0

I am trying to connect to an external API and more specifically to replicate this Ruby code here: working code . My env variables are correct, and that is if I change them, I get an Account not found response. If I use the Ruby code provided in the link above, it works. 

    $date = new \DateTime(now());
    $date->setTimezone(new \DateTimeZone('Europe/Athens'));

    # Generates a date in this format: Wed, 21 Nov 2018 22:37:14 GMT
    $date = $date->format(\DateTime::RFC7231);
    $body = [
        'data' => [
            'type' => 'profile'
        ]
    ];
    $request_target = 'post /profiles';

    # Generates a digest using the request body
    $digest = 'SHA-256=' . base64_encode(hash('sha256', json_encode($body), true));

    $content_type = 'application/vnd.api+json';
    $accept_type = 'application/vnd.api+json';
    $version = '2016-09-01';

    # Generates the signing string. Note that the parts of the string are
    # concatenated with a newline character
    $signing_string = implode('\n', [
        "(request-target): {$request_target}",
        "date: {$date}",
        "digest: {$digest}"
    ]);

    # Creates the HMAC-SHA256 digest using the API secret and then base64
    # encodes that value
    $signature = trim(base64_encode(hash_hmac('sha256', $signing_string, env('COGNITO_SECRET'), true)));

    # Creates the authorization header and concatenates it together using
    # a comma
    $authorization = implode(',', [
        'Signature keyId="' . env('COGNITO_API_KEY') .'"',
        'algorithm="hmac-sha256"',
        'headers="(request-target) date digest"',
        'signature="' . $signature . '"'
    ]);

    $headers = [
        'Content-Type' => $content_type,
        'Cognito-Version' => $version,
        'Accept' => $accept_type,
        'Date' => $date,
        'Digest' => $digest,
        'Authorization' => $authorization,
    ];

    try {

        # Put everything together and execute the request. Note that the headers
        # are defined in the same order as they are defined in the Authorization
        # header above. They can be in any order, but they must be consistent.
        $client = new Client();
        $response = $client->post(env('COGNITO_ENDPOINT') . '/profiles', [
            RequestOptions::HEADERS => $headers,
            RequestOptions::JSON => $body,
            //'debug' => true
        ]);

    } catch (RequestException $e) {
        return $this->respondWithGeneralError(json_decode($e->getResponse()->getBody()));
    }catch (\Exception $e){
        return $this->respondWithGeneralError($e->getMessage());
    }

    return $this->respondWithSuccess('auth', $response);

But I am unable to create the correct signature, as I am getting a response of Failed to verify request signature from the endpoint.

Can anyone spot any errors or miss-placements in my code?

mallix
  • 1,399
  • 1
  • 21
  • 44

1 Answers1

0

I think this is problem

$signing_string = implode('\n'

you have a mistake with quotes, you need to use double quotes

buildok
  • 785
  • 6
  • 7