Discussions

Hi! The docs here are _really_ light.. <https://developer.corrigopro.com/docs/authorization#token-validation> I'm struggling to get a valid outcome. I've got my three pieces of info: 1. **data**: I've split this out of the of token (the bit to the _left_ of the `<---->`). I have successfully base64urldecoded it. eg here: ``` '{"AuthenticationType":"Bearer","NameClaimType":"<http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name","RoleClaimType":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name","Claims":[{"Type":"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name","Value":"><redacted>","ValueType":"<http://www.w3.org/2001/XMLSchema#string","Issuer":"LOCAL> AUTHORITY","OriginalIssuer":"LOCAL AUTHORITY"},{"Type":"urn:oauth:scope","Value":"","ValueType":"<http://www.w3.org/2001/XMLSchema#string","Issuer":"LOCAL> AUTHORITY","OriginalIssuer":"LOCAL AUTHORITY"},{"Type":"Aud","Value":"CorrigoProDirect","ValueType":"<http://www.w3.org/2001/XMLSchema#string","Issuer":"LOCAL> AUTHORITY","OriginalIssuer":"LOCAL AUTHORITY"}],"Properties":{"Dictionary":{".issued":"Wed, 28 Feb 2024 02:03:24 GMT",".expires":"Wed, 28 Feb 2024 02:23:24 GMT"}}}' ``` 2. **sign**: I've split this out of the token (the bit to the _right_ of the `<---->`). Naively base64urldecoding it didn't work. I needed to first pad it with `=`. This spat out a bytestring. 3. **cert**: I downloaded this from corrigo and have this in pem format. From here, I'm expecting it all to validate, but it doesn't. Here's my python code: ```python import base64 import x509 def padded_urlsafe_b64decode(input: str) -> bytes: """Same as base64.urlsafe_b64decode, but pads with '=' first.""" p = 4 - (len(input) % 4) return base64.urlsafe_b64decode(input + "=" * p) # From CorrigoProDirect admin. cert = b"-----BEGIN CERTIFICATE-----\nMII...eVt\n-----END CERTIFICATE-----" # From incoming webhook event. token = 'eyJ...fX19<---->diu...PTw' data, sign = token.split('<---->') data_decoded = base64.urlsafe_b64decode(data) sign_decoded = padded_urlsafe_b64decode(sign) public_key = x509.load_pem_x509_certificate(cert).public_key() public_key.verify(sign_decoded, data_decoded, padding.PKCS1v15(), hashes.SHA256()) ``` I'm getting `InvalidSignature` coming out of the verify method. Questions: 1. Do you have any examples of this working, so that i can compare my intermediate steps? 2. Having to manually pad the sign before decoding seems suspicious, am I doing the right thing here? 3. Am I using the correct padding and hashing algorithms? I've just guessed these as they don't seem to be mentioned anywhere. I've seen some similar discussions started here, but nothing useful gleaned from those. Cheers,

Hey Corrigo, I've come across some strange handling of dates in the system. The issue I'm describing here is around InvoiceDate -- it's possible the issue is more widespread, but my tests so far have focused on just the one spot. When PUTing invoices, for the `InvoiceDate` field: - Our (third party) system stores raw dates - Corrigo's UI handles raw dates However, Corrigo's API both expects and returns datetimes. Furthermore, it seems to alter the time that's sent through. From my testing: - Sending '2024-02-14T16:00:00+00:00' results in Corrigo storing/returning '2024-02-14T8:00:00+00:00' - Sending '2024-02-14T8:00:00+00:00' results in Corrigo storing/returning '2024-02-14T0:00:00+00:00' - Sending '2024-02-14T0:00:00+00:00' results in Corrigo storing/returning '2024-02-13T16:00:00+00:00' ie, it subtracts 8 hours each time! This is worst in that third case, because the UI then truncates that to the previous day! My question to the experts: - This looks like a bug, can you please confirm that this is unintentional and that you should be capturing dates here rather than datetimes? - Is the 8 hr difference significant? Can i assume it'll always be subtracting 8hrs, and work off that heuristic as workaround? - Is this more prevalent across the board? Can i make the same assumptions around date handling for all other places in the corrigo API (eg dates on RequiredDocuments)? Cheers,

Is it possible to have more than one URL for the event notification section in the integration settings?

