API Calls do not seem to be working, is it my NGINX?

Description

I am able to do some calls but not all. When I use GET I am able to use all of those API calls. But when I try to do POST, I either get Bad Request or no error at all.

I checked the logs (with Errors, info, and debug on) and my request is not going through.

I don’t know why this is happening but I get the feeling it may have to do with my nginx setup.

Let me know and thank you for taking a look.

Server Setup Information

  • Version of Rocket.Chat Server: 4.6.0
  • Operating System: Ubuntu 20.04
  • Deployment Method: Manual
  • Number of Running Instances: 1
  • DB Replicaset Oplog: Enabled
  • NodeJS Version: 14.0.0
  • MongoDB Version: 4.4.13
  • Proxy: nginx
  • Firewalls involved: none

Any additional Information

I used this guide to setup my nginx config file: RocketChat Documentation

Here is my NGINX config file:

Nginx Setup
# Upstreams
upstream backend {
    server 127.0.0.1:3000;
}

# HTTPS Server
server {
    listen 443 ssl;
    server_name rocketchat.company.com;

    # You can increase the limit if your need to.
    client_max_body_size 200M;

    error_log /var/log/nginx/rocketchat.access.log;

    ssl_certificate /etc/nginx/certificate.crt;
    ssl_certificate_key /etc/nginx/private.key;
    ssl_protocols TLSv1.2;
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDH>
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:20m;
    ssl_session_timeout 180m;

    location / {
        proxy_pass http://127.0.0.1:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Nginx-Proxy true;
        proxy_redirect off;
    }
}




#Redirect http
server {
  listen 80;
  server_name rocketchat.company.com;
  return 301 https://$host$request_uri;
}
Curl Command that I am attempting
curl.exe https://rocketchat.company.com/api/v1/users.update -H "X-Auth-Token: [REDACTED]" -H "X-User-Id: [REDACTED]" -H "Content-type:application/json" -d '{"userId": "g4kLKTgDih7FvZDvg", "data": { "active": "false" }}'

Hi!

Have you seen this doc?

Can you try consuming this API directly, without passing by nginx? Just to make sure.

But this is probably some nginx misconfiguration.

1 Like

I have seen that document. I do not see any abnormalities or anything it would tell me different. I removed the two items I added and it still does not work (Upstreams section and #http server section). I put the revised nginx conf below.

I would love some help on this as Rocketchat has this rich API but for some reason I can’t make full use of it.

Basic Nginx Config
# HTTPS Server
server {
    listen 443 ssl;
    server_name rocketchat.company.com;

    # You can increase the limit if your need to.
    client_max_body_size 200M;

    error_log /var/log/nginx/rocketchat.access.log;

    ssl_certificate /etc/nginx/certificate.crt;
    ssl_certificate_key /etc/nginx/private.key;
    ssl_protocols TLSv1.2;
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDH>
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:20m;
    ssl_session_timeout 180m;

    location / {
        proxy_pass http://127.0.0.1:3000;
       proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Nginx-Proxy true;
        proxy_redirect off;
    }
}

this is not a working DNS. Is this internal only?

dudanogueira@drc:~/dev$ nslookup rocketchat.wallawallaclinic.com
Server: 127.0.0.53
Address: 127.0.0.53#53

** server can’t find rocketchat.wallawallaclinic.com:

1 Like

It is an internal only server.

SO to expand on this what I am trying to do is deactivate a user through the API.

I finally got the log to show the request and if I am reading it correctly it appears to have an issue with the data section:

Logs from API call

{“level”:35,“time”:“2022-04-05T19:44:07.317Z”,“pid”:794,“hostname”:“rocketchat”,“name”:“API”,“method”:“POST”,“url”:"/api/v1/users.update",“userId”:“62izDxKnF3Zt4JJh5”,“userAgent”:“curl/7.68.0”,“length”:“62”,“host”:“127.0.0.1:3000”,“referer”:“cure”,“remoteIP”:“127.0.0.1”,“err”:{“type”:“errorClass”,“message”:“Match error: Expected boolean, got string in field data.active”,“stack”:“Error: Match error: Expected boolean, got string in field data.active
at check (packages/check/match.js:36:17)
at Object.post (app/api/server/v1/users.js:572:4)
at app/api/server/api.js:425:96
at Meteor.EnvironmentVariable.EVp.withValue (packages/meteor.js:1257:12)
at Object._internalRouteActionHandler [as action] (app/api/server/api.js:425:39)
at Route._callEndpoint (packages/rocketchat_restivus/lib/route.coffee:150:32)
at packages/rocketchat_restivus/lib/route.coffee:59:33
at packages/simple_json-routes.js:100:9”,“path”:“data.active”,“sanitizedError”:{“type”:“errorClass”,“message”:“Match failed [400]”,“stack”:“Error: Match failed [400]
at errorClass. (packages/check/match.js:91:27)
at new errorClass (packages/meteor.js:660:17)
at check (packages/check/match.js:36:17)
at Object.post (app/api/server/v1/users.js:572:4)
at app/api/server/api.js:425:96
at Meteor.EnvironmentVariable.EVp.withValue (packages/meteor.js:1257:12)
at Object._internalRouteActionHandler [as action] (app/api/server/api.js:425:39)
at Route._callEndpoint (packages/rocketchat_restivus/lib/route.coffee:150:32)
at packages/rocketchat_restivus/lib/route.coffee:59:33
at packages/simple_json-routes.js:100:9”,“isClientSafe”:true,“error”:400,“reason”:“Match failed”,“errorType”:“Meteor.Error”},“errorType”:“Match.Error”},“status”:400,“responseTime”:2,“msg”:“Match error: Expected boolean, got string in field data.active”}

Curl command being run
curl -H "X-Auth-Token: [redacted]" -H "X-User-Id: 62izDxKnF3Zt4JJh5" -H "Content-type:application/json" http://127.0.0.1:3000/api/v1/users.update -d '{"userId": "g4kLKTgDih7FvZDvg", "data": { "active": "false" }}' -insecure

the good news: your POST request got through the nginx server and was processed by the RC server.

the bad news: the data of your user in the mongoDB seems to be corrupt. The server extects the property ‘active’ of your user with the id 62izDxKnF3Zt4JJh5 to be a boolean, but it found a string. Out of curiosity you can try to access your mongoDB server and lookup the user to see what the actual value for ‘active’ is.
Maybe this can help to find the root cause of the issue.

2 Likes

@Melosine I appreciate the assistance.

While the id you listed was incorrect, you did trigger a bit of research on my end.

Since the issue it had was with a boolean being expected and not a string, I had to make sure the data was in a boolean.

"data": { "active": "false" }}' to "data": { "active": false }}'

This then worked! Celebration! I am not the best at json or using APIs and I appreciate your help (even though it is listed in the error what is wrong…I should read more).

Successful query

Here is the successful query to hopefully help anyone in the future reading this post:

curl -H "X-Auth-Token: [redacted]" -H "X-User-Id: 62izDxKnF3Zt4JJh5" -H "Content-type:application/json" http://127.0.0.1:3000/api/v1/users.update -d '{"userId": "g4kLKTgDih7FvZDvg", "data": { "active": false }}' -insecure

Ah, yes. Makes sense. Congrats on finding the solution.

1 Like