My PHP code doesn't convert continuous spaces in "dataToSign" string to generate signature
Hi, I created Pre-request script PHP code to hash dataToSign successfully in this question: how-to-generate-signature-by-curl-alone
It is for "Get my top-level groups" in Postman collection.
Now, I'm trying to do same on another Postman collection "Perform Synchronous Screening: Simple".
In the given Javascript sample by Postman.
Postman's Javascript code uses "dataToSign" string to generate signature which is like this:
{ "groupId":"my_group_id", "entityType": "INDIVIDUAL", "providerTypes": [ "WATCHLIST" ], "name": "putin", "secondaryFields":[], "customFields":[] }
As you can compare with below JSON file, it adds multiple spaces before "elements" to align as it looks in JSON format.
Here's the JSON file to load.
{
"groupId":"<MY_GROUP_ID>",
"entityType": "INDIVIDUAL",
"providerTypes": [
"WATCHLIST"
],
"name": "putin",
"secondaryFields":[],
"customFields":[]
}
And here's my PHP code.
$load_content = file_get_contents($json_file); $content = rtrim($load_content); // rtrim is required to remove carriage return at the end. $dataToSign = "(request-target): post " . $gateway_url . "cases/screeningRequest" . "host: " . $gateway_host . "date: " . $time_gmt . "content-type: " . $content_env . "content-length: " . $content_decoded_length . $content;
Comparing $dataToSign between Postman's Javascript and my PHP code above, Postman adds multiple spaces before "elements" to align as it looks in JSON format, whereas my PHP code converts them to a single character which leads string mismatch.
Can anyone help on this?
This is resolved by this code.
What mainly missing was carriage return "\n" in the $dataToSign.
$content = <<< EOM
{
"groupId":"$group_id",
"entityType": "INDIVIDUAL",
"providerTypes": [
"WATCHLIST"
],
"name": "$screening_name",
"secondaryFields":[],
"customFields":[]
}
EOM;
$content_raw_length = iconv_strlen($content);
$dataToSign = "(request-target): post " . $gateway_url . "cases/screeningRequest\n" . "host: " . $gateway_host . "\n" . "date: " . $time_gmt . "\n" . "content-type: " . $content_env . "\n" . "content-length: " . $content_raw_length . "\n" . $content;
$hmac = base64_encode(hash_hmac('sha256', $dataToSign, $secret, true));
$authorisation = "Signature keyId=\"" . $api_key . "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date content-type content-length\",signature=\"" . $hmac . "\"";
Thank you for your response and how you were able to resolve the issue. For further queries please raise a new query using the same forum.
I am accepting this answer to be correct on your behalf.
Thank you for your query.
Can you please refer to this link on how to calculate the content-length of the payload?
Also, from the provided code, it seems there will be a slight change in te dataToSign calculation.
$dataToSign = "(request-target): post " . $gateway_url . "cases/screeningRequest\n" . "host: " . $gateway_host . "\n" . "date: " . $time_gmt . "\n" . "content-type: " . $content_env . "\n" . "content-length: " . $content_length . "\n" . $group_id;
From the above formed dataToSign, instead of '$group-id' you have to pass the request payload content.
Please let us know if this helps.
Thank you for your hint.
What I stuck was before cURL part.
I couldn't even generate correct $dataToSign.
Now I found what was wrong.
Naoto, Could you please tell me what was wrong, I have the same problem and I can't fix it.
@naoto.tatemichi - Could you please advise @ignacio.valenzuela on the same as requested by the user?