime/7.19.0' \

-H 'cache-control: no-cache' \

--verbose

* Trying 52.119.196.25...

* TCP_NODELAY set

* Connected to api.amazon.com (52.119.196.25) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* successfully set certificate verify locations:

* CAfile: /etc/ssl/cert.pem

CApath: none

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (IN), TLS handshake, Certificate (11):

* TLSv1.2 (IN), TLS handshake, Server key exchange (12):

* TLSv1.2 (IN), TLS handshake, Server finished (14):

* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):

* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):

* TLSv1.2 (OUT), TLS handshake, Finished (20):

* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):

* TLSv1.2 (IN), TLS handshake, Finished (20):

* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256

* ALPN, server accepted to use http/1.1

* Server certificate:

* subject: C=US; ST=Washington; L=Seattle; O=Amazon.com, Inc.; CN=api.amazon.com

* start date: Feb 6 00:00:00 2020 GMT

* expire date: Feb 4 12:00:00 2021 GMT

* subjectAltName: host "api.amazon.com" matched cert's "api.amazon.com"

* issuer: C=US; O=DigiCert Inc; CN=DigiCert Global CA G2

* SSL certificate verify ok.

> POST /auth/o2/token?grant_type=authorization_code&code=RHanZbMtzOukHHGOgGxn&client_id=amzn1.application-oa2-client.852d0f938fbe4bce91b4e3d665f08358&client_secret=a49a7a2c533b52f3a7206f9078f193305ebd397ba293d1ea9eb8c4726e63dadf HTTP/1.1

> Host: api.amazon.com

> Accept: */*

> Accept-Encoding: gzip, deflate

> Cache-Control: no-cache

> Connection: keep-alive

> Content-Length: 0

> Content-Type: application/x-www-form-urlencoded

> Postman-Token: e4a80167-d343-42da-b1ee-d67216f72951,aed0c7be-7f89-4ba8-8933-8888102635be

> User-Agent: PostmanRuntime/7.19.0

> cache-control: no-cache

>

< HTTP/1.1 500 Internal Server Error

< Server: Server

< Date: Thu, 05 Nov 2020 18:36:47 GMT

< Content-Type: application/json;charset=UTF-8

< Content-Length: 2

< Connection: keep-alive

< x-amz-rid: K2WN36DWQNFDS5J1X78Q

< x-amzn-RequestId: a7131a27-7097-4d12-84e3-b024a5a58cda

< X-Amz-Date: Thu, 05 Nov 2020 18:36:47 GMT

< x-amzn-ErrorType: InternalFailure:http://internal.amazon.com/coral/com.amazon.coral.service/

< Cache-Control: no-cache, no-store, must-revalidate

< Pragma: no-cache

< Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent

<

* Connection #0 to host api.amazon.com left intact

{}* Closing connection 0

amazon developer portal
10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Amazon_Bernardo Bezerra avatar image
Amazon_Bernardo Bezerra answered ·

Hello @Arnout Cator and thank you for your message.

Looking at the request, I noticed that your Content-Length header is set to 0. From the W3 portal, section 14.13:

"The Content-Length entity-header field indicates the size of the entity-body, in decimal number of OCTETs, sent to the recipient or, in the case of the HEAD method, the size of the entity-body that would have been sent had the request been a GET. ... Applications SHOULD use this field to indicate the transfer-length of the message-body, unless this is prohibited by the rules in section 4.4.".

By testing on my own skill and setting the Content-Length to 0, I was able to reproduce the error and got an HTTP 500 response back. Once I removed the header, the authentication process was successful.

If there is no reason for you to have the Content-Length header or if you are unable to calculate it, I would suggest that you remove it entirely.

Regards,
Barry

10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Arnout Cator avatar image
Arnout Cator answered ·

I have tried without content-length and get the same curl, I also tried with a content-length of 500.


curl -X POST \

'https://api.amazon.com/auth/o2/token?grant_type=authorization_code&code=RHanZbMtzOukHHGOgGxn&client_id=amzn1.application-oa2-client.8997938a33a3410c921a3cb638c55fc8&client_secret=5352c993e908f7b9fe431e61c12534d18dbe9dd59374886645311181bce74c8b' \

-H 'Accept: */*' \

-H 'Accept-Encoding: gzip, deflate' \

-H 'Authorization: Basic YXJub3V0LmNhdG91cjpzeTdBc2VtNlpQISFHNTA=' \

-H 'Cache-Control: no-cache' \

-H 'Connection: keep-alive' \

-H 'Content-Type: application/x-www-form-urlencoded' \

-H 'Host: api.amazon.com' \

-H 'Postman-Token: a50c7686-9fe8-4ecb-bc0e-981adc728945,b12daa66-dbf6-44be-83c1-4c640f1c6646' \

-H 'User-Agent: PostmanRuntime/7.19.0' \

-H 'cache-control: no-cache' \

--verbose

* Trying 72.21.207.143...

