3

On some devices with HMS SDK SafetyDetect, captcha returns a token, when checked, the Huawei server responds

{
    "error-codes": "timeout-or-duplicate",
    "success": false
}

I am sure of the correct implementation of the library, everything works correctly on the part of devices. This problem arose about 2 weeks ago. Perhaps the version of HMS Core somehow affects. Has anyone faced a similar issue in their applications?

versions: com.huawei.hms:safetydetect:6.1.0.302

com.huawei.agconnect:agcp:1.6.1.300

Alexandr
  • 101
  • 2
  • Would you please let me know the API you used for this? thanks – Zinna Nov 22 '21 at 23:02
  • POST https://hirms.cloud.huawei.com/rms/v1/userRisks/verify?appId=***** example body: { "accessToken":"******", "response":"******" } – Alexandr Nov 23 '21 at 07:40

1 Answers1

0

{ "error-codes": "timeout-or-duplicate", "success": false }

If this error code is displayed, the response parameter is invalid, has expired, or has been used.

You need to use the client interface to obtain the responseToken again and invoke the restApi interface again.

For details, kindly check this docs.

zhangxaochen
  • 32,744
  • 15
  • 77
  • 108
  • I get this error on all attempts to pass the captcha. This error started playing after updating the visual part of the captcha in HMS Core (perhaps this is important :)). But on some devices I can still successfully pass the verification without changing the client or server implementation. – Alexandr Nov 23 '21 at 07:40
  • maybe i can get some logs from HMS Core? – Alexandr Nov 23 '21 at 12:51
  • hi@Alexandr, the API is correct. If the response token fails to be obtained again after an error occurs, pls provide information such as the request body and appID for query from the background server. – zhangxaochen Nov 24 '21 at 00:40
  • at the moment I am getting an error checking the validity of the token using postman. Use like this POST hirms.cloud.huawei.com/rms/v1/userRisks/verify?appId=***** example body: { "accessToken":"******", "response":"******" } – Alexandr Nov 24 '21 at 09:35
  • backend use correct API's and body. Only from some devices we catch error, have any ideas? – Alexandr Nov 25 '21 at 08:04
  • hi@Alexandr,1. Based on the timeout-or-duplicate error code description, invoke the API for detecting bogus users on the App to obtain a new ResponseToken and use the token within the validity period. (The token is valid only for 2 minutes and can be used only once.) 2. If the error persists, provide the postman request screenshot and appID query. 3. Could you provide the detailed information about some models that you mentioned failed to obtain? – zhangxaochen Nov 25 '21 at 08:19
  • example body, accessToken changed, { "accessToken":"CwEAAAAAOpwvBDAwfvR9H+kuErt0EbONBpJlberYocGemkfrKYpeGRNp56sKtRB1u4QR7pQzOYGPkbiYGn6EfdXoBdcNvGuGQ=", "response":"8_f7d77194c30152d28a2a9d0f3d7036f9c412816d16cdcc3c_1637923659159" } we noticed a difference, the response that starts with 8 gives an error, and the response received from the device on which the captcha is successfully processed starts with 7 – Alexandr Nov 26 '21 at 10:51
  • Hello @shirley, have any ideas? – Alexandr Nov 29 '21 at 08:39
  • hi@Alexandr, to solve the problem, could you please leave your appid and email address? The R&D team would like to contact you via email. – zhangxaochen Nov 30 '21 at 03:23
  • 1
    Hi @shirley, a.udin@space307.com, appId 101680437 – Alexandr Nov 30 '21 at 07:20
  • hi@Alexandr, Thank you for your information, could you mind trigger again? then provide us with the invoking time and request message, and we'll check it again. – zhangxaochen Nov 30 '21 at 07:30
  • 1
    broken token: 8_0d615b417002cd7ede055bb3b65768b07089d9f4db3ceda9_1638262272457 try in 11:51 AM Moscow time – Alexandr Nov 30 '21 at 08:52
  • hi@Alexandr, Sorry for the late reply. The team confirmed that the server configuration was changed last week. And the internal test has passed, you can perform the re-calling test now. If you have any queries, please feel free to contact us. – zhangxaochen Dec 06 '21 at 02:57
  • @shirley Hello, right now huawei captcha doesn’t work for our app again (the same app from this question). We have an issue with the method: https://hirms.cloud.huawei.com/rms/v1/userRisks/verify?appId=101680437 Request body (example): { “accessToken”: “OUR_ACCESS_TOKEN”, “response”: “8_5657537fe8078367386de2c0c668de59ba3b1bc78b4896e4_1648043955817" } The response: {“message”: “Cse Internal Bad Request”} – Aleksandr Urzhumtcev Mar 23 '22 at 16:13
  • @AleksandrUrzhumtcev For your feedback, the safetydetect function is normal when we test the Russian site internally. It is preliminarily determined that the error "Cse Internal Bad Request" is caused by network problems. May i confirm do you have problems accessing the safetydetect service all the time or occasionally? and what is your country? which country is the device used? Also please provide complete log, so that we can analyse this issue, thands. – zhangxaochen Mar 25 '22 at 09:20
  • @shirley hello! According to our users the problem is all around the world. So the answer we have the problem all the time, not occasionally. Physically I'm located in Turkey right now and captcha doesn't work for me either. I provided logs in the previous message, that's all we have. Can you be more specific about what kind of logs we can provide to you? thanks in advance – Aleksandr Urzhumtcev Mar 25 '22 at 11:09
  • @Aleksandr Urzhumtcev Can you try again? If you can tell us the country where your server located, it will help us to optimize the network. If you have work mates in other place like Asia or Latin America, they can have a try and tell us the result. Thank you. – zhangxaochen Mar 26 '22 at 09:55
  • @shirley We've checked recently and it works now. Thank you – Aleksandr Urzhumtcev Mar 26 '22 at 21:19
  • @shirley Hello! We have the same problem again and captcha stopped to work {“message”: “Cse Internal Bad Request”} – Aleksandr Urzhumtcev Jun 16 '23 at 05:39