I am trying to update product inventory with a template call.
the template called JSON_Push looks like this with codes redacted:
<mvt:comment>
Replace Access token and signature
</mvt:comment>
<mvt:assign name="g.endpoint" value ="'https://redacted.com/mm5/json.mvc'" />
<mvt:assign name="g.access_token" value ="'redacetd'" />
<mvt:assign name="g.signature" value ="crypto_base64_decode('redacted')" />
<mvt:assign name="g.timestamp" value="' "Miva_Request_Timestamp" : ' $ '"' $ s.time_t $ '",' " />
<mvt:assign name="g.json_data" value="'{' $ g.timestamp $ '
"Store_Code": "foryourbird",
"Function": "Product_Update",
"Product_Code": "suncoc3",
"Product_Inventory": "50"
}
'"/>
<mvt:assign name="g.ok" value="crypto_hmac_sha256(g.json_data,g.signature, 'binary',g.hmac_response)" />
<mvt:assign name="l.ok" value="crypto_hmac_sha256(g.json_data,g.signature, 'binary',g.hmac_response)" />
<mvt:assign name="g.b64encoded_hmac_response" value="crypto_base64_encode(g.hmac_response)" />
<mvt:assign name="g.headers" value="'X-Miva-API-Authorization: MIVA-HMAC-SHA256 ' $ g.access_token $ ':' $ g.b64encoded_hmac_response $ asciichar( 13 ) $ asciichar( 10 )" />
<mvt:call action="g.endpoint" method="'raw'" headers="g.headers" content-type="'application/json'" fields="'g.json_data'">
<mvt:assign name="g.response" value="g.response $ s.callvalue" />
</mvt:call>
Product_Update: <br>
<textarea>
&mvt:global:response;
&mvt:global:headers;
&mvt:global:json_data;
</textarea>
I submit https://www.xxx.com/mm5/merchant.mvc?Screen=json_push to the browser
The result when submitting to browser:
Product_Update: <br>
<textarea>
{
"success": 0,
"error_code": "access_denied",
"error_message": "Access denied"
}
X-Miva-API-Authorization: MIVA-HMAC-SHA256 bc883edcfb286790b0696d5f90c719f3:Et7DoUsYxhkIY/QC6ojRua1FiVBSvcfRJvCYduUkI1w=
{ "Miva_Request_Timestamp" : "1655487956",
"Store_Code": "redacted",
"Function": "Product_Update",
"Product_Code": "suncoc3",
"Product_Inventory": "50"
}
</textarea>;
The X-Miva-API-Authorization line above down to the } is the header being passed
Should the header be stringified with JSO
I cannot figure out why the Access Denied
The token and signature is pulled from the API Token
the template called JSON_Push looks like this with codes redacted:
<mvt:comment>
Replace Access token and signature
</mvt:comment>
<mvt:assign name="g.endpoint" value ="'https://redacted.com/mm5/json.mvc'" />
<mvt:assign name="g.access_token" value ="'redacetd'" />
<mvt:assign name="g.signature" value ="crypto_base64_decode('redacted')" />
<mvt:assign name="g.timestamp" value="' "Miva_Request_Timestamp" : ' $ '"' $ s.time_t $ '",' " />
<mvt:assign name="g.json_data" value="'{' $ g.timestamp $ '
"Store_Code": "foryourbird",
"Function": "Product_Update",
"Product_Code": "suncoc3",
"Product_Inventory": "50"
}
'"/>
<mvt:assign name="g.ok" value="crypto_hmac_sha256(g.json_data,g.signature, 'binary',g.hmac_response)" />
<mvt:assign name="l.ok" value="crypto_hmac_sha256(g.json_data,g.signature, 'binary',g.hmac_response)" />
<mvt:assign name="g.b64encoded_hmac_response" value="crypto_base64_encode(g.hmac_response)" />
<mvt:assign name="g.headers" value="'X-Miva-API-Authorization: MIVA-HMAC-SHA256 ' $ g.access_token $ ':' $ g.b64encoded_hmac_response $ asciichar( 13 ) $ asciichar( 10 )" />
<mvt:call action="g.endpoint" method="'raw'" headers="g.headers" content-type="'application/json'" fields="'g.json_data'">
<mvt:assign name="g.response" value="g.response $ s.callvalue" />
</mvt:call>
Product_Update: <br>
<textarea>
&mvt:global:response;
&mvt:global:headers;
&mvt:global:json_data;
</textarea>
I submit https://www.xxx.com/mm5/merchant.mvc?Screen=json_push to the browser
The result when submitting to browser:
Product_Update: <br>
<textarea>
{
"success": 0,
"error_code": "access_denied",
"error_message": "Access denied"
}
X-Miva-API-Authorization: MIVA-HMAC-SHA256 bc883edcfb286790b0696d5f90c719f3:Et7DoUsYxhkIY/QC6ojRua1FiVBSvcfRJvCYduUkI1w=
{ "Miva_Request_Timestamp" : "1655487956",
"Store_Code": "redacted",
"Function": "Product_Update",
"Product_Code": "suncoc3",
"Product_Inventory": "50"
}
</textarea>;
The X-Miva-API-Authorization line above down to the } is the header being passed
Should the header be stringified with JSO
I cannot figure out why the Access Denied
The token and signature is pulled from the API Token
Comment