You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cloudstack.apache.org by Salar Darwish <sa...@gmail.com> on 2013/12/12 10:14:27 UTC

signature php

Hello,

I am very new with cloudstack and trying to generate a signature to reqeust
some simpel api's with php. I use the following script but still get the
error:

unable to verify user credentials and/or request signature

Can some one help me what is the mistake here. Thank you in advance

$apikey =
"apikey=BN_HAbfozXjgmwUFIFLtJ7wMkhxoN7Wn2kU0_0gtGed1wu7rZDw3yHbc4QjRN-PjJRkgY1EsCWYMBlwcf0k99Q";

$secretkey =
"IUobE620Jg3CCxNA_amoaWeoMjXh5GNU0zjhYfXjZGbq9JxOsnQlutF5VjDF3-fZ2715JEceteNqnN6bN3woqw";

$response = "response=json";

$urlcommand_deployvm = $apikey . "&command=listUsers" . "&" . $response;

$hashcommand = $apikey . "&". "command=listUsers" . "&". $response;

$query = str_replace("+", "%20", $hashcommand );

$lower = strtolower($hashcommand);

$hash = hash_hmac("SHA1", $lower, $secretkey . true, TRUE);

$base64encoded = base64_encode($hash);

$signature = "signature=" . urlencode($base64encoded);

$url = "http://localhost:8080/client/api?" . $urlcommand_deployvm . "&" .
$signature;

Re: signature php

Posted by Ian Service <is...@ts2.ca>.

Hey Salar,

The keys need to be in alphabetical order for you to calculate the correct
signature, (which you have in your example: [apiKey, command, response] but
you don't have a function to handle it)

apiKey has an upper case K in my code, maybe that's it?

- Ian


On Thu, Dec 12, 2013 at 2:18 PM, Salar Darwish <sa...@gmail.com>wrote:

> Thank you. I have already checked the cloudstack php client but still can
> not find the problem with my script.
>
>
> 2013/12/12 sebgoa <ru...@gmail.com>
>
> >
> > On Dec 12, 2013, at 10:14 AM, Salar Darwish <sa...@gmail.com>
> > wrote:
> >
> > > Hello,
> > >
> > > I am very new with cloudstack and trying to generate a signature to
> > reqeust
> > > some simpel api's with php. I use the following script but still get
> the
> >
> > you might want to check this one out:
> >
> >
> >
> https://github.com/qpleple/cloudstack-php-client/blob/master/src/BaseCloudStackClient.php
> >
> >
> >
> > > error:
> > >
> > > unable to verify user credentials and/or request signature
> > >
> > > Can some one help me what is the mistake here. Thank you in advance
> > >
> > > $apikey =
> > >
> >
> "apikey=BN_HAbfozXjgmwUFIFLtJ7wMkhxoN7Wn2kU0_0gtGed1wu7rZDw3yHbc4QjRN-PjJRkgY1EsCWYMBlwcf0k99Q";
> > >
> > > $secretkey =
> > >
> >
> "IUobE620Jg3CCxNA_amoaWeoMjXh5GNU0zjhYfXjZGbq9JxOsnQlutF5VjDF3-fZ2715JEceteNqnN6bN3woqw";
> > >
> > > $response = "response=json";
> > >
> > > $urlcommand_deployvm = $apikey . "&command=listUsers" . "&" .
> $response;
> > >
> > > $hashcommand = $apikey . "&". "command=listUsers" . "&". $response;
> > >
> > > $query = str_replace("+", "%20", $hashcommand );
> > >
> > > $lower = strtolower($hashcommand);
> > >
> > > $hash = hash_hmac("SHA1", $lower, $secretkey . true, TRUE);
> > >
> > > $base64encoded = base64_encode($hash);
> > >
> > > $signature = "signature=" . urlencode($base64encoded);
> > >
> > > $url = "http://localhost:8080/client/api?" . $urlcommand_deployvm .
> "&"
> > .
> > > $signature;
> >
> >
>
>
> --
> *Met vriendelijke groet,*
> *Salar Darwish*
>

RE: signature php

Posted by Santhosh Edukulla <sa...@citrix.com>.

