magento-deployment-service[bot]
commented
7 months ago Hi @leofdgit. Thank you for your request. I'm working on Magento instance for you.
Open andirosu opened 1 year ago
magento-deployment-service[bot]
commented
7 months ago Hi @leofdgit. Thank you for your request. I'm working on Magento instance for you.
magento-deployment-service[bot]
commented
7 months ago Hi @leofdgit, here is your Magento Instance: https://3b8bc6a917b54ec489ee9643a8191288.instances-prod.magento-community.engineering Admin access: https://3b8bc6a917b54ec489ee9643a8191288.instances-prod.magento-community.engineering/admin_4061 Login: 983837fd Password: 08ad58da92e6
leofdgit
commented
7 months ago @magento give me 2.4-develop instance
magento-deployment-service[bot]
commented
7 months ago Hi @leofdgit. Thank you for your request. I'm working on Magento instance for you.
magento-deployment-service[bot]
commented
7 months ago Hi @leofdgit, here is your Magento Instance: https://3b8bc6a917b54ec489ee9643a8191288.instances-prod.magento-community.engineering Admin access: https://3b8bc6a917b54ec489ee9643a8191288.instances-prod.magento-community.engineering/admin_0c8a Login: 7ec6de35 Password: 7054acd07e01
leofdgit
commented
7 months ago @magento give me 2.4-develop instance
magento-deployment-service[bot]
commented
7 months ago Hi @leofdgit. Thank you for your request. I'm working on Magento instance for you.
magento-deployment-service[bot]
commented
7 months ago Hi @leofdgit, here is your Magento Instance: https://3b8bc6a917b54ec489ee9643a8191288.instances-prod.magento-community.engineering Admin access: https://3b8bc6a917b54ec489ee9643a8191288.instances-prod.magento-community.engineering/admin_012b Login: c49ca020 Password: 1f4007ea92d4
boneio
commented
7 months ago It looks like this is being worked on, but having just encountered this issue, the problem appears to lie within the Laminas Oauth library.
Per similar issues on github, if a call to the API is made with data in the URL that contains a slash, it has to be encoded to avoid being interpreted as part of the route. For example a call to the stock API for a SKU "ABC/10" must be encoded to "ABC%2F10". In turn, when the oauth signature is generated, that part of the URL is encoded and becomes "ABC%252F10".
When generating the comparative oauth_signature, the Laminas oauth library is normalising the incoming request path back to "ABC/10". This then unsurprisingly doesn't result in a matching signature when it's encoded again to form the oauth sig.
There doesn't appear to be an option to tell the Laminas library not to do this, so I'm not sure what to suggest as a fix!
https://github.com/laminas/laminas-uri/blob/2.12.x/src/Uri.php#L1310
This didn't happen prior to 2.4.6 because the Zend Framework signing in use previously doesn't normalise the URL.
leofdgit
commented
7 months ago @magento give me 2.4-develop instance
magento-deployment-service[bot]
commented
7 months ago Hi @leofdgit. Thank you for your request. I'm working on Magento instance for you.
magento-deployment-service[bot]
commented
7 months ago Hi @leofdgit, here is your Magento Instance: https://3b8bc6a917b54ec489ee9643a8191288.instances-prod.magento-community.engineering Admin access: https://3b8bc6a917b54ec489ee9643a8191288.instances-prod.magento-community.engineering/admin_68ad Login: 86074dd7 Password: 9914867ed333
leofdgit
commented
7 months ago It looks like this is being worked on, but having just encountered this issue, the problem appears to lie within the Laminas Oauth library.
Per similar issues on github, if a call to the API is made with data in the URL that contains a slash, it has to be encoded to avoid being interpreted as part of the route. For example a call to the stock API for a SKU "ABC/10" must be encoded to "ABC%2F10". In turn, when the oauth signature is generated, that part of the URL is encoded and becomes "ABC%252F10".