In today's digital age, the prospect of traveling while earning money has become increasingly feasible for students. With the rise of remote work opportunities and online platforms, students can now combine their passion for travel with income generation. A recent article on journohq.com sheds light on nine effective ways for students to earn money while exploring the world. Freelance Writing: Students can tap into their writing skills and explore freelance opportunities available on platforms like Upwork and Freelancer. By offering their writing services for blogs, articles, and other content, students can earn money while enhancing their writing abilities. Blogging: Creating a travel blog allows <http://www.journohq.com/blog/9-ways-to-earn-money-while-you-travel/> students to share their adventures and insights with a global audience. Through monetization strategies such as advertising and sponsored content, students can turn their passion for travel into a source of income. Social Media Influencing: With a strong presence on platforms like Instagram, YouTube, and TikTok, students can collaborate with brands and businesses as social media influencers. By promoting products or services to their followers, students can earn money through sponsored content and partnerships. Online Tutoring: Students with expertise in academic subjects can offer online tutoring services through platforms like Tutor.com and Chegg Tutors. By helping other students succeed academically, students can earn money while sharing their knowledge. Virtual Assistance: Providing virtual assistance to businesses and entrepreneurs allows students to work remotely while traveling. Tasks such as email management, scheduling, and research can be performed from anywhere with an internet connection. Photography: Students with a passion for photography can monetize their skills by selling their photos to stock photography websites or offering photography services to travelers and local businesses. Language Translation: Multilingual students can offer translation services online through platforms like Gengo and One Hour Translation. By helping businesses and individuals bridge language barriers, students can earn money while utilizing their language skills. Remote Work: Many companies offer remote job opportunities in various fields, allowing students to work from anywhere in the world. Students can explore remote work options in their field of study or expertise to earn a steady income while traveling. Airbnb Hosting: Students with spare rooms or properties can rent them out on Airbnb while traveling. Hosting guests provides students with a steady income stream and helps offset travel expenses. In conclusion, students have numerous opportunities to earn money while traveling, thanks to the flexibility and accessibility of online platforms and remote work opportunities. By leveraging their skills and interests, students can turn their travel experiences into valuable learning opportunities and sources of income. Whether through freelance writing, blogging, social media influencing, or other avenues, students can embark on adventures around the world while building successful careers.

When I search for a work order using the URL workOrder/search and providing the workOrderNumber parameter, I get the expected results. However, if I try to search for the same work order number using the URL workOrder?ids=04360505&messageId=04360505-1701180597 I get the following error: [Code] => 3003 [Message] => Work order '4360505' was not found or you don't have rights to access it [ValidationErrors] => [MessageId] => 04360505-1701180597 Can you tell me why I would not have access to this work order in the sandbox or why it might not find it?

Dear immortals, I need some inspiration to create <https://www.wowtot.com>

Hi We wanted to check if Corrigo has a documentation that we can share with the clients in order to set up sandbox environment? We basically want to use the documentation so we can share with our clients so they can reach out to corrigo and request sandbox environment which they can share with us later

I'm trying to make an API call to add an attachment to a work order and getting the below error. ValidationErrors:Array[2] 0:Object Message:"Could not create an instance of type System.IO.Stream. Type is an interface or abstract class and cannot be instantiated. Path 'File.InputStream.identity', line 10, position 19." ErrorType:"IncorrectType" FieldName:"request.File.InputStream.identity" 1:Object Message:"The field File is reqired, but missing or empty." ErrorType:"Mandatory" FieldName:"request.File" Message:"Model data validation failed" Code:2100 MessageId:"1" **In below mentioned JSON format where I need to pass the file URL or path** "MessageVisibility": "All", "Name": "Nikon-D500-Sample-Images-2.jpg", "MimeType": "image/jpg", "DocumentType": "Picture", "File": { "ContentLength": 0, "ContentType": "image/jpg", "FileName": "Nikon-D500-Sample-Images-2.jpg", "InputStream": { "\_\_identity": {} } }, "ConcurrencyId": 0, "PerformedBy": { "Name": "Raviteja" }, "WorkOrderId": 3352362, "MessageId": "1"

We have a license for IFSM to connect to our QuickBooks but we have questions about the actual Customizability of the Interface. I am familiar with the Custom Fields, Nomenclature changes, and limited additions to the interface... My question is, Can I use this platform to solve my "Service" department both On-site and On-field? Another question is: Do we need to request Access to the back end? we need to customize and tailor this application or interface to our needs, and we want to use the backend for those specifics, since my company is too complex

Is it possible to upload a quote without a WO being opened? Or is there a way for us as a vendor to submit a quote on a WO we generate so we can submit a quote?