[Solved] Rest API integration error - signature invalid

Salesforce

Last Post by CWL 3 years ago

2 Posts

1 Users

0 Likes

392 Views

RSS

Posts: 205

CWL

Admin

Issue starter

Aug 07, 2021 4:03 pm

(@cwl)

Member

Joined: 11 years ago

Need help with REST API Signature Generation. Signature generation doc is at: https://developers.woohoo.in/docs/get-started-title/oauth-2-0-protocol-recommended/oauth2-0-signature-generation-steps-for-request/ - Been struggling with this since days now. Has hit a brick wall with this error: {"code":401,"message":"oauth_problem=signature_invalid"}. Any pointer, help would be highly appreciated. This is for a custom gift card called woohoo card generation using oauth 2.0 api

system.debug('OppData:'+oppdata);
String jsbody = JSON.serialize(oppdata);
String jsonBody = jsbody.replace('currency_x', 'currency');
system.debug('JSON BODY : '+jsonBody);
map<string,Object> result = (map<string,Object>)JSON.deserializeUntyped(jsonBody);
system.debug('result: '+result);
jsonBody = JSON.serialize(result);

//String encode = EncodingUtil.URLEncode(jsonBody,'UTF-8').replace('+','%20');
//String encode = EncodingUtil.URLEncode(jsonBody,'UTF-8');
//system.debug('encode: '+encode);
//system.JSONParser requestData = JSON.createParser(jsonBody);
system.debug('jsonBody: '+jsonBody);

//signature calling
//string absApiUrl = Label.WoohooAPI+'/1000000028/resend';
String absApiUrl = Label.WoohooAPI+'/orders';
system.debug('absApiUrl: '+absApiUrl);

quickcilver__c Qc = quickcilver__c.getvalues('quickcilver details');
String secretKeyValue = Qc.Consumer_secret__c;
String reqMethod = 'POST';

String encodedAbsApiUrl = EncodingUtil.URLEncode(absApiUrl,'UTF-8');
system.debug('encodedAbsApiUrl: '+encodedAbsApiUrl);
String endPoint = reqMethod + '&' + encodedAbsApiUrl;
system.debug('endPoint: '+endPoint);

String signature;
Blob hmacData = Crypto.generateMac('HmacSHA512', Blob.valueOf(endPoint), Blob.valueOf(secretKeyValue));
signature = encodingUtil.convertToHex(hmacData);
system.debug('signature '+signature);

string dateAtClient = datetime.now().formatGMT('yyyy-MM-dd\'T\'HH:mm:ss.SSS\'Z\'');
System.debug('dateAtClient: ' + dateAtClient);

string BearerToken = quickcilverOauth.BearerToken();
BearerToken = 'Bearer ' + BearerToken;
system.debug('BearerToken: ' + BearerToken);

HttpRequest request = new HttpRequest();
request.setEndpoint(absApiUrl);
request.setMethod(reqMethod);
request.setHeader('Content-Type', 'application/json');
request.setHeader('Authorization', BearerToken);
request.setHeader('dateAtClient', dateAtClient);
request.setHeader('signature', signature);
request.setHeader('Accept', '*/*');
request.setBody(jsonBody);
//request.setBody(encode);
Http http = new Http();
HttpResponse response = http.send(request);

This Issue was modified 3 years ago by CWL

Issue Tags

rest-api apex OAuth

1 Reply

Posts: 205

CWL

Admin

Issue starter

Aug 13, 2021 12:30 pm

(@cwl)

Member

Joined: 11 years ago

Working code below. Note: if you continue to get signature invalid error, do compare the signature base string that is being generated by the code with postman signature.

System.debug('OppData:'+oppdata);

String jsbody = JSON.serialize(oppdata);
String jsonBody = jsbody.replace('currency_x', 'currency');
System.debug('JSON BODY : '+jsonBody);

map<String,Object> result = (map<String,Object>)JSON.deserializeUntyped(jsonBody);
System.debug('result: '+result);

jsonBody = JSON.serialize(result); // E

String encodedReqBody = EncodingUtil.URLEncode(jsonBody,'UTF-8').replace('+','%20'); // F
System.debug('encodedReqBody: '+encodedReqBody);
System.debug('jsonBody: '+jsonBody);

// signature calling
String absApiUrl = Label.WoohooAPI+'/orders';
System.debug('absApiUrl: '+absApiUrl);

quickcilver__c Qc = quickcilver__c.getvalues('quickcilver details');
String secretKeyValue = Qc.Consumer_secret__c;
String reqMethod = 'POST'; // A

String encodedAbsApiUrl = EncodingUtil.URLEncode(absApiUrl,'UTF-8').replace('+','%20'); // C

System.debug('encodedAbsApiUrl: '+encodedAbsApiUrl);
String endPoint = reqMethod + '&' + encodedAbsApiUrl; // D = (A&C)
String baseString = endPoint + '&' + encodedReqBody; // G = (D&F)
System.debug('endPoint: '+ endPoint);
System.debug('baseString: '+ baseString);

String signature;
// converting base string (G) to HMAC-SHA512 hash (secret)
Blob hmacData = Crypto.generateMac('HmacSHA512', Blob.valueOf(baseString), Blob.valueOf(secretKeyValue));
signature = encodingUtil.convertToHex(hmacData);
System.debug('signature: '+signature);

String dateAtClient = datetime.now().formatGMT('yyyy-MM-dd\'T\'HH:mm:ss.SSS\'Z\'');
System.debug('dateAtClient: ' + dateAtClient);

String bearerToken = quickcilverOauth.BearerToken();
bearerToken = 'Bearer ' + bearerToken;
System.debug('bearerToken: ' + bearerToken);

HttpRequest request = new HttpRequest();
request.setEndpoint(absApiUrl);
request.setMethod(reqMethod);
request.setHeader('Content-Type', 'application/json');
request.setHeader('Authorization', bearerToken);
request.setHeader('dateAtClient', dateAtClient);
request.setHeader('signature', signature);
request.setHeader('Accept', '*/*');
request.setBody(jsonBody);
Http http = new Http();
HttpResponse response = http.send(request);
System.debug('get response: ' + response.getBody());
System.debug('get response: ' + response);

2 Forums
104 Issues
218 Posts
1 Online
25 Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Issue icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed