Signature troubleshooting

From SafeCreativeWiki

Jump to: navigation, search

If you receive InvalidSignature errors, you can use the signature-analysis debug component to analyze the request and see how the server is calculating the required signature.

Simply add the parameter debug-component=signature.analysis to your API call. Do not include the debug-component parameter in your signature calculations.

NOTE: This component is only available in arena environment

This component returns the following XML structure:

  • signatureanalisys
    • requestCharacterEncoding: Character encoding as received in the request headers. Should be UTF-8
    • signatureWanted: Correct signature calculated by the API server for the provided parameters
    • signatureProvided: Signature provided on the request by the API client
    • tokens: Tokens used for building the string whose SHA-1 hash will be used as signature
      • string: Each of the tokens. Field names, values and separators are all treated in a different own line
        • order: Order of the token in the resulting string
        • value: Token text (XML-encoded, & really means the & character.
        • hexvalue: Token bytes using UTF-8 encoding. Value is presented as a string of hexadecimal digits 0-9a-f, two digits per byte.

Your private key is not shown and its hexvalue is presented as 00000000000, though the correct value is used for calculating the wanted signature.

Example

REQUEST

https://arena.safecreative.org/v2/
?authkey=1i5g2aaf2bz09lyo867cuimqg
&component=authkey.state
&sharedkey=zy9x4ol0ctg3btyswq7b5wi9
&ztime=1271749865420
&signature=d8c2083da26b9b6bc1fb391cc7889fa739165adf
&debug-component=signature.analysis

RESPONSE

<?xml version="1.0" encoding="UTF-8"?>
<signatureanalisys>
  <requestCharacterEncoding>UTF-8</requestCharacterEncoding>
  <signatureWanted>d8c2083da26b9b6bc1fb391cc7889fa739165adf</signatureWanted>
  <signatureProvided>d8c2083da26b9b6bc1fb391cc7889fa739165adf</signatureProvided>
  <tokens>
    <string>order=0 value=[{Your *Userkey* private key}] hexvalue=00000000000</string>
    <string>order=1 value=[&] hexvalue=26</string>
    <string>order=2 value=[authkey] hexvalue=617574686b6579</string>
    <string>order=3 value=[=] hexvalue=3d</string>
    <string>order=4 value=[1i5g2aaf2bz09lyo867cuimqg] hexvalue=316935673261616632627a30396c796f3836376375696d7167</string>
    <string>order=5 value=[&] hexvalue=26</string>
    <string>order=6 value=[component] hexvalue=636f6d706f6e656e74</string>
    <string>order=7 value=[=] hexvalue=3d</string>
    <string>order=8 value=[authkey.state] hexvalue=617574686b65792e7374617465</string>
    <string>order=9 value=[&] hexvalue=26</string>
    <string>order=10 value=[sharedkey] hexvalue=7368617265646b6579</string>
    <string>order=11 value=[=] hexvalue=3d</string>
    <string>order=12 value=[zy9x4ol0ctg3btyswq7b5wi9] hexvalue=7a793978346f6c3063746733627479737771376235776939</string>
    <string>order=13 value=[&] hexvalue=26</string>
    <string>order=14 value=[ztime] hexvalue=7a74696d65</string>
    <string>order=15 value=[=] hexvalue=3d</string>
    <string>order=16 value=[1271749865420] hexvalue=31323731373439383635343230</string>
  </tokens>
</signatureanalisys>
Personal tools
Safe Stamper API