For a deeper look into our World Check One API, look into:

Overview |  Quickstart |  Documentation |  Downloads

question

Upvotes
Accepted
21 1 1 4

401 Unauthorized when calling /groups with GET (Ruby on Rails RoR)

From the pre-request script, I convert JS to RoR code:
def generateAuthHeader(dataToSign)

hash = OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), config[:api_secret], dataToSign)

Base64.encode64(hash).strip

end

date = Time.now.httpdate

When I try to replace Authorization & Date generated from Postman example to API calls , it's possible to get 200.
But with the generateAuthHeader method, I can't get 200.

Can anyone give me some advices ?
Thanks so much !

world-checkworld-check-oneerror-401ruby
icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
Accepted
21 1 1 4

Hi everyone,

Thank you so much for your help.
The bugs are from the way I use HTTParty to create the header, not from WC1 side.

Thank you so much !

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

A more specific answer here woulda been sooooooo nice....

Upvotes
526 2 2 3

Hi,

in postman you can specify the dateToSign data manually in the Pre-request Script.

Do you get the same values after running the script in postman and using your code in RoR?

Best Regards

Kamil

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
21 1 1 4

Hi Kamil,

In postman, I got the same results when manually putting dataToSign & Date in Headers.
So that means I got failure/success result in my code and got the same one in Postman.

Hence, I guess the issue is the way I generate the HMAC in RoR code.
So do you recommend any sample of RoR code ?
Secondly, is there any difference between CryptoJS and OpenSSL RoR when generating HMAC ?

Thanks so much !

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Upvotes
526 2 2 3

Hi Thang,


I have one more request. Could you post what is the output in the postman and from your code if you manually replace the dataToSign value for following test data and send me results:

var dataToSign = "request-target GetTest123"

var dataToSign = "request-targetGetTest123"

Would you be also post http message that you send to the WC1 system (with http all http headers and data)?

Unfortunately I don't have any sample of the RoR code and about the difference between CryptoJS and OpenSSL you would have to ask authors.

Best Regards

Kamil

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

@thang, have you performed testing as suggested by @kamil.cisewski yet? The test result will be useful ]to investigate this issue. Thanks!

Upvotes
1 1 2 2

Just in case anyone else is using Rails and finds this question, here's a working function that can be passed in as HTTParty's header param (gist because this code view is broken):

https://gist.github.com/virtualstyle/fa67089188e89812041bb53e7974cbfa

icon clock
10 |1500

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Fix your code view widget, TR....