Missing or invalid scopes


(Mass Venture) #1

During Oauth I have Funding as one of the scopes and hit allow on the test. However whenever I try to do a call with

accounts/123413-12341-1234135/funding-sources

I keep getting the following error. Why would i get this if I should have access to the funding scope. I allowed it on the test.

Missing or invalid scopes for requested endpoint.


(Mass Venture) #2

Now getting “code”=>“ServerError”, “message”=>“A server error occurred. Error ID: 12341-12341324-1321341-1324134.”


(Mass Venture) #3

so on oauth i get this error so i suspect somethign is down with the system.


(Mass Venture) #4

anyone else see this on oauth part?

After this i still get the test email. The only thing is that no matter if i send the scope “Funding”, I can not do an api request on that scope.

please help.


(Spencer Hunter) #5

@MassVenture Can you show the request and response body for the API request that is returning an invalid scope error? In addition, what is the name of the application you created in the Sandbox? This will help me look into our logs to see what could be going wrong with your requests. Thanks!


(Mass Venture) #6

My sanbox api user is icemancast@gmail.com and the app is called Icemancast App. Below is my controller code that I send. get_user is a method i use to pry through the response object from the server. oauth method is what is visited that finishes oauth. I go through the process on logging in and allow the scopes (funding is there), but when i later try to access funding i get invalid scope.

class MassVenturePayController < ApplicationController
  before_filter :authenticate_user!

  def oauth
    redirect_to auth.url
  end

  def callback
    # exchange the code for a token
    @token = auth.callback(params)
    
    session[:dwolla_access_token] = @token.access_token
    session[:dwolla_account_id] = @token.account_id
    session[:refresh_token] = @token.refresh_token

    account_id = @token.account_id
    funding = @token.get "accounts/#{account_id}/funding-sources"
    account_status = funding._embedded['funding-sources'][0]['status']
    
    current_user.dwolla_account_name = funding._embedded['funding-sources'][0]['name']
    current_user.refresh_token = @token.refresh_token
    current_user.dwolla_account_id = account_id

    if account_status === 'verified'
      // code to save to db on finance status
    end
    
    if(current_user.save)
      redirect_to '/users/edit'
    end
  end

  def get_user
    # refresh
    @token = $dwolla.auths.client
    @customers = @token.get "accounts/#{current_user.dwolla_account_id}/funding-sources"
  end

  private

  def auth
    $dwolla.auths.new redirect_uri: "http://mydomain.dev/provider/return",
      scope: "Send|Funding|Transactions|AccountInfoFull",
      state: session[:state] ||= SecureRandom.hex(8), # optional
      verified_account: true, # optional
      dwolla_landing: "register" # optional
  end

end