cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Blake Ferkingstad <bferkings...@acentek.net>
Subject RE: API Signing Issue
Date Mon, 30 Mar 2015 16:30:04 GMT
Hi Erik,

I tried adding html_entity_decode(), just in case and I am still getting the same error.

When I sort my values this is what I get.
accounttype=0
&apikey=douqimqhlbwe9-lmlahndfpo8h7nsmrs1iot9b1fo9hctilunfzsoj0iuz-giqa55puhopate2xsmnugk0ebrg
&command=createaccount
&domainid=6f0189f4-2753-426a-afe6-aa7ce0bab82e
&email=devtest@test.com
&firstname=devtest
&lastname=devtest
&password=testpassword
&username=devtest

http://localhost:8080/client/api?command=createAccount
&username=DEVtest
&email=DEVtest@test.com
&firstname=DEVtest
&lastname=DEVtest
&password=testpassword
&domainid=6f0189f4-2753-426a-afe6-aa7ce0bab82e
&accounttype=0
&apiKey=DOuQimQHLbwe9-LmLahndFPO8H7NsMrs1iOt9B1fo9hctILUnFZsoJ0IuZ-GiQA55PUHOpatE2XsMNuGK0eBRg
&signature=3UAD6iGfRS7ZSBExrov9LnfaNKA%3D

The thing that seems strange to me is that it works with other commands. What I have noticed
is that it seems to work with commands that don't have an attribute that is alphabetically
greater than apiKey, like accounttype.


-----Original Message-----
From: Erik Weber [mailto:terbolous@gmail.com] 
Sent: Monday, March 30, 2015 11:09 AM
To: users@cloudstack.apache.org
Subject: Re: API Signing Issue

No html entities or similar in $cmd that could be exploded and mistaken as a parameter?

Erik

Den mandag 30. mars 2015 skrev Blake Ferkingstad <bferkingstad@acentek.net>
følgende:

> Hello everyone,
>
>
>
> I have a question on my API Signing code. The code below I have tested 
> on commands like createDomain, listTemplates, and listServices. Those 
> all run like expected, but I am running into trouble with createAccount.
>
>
>
> function cloudstack_sign_sort($cmd)
>
> {
>
>   $commands = explode('&', $cmd);
>
>   sort($commands);
>
>   $sort = implode('&', $commands);
>
>
>
>   return $sort;
>
> }
>
>
>
> function cloudstack_formatCmd($api, $cmd) {
>
>   $str = 'apiKey=' . $api . '&' . $cmd;
>
>   $str = strtolower(cloudstack_sign_sort($str));
>
>
>
>   return $str;
>
> }
>
>
>
> function cloudstack_encrypt($cmd, $secret) {
>
>   $hash = hash_hmac('sha1', $cmd, $secret, true);
>
>   $hash = base64_encode($hash);
>
>
>
>   return urlencode($hash);
>
> }
>
>
>
> function cloudstack_formattedUrl($baseUrl, $api, $cmd, $signature) {
>
>   $url = $baseUrl . '?' . $cmd . '&apiKey=' . $api . '&signature=' .
> $signature;
>
>
>
>   return $url;
>
> }
>
>
>
> function cloudstack_sign($command, $api, $secret, $baseUrl) {
>
>     $clean_command = substr($command, strpos($command, '?'));
>
>
>
>     $newCmd = cloudstack_formatCmd($api, $clean_command);
>
>     $signature = cloudstack_encrypt($newCmd, $secret);
>
>     $url = cloudstack_formattedUrl($baseUrl, $api, $clean_command, 
> $signature);
>
>
>
>     return $url;
>
> }
>
>
>
> When I run the command it returns for createAccount I get 'Error:
> 401unable to verify user credentials and/or request signature'.
>
>
>
> Is there something wrong with my code?
>
>
>
> Thanks,
>
> Blake Ferkingstad
>
>
Mime
View raw message