401 Unauthorized when calling /groups with GET (Ruby on Rails RoR)

From the pre-request script, I convert JS to RoR code:
def generateAuthHeader(dataToSign)

hash = OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), config[:api_secret], dataToSign)

Base64.encode64(hash).strip

end

date = Time.now.httpdate

When I try to replace Authorization & Date generated from Postman example to API calls , it's possible to get 200.
But with the generateAuthHeader method, I can't get 200.

Can anyone give me some advices ?
Thanks so much !

Find more posts tagged with

ruby

world-check-one

world-check

error-401

Accepted answers

thang

Hi everyone,

Thank you so much for your help.
The bugs are from the way I use HTTParty to create the header, not from WC1 side.

Thank you so much !

All comments

kamil.cisewski

Hi,

in postman you can specify the dateToSign data manually in the Pre-request Script.

Do you get the same values after running the script in postman and using your code in RoR?

Best Regards

Kamil

thang

Hi Kamil,

In postman, I got the same results when manually putting dataToSign & Date in Headers.
So that means I got failure/success result in my code and got the same one in Postman.

Hence, I guess the issue is the way I generate the HMAC in RoR code.
So do you recommend any sample of RoR code ?
Secondly, is there any difference between CryptoJS and OpenSSL RoR when generating HMAC ?

Thanks so much !

kamil.cisewski

Hi Thang,

I have one more request. Could you post what is the output in the postman and from your code if you manually replace the dataToSign value for following test data and send me results:

var
dataToSign = "request-target GetTest123"

var
dataToSign = "request-targetGetTest123"

Would you be also post http message that you send to the WC1 system (with http all http headers and data)?

Unfortunately I don't have any sample of the RoR code and about the difference between CryptoJS and OpenSSL you would have to ask authors.

Best Regards

Kamil

Nipat Kunvutipongsak

@thang, have you performed testing as suggested by @kamil.cisewski yet? The test result will be useful ]to investigate this issue. Thanks!

thang

Hi everyone,

Thank you so much for your help.
The bugs are from the way I use HTTParty to create the header, not from WC1 side.

Thank you so much !

rowood

A more specific answer here woulda been sooooooo nice....

rowood

Just in case anyone else is using Rails and finds this question, here's a working function that can be passed in as HTTParty's header param (gist because this code view is broken):

https://gist.github.com/virtualstyle/fa67089188e89812041bb53e7974cbfa

rowood

Fix your code view widget, TR....

EXPLORE OUR SITES