My PHP code doesn't convert continuous spaces in "dataToSign" string to generate signature

Hi, I created Pre-request script PHP code to hash dataToSign successfully in this question: how-to-generate-signature-by-curl-alone
It is for "Get my top-level groups" in Postman collection.

Now, I'm trying to do same on another Postman collection "Perform Synchronous Screening: Simple".
In the given Javascript sample by Postman.

Postman's Javascript code uses "dataToSign" string to generate signature which is like this:
{ "groupId":"my_group_id", "entityType": "INDIVIDUAL",
"providerTypes": [ "WATCHLIST" ],
"name": "putin", "secondaryFields":[], "customFields":[]
}
As you can compare with below JSON file, it adds multiple spaces before "elements" to align as it looks in JSON format.

Here's the JSON file to load.

{
  "groupId":"<MY_GROUP_ID>",
  "entityType": "INDIVIDUAL",
  "providerTypes": [
    "WATCHLIST"
  ],
  "name": "putin",
  "secondaryFields":[],
  "customFields":[]
}

And here's my PHP code.

$load_content = file_get_contents($json_file);
$content = rtrim($load_content); // rtrim is required to remove carriage return at the end.

$dataToSign = "(request-target): post " . $gateway_url . "cases/screeningRequest" . "host: " . $gateway_host . "date: " . $time_gmt . "content-type: " . $content_env . "content-length: " . $content_decoded_length . $content;

Comparing $dataToSign between Postman's Javascript and my PHP code above, Postman adds multiple spaces before "elements" to align as it looks in JSON format, whereas my PHP code converts them to a single character which leads string mismatch.

Can anyone help on this?

Find more posts tagged with

php

world-check-one

world-check

Accepted answers

naoto.tatemichi

This is resolved by this code.

What mainly missing was carriage return "\n" in the $dataToSign.

$content = <<< EOM
{
  "groupId":"$group_id",
  "entityType": "INDIVIDUAL",
  "providerTypes": [
    "WATCHLIST"
  ],
  "name": "$screening_name",
  "secondaryFields":[],
  "customFields":[]
}
EOM;

$content_raw_length = iconv_strlen($content);

$dataToSign = "(request-target): post " . $gateway_url . "cases/screeningRequest\n" . "host: " . $gateway_host . "\n" . "date: " . $time_gmt . "\n" . "content-type: " . $content_env . "\n" . "content-length: " . $content_raw_length . "\n" . $content;
$hmac = base64_encode(hash_hmac('sha256', $dataToSign, $secret, true));
$authorisation = "Signature keyId=\"" . $api_key . "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date content-type content-length\",signature=\"" . $hmac . "\"";

All comments

naoto.tatemichi

Attaching my php code as carriage return collapsed.question-screening.txt

Prabhjyot

@naoto.tatemichi,

Thank you for your query.

Can you please refer to this link on how to calculate the content-length of the payload?

Also, from the provided code, it seems there will be a slight change in te dataToSign calculation.

$dataToSign = "(request-target): post " . $gateway_url . "cases/screeningRequest\n" . "host: " . $gateway_host . "\n" . "date: " . $time_gmt . "\n" . "content-type: " . $content_env . "\n" . "content-length: " . $content_length . "\n" . $group_id;

From the above formed dataToSign, instead of '$group-id' you have to pass the request payload content.

Please let us know if this helps.

naoto.tatemichi

Hi @Prabhjyot,

Thank you for your hint.
What I stuck was before cURL part.
I couldn't even generate correct $dataToSign.
Now I found what was wrong.

naoto.tatemichi

This is resolved by this code.

What mainly missing was carriage return "\n" in the $dataToSign.

$content = <<< EOM
{
  "groupId":"$group_id",
  "entityType": "INDIVIDUAL",
  "providerTypes": [
    "WATCHLIST"
  ],
  "name": "$screening_name",
  "secondaryFields":[],
  "customFields":[]
}
EOM;

$content_raw_length = iconv_strlen($content);

$dataToSign = "(request-target): post " . $gateway_url . "cases/screeningRequest\n" . "host: " . $gateway_host . "\n" . "date: " . $time_gmt . "\n" . "content-type: " . $content_env . "\n" . "content-length: " . $content_raw_length . "\n" . $content;
$hmac = base64_encode(hash_hmac('sha256', $dataToSign, $secret, true));
$authorisation = "Signature keyId=\"" . $api_key . "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date content-type content-length\",signature=\"" . $hmac . "\"";

Prabhjyot

@naoto.tatemichi ,

Thank you for your response and how you were able to resolve the issue. For further queries please raise a new query using the same forum.

I am accepting this answer to be correct on your behalf.

ignacio.valenzuela

Naoto, Could you please tell me what was wrong, I have the same problem and I can't fix it.

EXPLORE OUR SITES