Startseite Erkunden Hilfe
Anmelden
wushubo
/
easycallcenter365-gui-dev
1
0
Fork 0
Dateien Issues 0 Pull-Requests 0 Wiki
Struktur: 3c13f05c65
Branches Tags
easycallcent...
/
debug-xfvoiceclone-403.md

debug-xfvoiceclone-403.md 2.6 KB
Verlauf Originalformat

Debug Session: xfvoiceclone-403 [OPEN]

Context

  • Endpoint: POST /aicall/xfvoiceclone/ttsTest
  • Symptom: clone trial synthesis returns HTTP 403/401 with HMAC date header verification errors
  • Scope: GUI controller XfVoiceCloneController

Hypotheses

  1. Deployment machine time or timezone is skewed, so the RFC1123 Date is rejected.
  2. OkHttp WebSocket handshake does not actually send the expected Date/Authorization/Host headers.
  3. The voice_clone gateway expects a stricter auth format than the current query/header combination.
  4. The deployed service is still running older controller code.

Plan

  1. Add instrumentation only, no business logic change.
  2. Capture runtime auth shape before WebSocket connect.
  3. Ask user to reproduce once and collect logs.
  4. Confirm or reject hypotheses from evidence, then apply minimal fix.

Evidence

  • 2026-06-05 runtime log:
    • clone websocket auth built ... date=Fri, 5 Jun 2026 02:04:03 GMT ...
    • clone websocket failure ... HTTP 403 ... valid date or x-date header is required ...
  • This shows the app did run new code and generated a Date value, but the gateway still rejected it as invalid.
  • 2026-06-05 second runtime log after local formatter fix attempt:
    • clone websocket auth built ... date=Fri, 5 Jun 2026 02:12:44 GMT ...
    • clone websocket failure ... HTTP 403 ... valid date or x-date header is required ...
  • The log still shows single-digit day (5) instead of expected two-digit day (05), so the newest formatter change was not reflected in the deployed runtime.

Hypothesis Status

  • H1 Time/zone skew: not confirmed by current evidence; system zone/time look plausible.
  • H2 Request headers missing: weakened, because runtime shows Date is generated and attached by current code path.
  • H3 Auth format/date format mismatch: still plausible, but cannot be re-tested until latest formatter change is actually deployed.
  • H4 Old code deployed: rejected for early instrumentation, but re-opened for the latest formatter fix because runtime still prints old date format.

Fix Attempt

  • Force clone auth Date format to English RFC1123-like string with two-digit day:
    • EEE, dd MMM yyyy HH:mm:ss 'GMT'
  • After deployment, handshake succeeded with HTTP 101, so HMAC/date issue is considered resolved.
  • New strongest hypothesis after handshake success:
    • clone payload text must be base64 and GUI should also read clone response code from header.code.
  • Applied minimal fix:
    • encode payload.text.text with base64
    • read message code from header.code first, fallback to root code
    • add onMessage/onClosed runtime logs for verification