My PHP code doesn't convert continuous spaces in "dataToSign" string to generate signature

Question

question

naoto.tatemichi

83 ●2 ●8 ●7

My PHP code doesn't convert continuous spaces in "dataToSign" string to generate signature

Hi, I created Pre-request script PHP code to hash dataToSign successfully in this question: how-to-generate-signature-by-curl-alone
It is for "Get my top-level groups" in Postman collection.

Now, I'm trying to do same on another Postman collection "Perform Synchronous Screening: Simple".
In the given Javascript sample by Postman.

Postman's Javascript code uses "dataToSign" string to generate signature which is like this:
{ "groupId":"my_group_id", "entityType": "INDIVIDUAL", "providerTypes": [ "WATCHLIST" ], "name": "putin", "secondaryFields":[], "customFields":[] }
As you can compare with below JSON file, it adds multiple spaces before "elements" to align as it looks in JSON format.

Here's the JSON file to load.

{
  "groupId":"<MY_GROUP_ID>",
  "entityType": "INDIVIDUAL",
  "providerTypes": [
    "WATCHLIST"
  ],
  "name": "putin",
  "secondaryFields":[],
  "customFields":[]
}

And here's my PHP code.

$load_content = file_get_contents($json_file);
$content = rtrim($load_content); // rtrim is required to remove carriage return at the end.

$dataToSign = "(request-target): post " . $gateway_url . "cases/screeningRequest" . "host: " . $gateway_host . "date: " . $time_gmt . "content-type: " . $content_env . "content-length: " . $content_decoded_length . $content;

Comparing $dataToSign between Postman's Javascript and my PHP code above, Postman adds multiple spaces before "elements" to align as it looks in JSON format, whereas my PHP code converts them to a single character which leads string mismatch.

Can anyone help on this?

world-check world-check-one php

Aug 09, 2019 at 05:46 AM

10 |1500

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Answer 1 · 2019-08-15T07:59:31Z

naoto.tatemichi

83 ●2 ●8 ●7

This is resolved by this code.

What mainly missing was carriage return "\n" in the $dataToSign.

$content = <<< EOM
{
  "groupId":"$group_id",
  "entityType": "INDIVIDUAL",
  "providerTypes": [
    "WATCHLIST"
  ],
  "name": "$screening_name",
  "secondaryFields":[],
  "customFields":[]
}
EOM;

$content_raw_length = iconv_strlen($content);

$dataToSign = "(request-target): post " . $gateway_url . "cases/screeningRequest\n" . "host: " . $gateway_host . "\n" . "date: " . $time_gmt . "\n" . "content-type: " . $content_env . "\n" . "content-length: " . $content_raw_length . "\n" . $content;
$hmac = base64_encode(hash_hmac('sha256', $dataToSign, $secret, true));
$authorisation = "Signature keyId=\"" . $api_key . "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date content-type content-length\",signature=\"" . $hmac . "\"";

Aug 15, 2019 at 07:59 AM

10 |1500

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Prabhjyot Aug 19, 2019 at 08:57 AM

@naoto.tatemichi ,

Thank you for your response and how you were able to resolve the issue. For further queries please raise a new query using the same forum.

I am accepting this answer to be correct on your behalf.

Answer 2 · 2019-08-09T05:56:29Z

naoto.tatemichi

83 ●2 ●8 ●7

Attaching my php code as carriage return collapsed.question-screening.txt

question-screening.txt (1.1 KiB)

Aug 09, 2019 at 05:56 AM

10 |1500

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Answer 3 · 2019-08-12T07:31:39Z

Prabhjyot

4.5k ●4 ●8 ●8

@naoto.tatemichi,

Thank you for your query.

Can you please refer to this link on how to calculate the content-length of the payload?

Also, from the provided code, it seems there will be a slight change in te dataToSign calculation.

$dataToSign = "(request-target): post " . $gateway_url . "cases/screeningRequest\n" . "host: " . $gateway_host . "\n" . "date: " . $time_gmt . "\n" . "content-type: " . $content_env . "\n" . "content-length: " . $content_length . "\n" . $group_id;

From the above formed dataToSign, instead of '$group-id' you have to pass the request payload content.

Please let us know if this helps.

Aug 12, 2019 at 07:31 AM

10 |1500

Attachments: Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

naoto.tatemichi Aug 15, 2019 at 07:54 AM

Hi @Prabhjyot.Mandla,

Thank you for your hint.
What I stuck was before cURL part.
I couldn't even generate correct $dataToSign.
Now I found what was wrong.

ignacio.valenzuela naoto.tatemichi Dec 16, 2020 at 12:19 AM

Naoto, Could you please tell me what was wrong, I have the same problem and I can't fix it.

Prabhjyot ignacio.valenzuela Dec 28, 2020 at 05:05 AM

@naoto.tatemichi - Could you please advise @ignacio.valenzuela on the same as requested by the user?

Q&A Forum

question

My PHP code doesn't convert continuous spaces in "dataToSign" string to generate signature

3 Answers

Write an Answer

question

My PHP code doesn't convert continuous spaces in "dataToSign" string to generate signature

3 Answers

Write an Answer

Related Questions