search

QuickBlox / quickblox-android-sdk

QuickBlox Android SDK includes code snippets with main use cases and framework JAR library.
BSD 3-Clause "New" or "Revised" License
417 stars 697 forks source link

Session / Auth request returning "Unexpected Signature" always.. #139

Closed rohan90 closed 7 years ago

rohan90 commented 8 years ago

Hi, my team has a backend which will hit the quikblox api to create a user based on few provided details. To consume the post api for user creation we need a QB-Token. To get this QB-Token we need to hit the auth/session api.

Here is what is always responded when we hit the auth api. {"errors":{"base":["Unexpected signature"]}} Request is curl -X POST -H "Content-Type: application/json" -H "QuickBlox-REST-API-Version: 0.1.0" -d '{"application_id":"31477","auth_key":"gn9xXU3PRkVNp-t","nonce":"100","timestamp":"1455092131","signature":"85460225fd325b05060bdc901d1eb413b0004f49"}' http://api.quickblox.com/session.json I generate the signature using body app_id=31477&auth_key=gn9xXU3PRkVNp-t&nonce=100&timestamp=1455092131 and key (secret_key) rH4JUTmQGGkBC5y

//your signature generation doc is not that explanatory.. http://quickblox.com/developers/Authentication_and_Authorization#Signature_generation //what we use for sig generation for now (our java code genrates exact same values) http://hash.online-convert.com/sha1-generato

ive even tried it with the /auth.json end point.

Please help Thanks in advance.

kgujral commented 8 years ago

+1

sojo90 commented 8 years ago

+1

soulfly commented 8 years ago

Guys, do you use our Android SDK or we are talking about Java integration?

mces1236 commented 8 years ago

Java Integration. On the server side, in java code, we wish to create users automatically who ever SignUp to our service.

vfite commented 8 years ago

Hi there. It could be problem with timestamp difference. Have a look at http://quickblox.com/developers/Authentication_and_Authorization#API_Session_Creation. Provide pls full logs from request and response so we can help you.

tatanka987 commented 7 years ago

Closed for long inactivity.

haris15 commented 6 years ago

any one solve this issue

i have get same issue please help me to resolve

kumar2112 commented 4 years ago

Getting same issue on quickblox api private function createSignature($data){ $http_build_query=http_build_query($data); $secreatKey=$this->QBConfig['QB_AUTH_SECREAT']; $http_build_query=trim(htmlspecialchars($http_build_query, ENT_QUOTES, 'UTF-8')); return hash_hmac('sha256',$http_build_query,$secreatKey); }

public function getToken(){
    $apiUrl           =$this->QBConfig['QB_API_BASE_URL'].'session.json';
    $QB_APPLCATION_ID =$this->QBConfig['QB_APPLCATION_ID'];
    $QB_AUTH_KEY      =$this->QBConfig['QB_AUTH_KEY'];
    //$QB_AUTH_SECREAT  =$this->QBConfig['QB_AUTH_SECREAT'];

    $postData=array(
                'application_id'=>$QB_APPLCATION_ID,
                'auth_key'      =>$QB_AUTH_KEY,
                'timestamp'     =>time(),
                'nonce'         =>rand(),

            );

    $signature=$this->createSignature($postData);
    $postData['signature']=$signature;
    //$post_body = http_build_query($postData);
    // $postData=json_encode($postData);
    // echo "<pre>";
    // print_r($postData);
    //echo json_encode($postData/)/;/
    $response=send_curl_request($apiUrl ,$postData,array('CURLOPT_POST'=>1));
    echo $response;
}
   422{"errors":{"base":["Unexpected signature"]}}