* TCP_NODELAY set

* Connected to api.amazon.com (72.21.207.143) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* successfully set certificate verify locations:

* CAfile: /etc/ssl/cert.pem

CApath: none

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (IN), TLS handshake, Certificate (11):

* TLSv1.2 (IN), TLS handshake, Server key exchange (12):

* TLSv1.2 (IN), TLS handshake, Server finished (14):

* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):

* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):

* TLSv1.2 (OUT), TLS handshake, Finished (20):

* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):

* TLSv1.2 (IN), TLS handshake, Finished (20):

* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256

* ALPN, server accepted to use http/1.1

* Server certificate:

* subject: C=US; ST=Washington; L=Seattle; O=Amazon.com, Inc.; CN=api.amazon.com

* start date: Feb 6 00:00:00 2020 GMT

* expire date: Feb 4 12:00:00 2021 GMT

* subjectAltName: host "api.amazon.com" matched cert's "api.amazon.com"

* issuer: C=US; O=DigiCert Inc; CN=DigiCert Global CA G2

* SSL certificate verify ok.

> POST /auth/o2/token?grant_type=authorization_code&code=RHanZbMtzOukHHGOgGxn&client_id=amzn1.application-oa2-client.8997938a33a3410c921a3cb638c55fc8&client_secret=5352c993e908f7b9fe431e61c12534d18dbe9dd59374886645311181bce74c8b HTTP/1.1

> Host: api.amazon.com

> Accept: */*

> Accept-Encoding: gzip, deflate

> Authorization: Basic YXJub3V0LmNhdG91cjpzeTdBc2VtNlpQISFHNTA=

> Cache-Control: no-cache

> Connection: keep-alive

> Content-Type: application/x-www-form-urlencoded

> Postman-Token: a50c7686-9fe8-4ecb-bc0e-981adc728945,b12daa66-dbf6-44be-83c1-4c640f1c6646

> User-Agent: PostmanRuntime/7.19.0

> cache-control: no-cache

>

< HTTP/1.1 500 Internal Server Error

< Server: Server

< Date: Fri, 06 Nov 2020 11:29:42 GMT

< Content-Type: application/json;charset=UTF-8

< Content-Length: 2

< Connection: keep-alive

< x-amz-rid: SN20ZJ60878QTKA20S3E

< x-amzn-RequestId: c31cac3d-c99f-44bc-ac6c-105f17819b93

< X-Amz-Date: Fri, 06 Nov 2020 11:29:42 GMT

< x-amzn-ErrorType: InternalFailure:http://internal.amazon.com/coral/com.amazon.coral.service/

< Cache-Control: no-cache, no-store, must-revalidate

< Pragma: no-cache

< Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent

<

* Connection #0 to host api.amazon.com left intact

{}* Closing connection 0

3 comments
10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Hello and thank you for your message @Arnout Cator.

Comparing the request you pasted with the one in the documentation, I noticed a few differences, mainly with the headers that are being sent on your request.

Using the example listed in the documentation and a cURL command generator, I arrived at the following working command:

curl -X POST \
  'https://api.amazon.com/auth/o2/token' \
  -H 'content-type: application/x-www-form-urlencoded' \
  -d grant_type=authorization_code \
  -d code=<yourAuthCode> \
  -d client_id=<yourClientId> \
  -d client_secret=<yourClientSecret> \
  --verbose

Which generated the expected access and refresh tokens.

Note that code is short lived and unique and once it gets exchanged for the tokens, it cannot be reused.

Regards,
Barry

0 Likes 0 ·

Have you been able to resolve the issue?

0 Likes 0 ·

As this is a slightly older thread, I would suggest posting a new thread with more information specific to your query.

0 Likes 0 ·