Support with Release Error 401

runo778899 · December 10, 2024, 11:23am

Hello, I am using cryptlex web api for releases.

When a user is successfully authenticated, it calls my web-based server (nextjs/ts) which sends a request to cryptlex API with the link access token etc.

But when it’s called, I get error 401, which means my access token is invalid, however, it has every single permisson avaliable to grant including release read/write.

Can someone help? Thanks
HTTP/1.1 401 Unauthorized
Content-Type: application/json; charset=utf-8
ETag: “qs7jx1l72814”
Content-Length: 40
Vary: Accept-Encoding
Date: Tue, 10 Dec 2024 11:20:05 GMT
Connection: close

Received response from HTTPS GET request:
- Status Code: 401
- Headers: {“content-length”:“0”,“connection”:“keep-alive”,“server”:“CloudFront”,“date”:“Tue, 10 Dec 2024 11:27:37 GMT”,“cache-control”:“max-age=0”,“x-cache”:“Miss from cloudfront”,“via”:“1.1 ed714340561a82eb64e0092ff1378696.cloudfront.net (CloudFront)”,“x-amz-cf-pop”:“SYD62-P3”,“x-amz-cf-id”:“A0Hy-nD4LwpAOmACenRlDuE5wEFK2iqfEdi57Ib9pYCXU448uTX2Yg==”}
Failed to fetch release file. Status Code: 401
Error Details:
HTTPS request connection closed.

{“error”:“Failed to fetch release file”}

Also: if there’s a more secure way, specifically with lexactivator to call release builds, please lmk.

import { NextApiRequest, NextApiResponse } from 'next';
import https from 'https';

export default async function handler(req: NextApiRequest, res: NextApiResponse) {
    console.log("API endpoint /api/release triggered");

    // Validate environment variables
    const releaseUrl = process.env.CRYPTLEX_RELEASE_URL;
    const accessToken = process.env.CRYPTLEX_ACCESS_TOKEN;

    if (!releaseUrl || !accessToken) {
        console.error("Environment variables are missing. Ensure CRYPTLEX_RELEASE_URL and CRYPTLEX_ACCESS_TOKEN are set.");
        res.status(500).json({ error: "Missing required environment variables" });
        return;
    }
    console.log(`Environment variables loaded:
    - CRYPTLEX_RELEASE_URL: ${releaseUrl}
    - CRYPTLEX_ACCESS_TOKEN: ${accessToken ? "Present" : "Missing"}`);

    // HTTPS Request Options
    const options = {
        method: 'GET',
        headers: {
            Authorization: `Bearer ${accessToken}`,
        },
    };

    console.log("Starting HTTPS GET request to fetch release file...");
    console.log(`Request URL: ${releaseUrl}`);
    console.log(`Request Options: ${JSON.stringify(options)}`);

    // HTTPS Request
    const httpsRequest = https.request(releaseUrl, options, (streamRes) => {
        console.log(`Received response from HTTPS GET request:
        - Status Code: ${streamRes.statusCode}
        - Headers: ${JSON.stringify(streamRes.headers)}`);

        if (streamRes.statusCode !== 200) {
            let errorData = '';
            streamRes.on('data', (chunk) => (errorData += chunk));
            streamRes.on('end', () => {
                console.error(`Failed to fetch release file. Status Code: ${streamRes.statusCode}`);
                console.error(`Error Details: ${errorData}`);
                res.status(streamRes.statusCode!).json({
                    error: `Failed to fetch release file. Status Code: ${streamRes.statusCode}`,
                    details: errorData,
                });
            });
            return;
        }

        // Set Response Headers for File Download
        const contentType = streamRes.headers['content-type'] || 'application/octet-stream';
        console.log(`Setting response headers:
        - Content-Type: ${contentType}
        - Content-Disposition: attachment; filename="test_file.txt"`);

        res.setHeader('Content-Disposition', `attachment; filename="test_file.txt"`);
        res.setHeader('Content-Type', contentType);

        console.log("Piping the response stream to the client...");
        streamRes.pipe(res);

        streamRes.on('end', () => {
            console.log("Successfully streamed the release file to the client.");
        });
    });

    // Handle HTTPS Request Errors
    httpsRequest.on('error', (err) => {
        console.error("An error occurred during the HTTPS request:", err.message);
        console.error("Error Stack Trace:", err.stack);
        res.status(500).json({ error: "Internal server error", details: err.message });
    });

    httpsRequest.on('timeout', () => {
        console.error("HTTPS request timed out.");
        res.status(504).json({ error: "Request timed out" });
    });

    httpsRequest.on('close', () => {
        console.log("HTTPS request connection closed.");
    });

    // End the request
    httpsRequest.end();
    console.log("HTTPS GET request sent.");
}

runo778899 · December 11, 2024, 8:02am

I’d appreciate an answer at the earliest possible.

adnan-kamili · December 11, 2024, 8:20am

Hi Runo,

Can you explain your use-case? You should be able to achieve something similar just using LexActiavtor instead of making web api calls through a proxy.

runo778899 · December 11, 2024, 8:21am

Use case is streaming files when a user is authenticated, my brand is a game engineering tool and once the user is authenticated it should stream said file with security.

adnan-kamili · December 11, 2024, 8:32am

I mean flow in case of license activation. What exactly do you mean by authentication?

runo778899 · December 11, 2024, 8:33am

When the user’s license is valid, it streams the release file.

adnan-kamili · December 11, 2024, 8:48am

Release management is primarily meant for storing your application releases and providing software update notifications in-app to your customers. It doesn’t actually secure any file, all files have fixed URLS with license key as query param (for simple security) and if URL is made public anyone can download the file.