SOLVED: Sitecore Habitat Home Sync-Unicorn fails with the error: GetResponse" with "0" argument(s): "The remote server returned an error: (403) Forbidden.

PowerShell MicroCHAP Error

When executing  .\build.ps1 or .\build.ps1 -Target "Post-Deploy" commands to deploy Habitat Home build, the PS script fails with the error message; "GetResponse" with "0" argument(s): "The remote server returned an error: (403) Forbidden."

========================================
Sync-Unicorn
========================================
Sync Unicorn items from url: https://sitecore93sc.dev.local//unicorn.aspx
Executing: &"C:/Code/HabitatHome/scripts/Unicorn/Sync.ps1" -secret 749CABBC85EAD20CE55E2C6066F1BE375D2115696C8A8B24DB6ED1FD60613086 -url https://sitecore93sc.dev.local//unicorn.aspx
Sync-Unicorn: Executing Sync...
An error occurred when executing task 'Sync-Unicorn'.
Error: One or more errors occurred.
        Exception calling "GetResponse" with "0" argument(s): "The remote server returned an error: (403) Forbidden."

The key to solving the issue lies in the following lines of code in Unicorn.psm1:

# GET AN AUTH CHALLENGE
$challenge = Get-Challenge -ControlPanelUrl $ControlPanelUrl
if($DebugSecurity) {
Write-Host "Sync-Unicorn: Received challenge from remote server: $challenge"
}
# CREATE A SIGNATURE WITH THE SHARED SECRET AND CHALLENGE
$signatureService = New-Object MicroCHAP.SignatureService -ArgumentList $SharedSecret
$signature = $signatureService.CreateSignature($challenge, $url, $null)
if($DebugSecurity) {
Write-Host "Sync-Unicorn: MAC '$($signature.SignatureSource)'"
Write-Host "Sync-Unicorn: HMAC '$($signature.SignatureHash)'"
Write-Host "Sync-Unicorn: If you get authorization failures compare the values above to the Sitecore logs."
}
Here the options for fixing the issue:
  1. Ensure the location of MicroCHAP.dll located at scripts\Unicorn in Habitat source code matches what's in the Sitecore's bin.
  2. Ensure scripts\Unicorn\Unicorn.psm1 file matches your Habitat version.
  3. Ensure the value of MAC Sitecore gives you matches the value your PowerShell script generated. To debug these values add -DebugSecurity switch in Sync.ps1. This should show an output as follows that will allow you compare the MAC values:
MicroCHAP MAC values in debug mode


Credit to Mark Cassidy's answer in the stackexchange post that provided the background.


Comments

Popular posts from this blog

First look at Sitecore XM Cloud: Part 4 - Creating a new Site

RESOLVED: Solr Exceptions - Document contains at least one immense term in field

First look at Sitecore XM Cloud: Part 1 - Getting started with Sitecore Cloud Portal and XM Cloud Deploy