When generating the comparative oauth_signature, the Laminas oauth library is normalising the incoming request path back to "ABC/10". This then unsurprisingly doesn't result in a matching signature when it's encoded again to form the oauth sig.
There doesn't appear to be an option to tell the Laminas library not to do this, so I'm not sure what to suggest as a fix!
https://github.com/laminas/laminas-uri/blob/2.12.x/src/Uri.php#L1310
This didn't happen prior to 2.4.6 because the Zend Framework signing in use previously doesn't normalise the URL.
Thanks for this comment. Though it may not a new issue, badly-formatted URL parameters also cause the server to return this error. For instance, I experienced this due to incorrectly-formatted timestamps in an orders query.
leofdgit
commented
7 months ago @magento give me 2.4-develop instance
magento-deployment-service[bot]
commented
7 months ago Hi @leofdgit. Thank you for your request. I'm working on Magento instance for you.
magento-deployment-service[bot]
commented
7 months ago Hi @leofdgit, here is your Magento Instance: https://3b8bc6a917b54ec489ee9643a8191288.instances-prod.magento-community.engineering Admin access: https://3b8bc6a917b54ec489ee9643a8191288.instances-prod.magento-community.engineering/admin_ecc6 Login: 67ce7baa Password: 39e2a4b62adc
leofdgit
commented
7 months ago @magento give me 2.4-develop instance
magento-deployment-service[bot]
commented
7 months ago Hi @leofdgit. Thank you for your request. I'm working on Magento instance for you.
magento-deployment-service[bot]
commented
7 months ago Hi @leofdgit, here is your Magento Instance: https://3b8bc6a917b54ec489ee9643a8191288.instances-prod.magento-community.engineering Admin access: https://3b8bc6a917b54ec489ee9643a8191288.instances-prod.magento-community.engineering/admin_615d Login: ef7ee232 Password: ed5346f4383a
G4Zz0L1
commented
6 months ago Anything new on this? I have the same situation on my end. Thanks in advance!
leofdgit
commented
6 months ago @magento give me 2.4-develop instance
magento-deployment-service[bot]
commented
6 months ago Hi @leofdgit. Thank you for your request. I'm working on Magento instance for you.
magento-deployment-service[bot]
commented
6 months ago Hi @leofdgit, here is your Magento Instance: https://3b8bc6a917b54ec489ee9643a8191288.instances-prod.magento-community.engineering Admin access: https://3b8bc6a917b54ec489ee9643a8191288.instances-prod.magento-community.engineering/admin_7577 Login: f8e003e9 Password: 4489ee65733d
leofdgit
commented
6 months ago @magento give me 2.4-develop instance
magento-deployment-service[bot]
commented
6 months ago Hi @leofdgit. Thank you for your request. I'm working on Magento instance for you.
magento-deployment-service[bot]
commented
6 months ago Hi @leofdgit, here is your Magento Instance: https://3b8bc6a917b54ec489ee9643a8191288.instances-prod.magento-community.engineering Admin access: https://3b8bc6a917b54ec489ee9643a8191288.instances-prod.magento-community.engineering/admin_dc84 Login: 743753f0 Password: e0b7a6c911ea
jorgb90
commented
2 months ago When is this finally fixed? https://github.com/magento/magento2/issues/37278
Preconditions and environment
On a Magento 2.4.4, I've tried connecting a 3rd party service that's using oauth. It didn't work, so I've tried to check if the endpoint works as expected using Postman. The message 'The signature is invalid. Verify and try again.' is haunting on every try.
Steps to reproduce
TypeisOAuth 1.0,Add autorization data tois set toRequest HeadersandSignature methodisHMAC-SHA256.Expected result
According to the documentation , the response should look like
oauth_token=4cqw0r7vo0s5goyyqnjb72sqj3vxwr0h&oauth_token_secret=rig3x3j5a9z5j6d4ubjwyf9f1l21itrrActual result
The response is
oauth_problem=The+signature+is+invalid.+Verify+and+try+again., with a 401.Additional information
No response
Release note
No response
Triage and priority