BadSignatureError: Bad signature.
Closed this issue · 1 comments
weihsth commented
Hi,
I nearly tried 1000 different ways of generating the signature. Search nearly half a day to figure out, what the heck is going on. I used the Host URL as host, the receiver URL as host. Without host, with and without "(request-target)". Tried date header only. without any headers. Always the same result: BadSignatureError: Bad signature.
Can u please help out? What am I doing wrong?
await axios
.post(`http://localhost:xxxx/what/is/going/on`, postData, {
headers: {
'Date': signingDate,
'Authorization': getApiKeyAuthHeader(
{
url: '/what/is/going/on',
method: 'post',
},
'XXX',
'XXX-secret'
)
}
})
// [...]
import CryptoJS = require('crypto-js');
export function getApiKeyAuthHeader(data: {
method: 'post' | 'get' | 'put' | 'patch' | 'delete',
url: string
},
apiKey,
apiSecretKey) {
const signatureRawData = `(request-target): ${data.method} ${data.url}`
const signature = CryptoJS.enc.Utf8.parse(signatureRawData);
const signatureBytes = CryptoJS.HmacSHA256(signature, apiSecretKey);
const requestSignatureBase64String = CryptoJS.enc.Base64.stringify(signatureBytes);
return `Signature keyId="${apiKey}",algorithm="hmac-sha256",headers="(request-target)",signature="${requestSignatureBase64String}"`;
}
Console output on receiver side:
::ffff:127.0.0.1 - - [09/Sep/2021:20:48:02 +0000] "POST /what/is/going/on HTTP/1.1" 500 60 "-" "axios/0.21.4"
{
accept: 'application/json, text/plain, */*',
'content-type': 'application/json',
date: 'Thu, 09 Sep 2021 20:57:25 GMT',
authorization: 'Signature keyId="XXX",algorithm="hmac-sha256",headers="(request-target)",signature="0YaPbz9lAJ3trsJvWSRwCxTAf7h7/1NGSdK/5jY20Fw="',
'user-agent': 'axios/0.21.4',
'content-length': '2',
host: 'localhost:xxxx',
connection: 'close'
}
BadSignatureError: Bad signature.
- index.js?:57 eval
[.]/[api-key-auth]/lib/index.js?:57:21
- app.ts?:158 getSecret
webpack://express/./app/app.ts?:158:16
- index.js?:49 middleware
[.]/[api-key-auth]/lib/index.js?:49:5
- app.ts?:170 authCheck
webpack://express/./app/app.ts?:170:41
- app.ts?:147 eval
webpack://express/./app/app.ts?:147:5
- urlencoded.js:82 urlencodedParser
[api]/[body-parser]/lib/types/urlencoded.js:82:7
weihsth commented
Update:
I used an own implemention now since this package seems dead.