0

When I try to deploy a VM using the deployVirtualMachine API of Apache CloudStack 4.6.0, it works fine without custom options. When I want to deploy a VM with custom cpuSpeed, vCPU and memory, it throw the error given below.

Platform : CloudStack 4.6.0.

ERROR : "unable to verify user credentials and/or request signature"

Given below the request to CloudStack WITHOUT custom offering through application (working):

apiKey=lGMCRQI6maiFCDsKuZAHI63u1upxCrUnNrWbXAnUZZE_qyEv7ozK_yNzYvNfXgX5x5mRcedIKynzSyLA5hf8yg&command=deployVirtualMachine&displayname=admin&displayvm=true&domainid=3776269a-949d-11e5-b907-e06995a35804&keyboard=us&name=priya&networkids=7efa5852-7e1f-4a26-9351-00f9d863aa3e&projectid=527ebed8-23f6-4c9f-9ee0-05926b035b1e&response=json&serviceofferingid=cb9fe060-1870-4bd0-8c0e-3980107acce6&templateid=96e753af-5e1a-4bf9-a28a-9f609ee06202&zoneid=af3ed220-7e36-4459-a6ea-9587a18246c0&signature=FU4xL%2FdGsYoihfWdvT%2FPrwwzthQ%3D

And Given below the request to CloudStack WITH custom offering through application (Not Working):

apiKey=lGMCRQI6maiFCDsKuZAHI63u1upxCrUnNrWbXAnUZZE_qyEv7ozK_yNzYvNfXgX5x5mRcedIKynzSyLA5hf8yg&command=deployVirtualMachine&details%5B0%5D.cpuNumber=3&details%5B0%5D.cpuSpeed=1500&details%5B0%5D.memory=512&hypervisor=KVM&iptonetworklist%5B0%5D.networkid=7efa5852-7e1f-4a26-9351-00f9d863aa3e&response=json&serviceofferingid=a1613485-8cdf-4d84-8b97-8c2695128a2f&templateid=37acb430-949d-11e5-b907-e06995a35804&zoneid=af3ed220-7e36-4459-a6ea-9587a18246c0&signature=FU4xL%2FdGsYoihfWdvT%2FPrwwzthQ%3D

Returned Error : "unable to verify user credentials and/or request signature"

Values are mapped same as CloudStack command string formation. It generates same signature for both. Noticed difference in CloudStack is cpuSpeed and cpuNumber. In both Speed and Number, first letter in upper case. During signature generation we will convert all the values to lower case.

Community
  • 1
  • 1
Mathar Badusha
  • 1
  • 2

1 Answers1

0

Mathar!

I believe you have mistakenly used the previous signature in the second request, as the HMAC1 signature could not be the same with different parameters. In any case details[0].xxx should influence final signature

You can use this manual to generate signature for every API call (Python).

In short the algorithm is as following:

  1. Get list of all request parameters
  2. URL Encode parameters and values
  3. Create a param string which looks like param1=foo&param2=bar&param3=foobar ( from the request )
  4. Get hash of this string using HMAC1 algorithm
  5. Encode the result string using Base64 encoding
  6. Add the resulted string to the end of request +'&signature=RESULTSIGNATURESTRING'
Artjoman
  • 286
  • 1
  • 9