Salar,

Few notes:

1. You created query variable as below, but you have not used it thereafter, i believe strtolower should take your query variable instead of hashcommand?

$query = str_replace("+", "%20", $hashcommand );
lower = strtolower($hashcommand);

2. I hope hash_hmac provides you the raw digest not the hex digest, i could see two true flags for this function below, what does second to last is doing? You should get the raw digest unlike the hexdigest. I believe you are using TRUE for that.

3. Also, $urlcommand_deployvm, make sure that strings "apiKey","command", "response" are sorted and then concatenated with their corresponding values like "key1=value1&key2=value2&..", So sort your keys first and form the string with their values. The data  changes when it is going as $lower to hash_hmac.

4. Before concatenating the signature to your url, make sure to strip for any new lines or carriage returns.

5. Last, make sure to quote your "values" for above mentioned step3. Some thing like below.  The below code is working for us but in python.

hashStr = "&".join(
            ["=".join(
                [str.lower(r[0]),
                 str.lower(
                     urllib.quote_plus(str(r[1]))
                 ).replace("+", "%20")]
            ) for r in params]
        )
        signature = base64.encodestring(hmac.new(
            self.securityKey, hashStr, hashlib.sha1).digest()).strip()

Let me know.

Thanks!
Santhosh

________________________________________
From: Salar Darwish [salardarwish@gmail.com]
Sent: Thursday, December 12, 2013 2:18 PM
To: users@cloudstack.apache.org 
Subject: Re: signature php

Thank you. I have already checked the cloudstack php client but still can
not find the problem with my script.

2013/12/12 sebgoa <ru...@gmail.com>

>
> On Dec 12, 2013, at 10:14 AM, Salar Darwish <sa...@gmail.com>
> wrote:
>
> > Hello,
> >
> > I am very new with cloudstack and trying to generate a signature to
> reqeust
> > some simpel api's with php. I use the following script but still get the
>
> you might want to check this one out:
>
>
> https://github.com/qpleple/cloudstack-php-client/blob/master/src/BaseCloudStackClient.php
>
>
>
> > error:
> >
> > unable to verify user credentials and/or request signature
> >
> > Can some one help me what is the mistake here. Thank you in advance
> >
> > $apikey =
> >
> "apikey=BN_HAbfozXjgmwUFIFLtJ7wMkhxoN7Wn2kU0_0gtGed1wu7rZDw3yHbc4QjRN-PjJRkgY1EsCWYMBlwcf0k99Q";
> >
> > $secretkey =
> >
> "IUobE620Jg3CCxNA_amoaWeoMjXh5GNU0zjhYfXjZGbq9JxOsnQlutF5VjDF3-fZ2715JEceteNqnN6bN3woqw";
> >
> > $response = "response=json";
> >
> > $urlcommand_deployvm = $apikey . "&command=listUsers" . "&" . $response;
> >
> > $hashcommand = $apikey . "&". "command=listUsers" . "&". $response;
> >
> > $query = str_replace("+", "%20", $hashcommand );
> >
> > $lower = strtolower($hashcommand);
> >
> > $hash = hash_hmac("SHA1", $lower, $secretkey . true, TRUE);
> >
> > $base64encoded = base64_encode($hash);
> >
> > $signature = "signature=" . urlencode($base64encoded);
> >
> > $url = "http://localhost:8080/client/api?" . $urlcommand_deployvm . "&"
> .
> > $signature;
>
>

--
*Met vriendelijke groet,*
*Salar Darwish*

Re: signature php

Posted by Salar Darwish <sa...@gmail.com>.

Thank you. I have already checked the cloudstack php client but still can
not find the problem with my script.


2013/12/12 sebgoa <ru...@gmail.com>

>
> On Dec 12, 2013, at 10:14 AM, Salar Darwish <sa...@gmail.com>
> wrote:
>
> > Hello,
> >
> > I am very new with cloudstack and trying to generate a signature to
> reqeust
> > some simpel api's with php. I use the following script but still get the
>
> you might want to check this one out:
>
>
> https://github.com/qpleple/cloudstack-php-client/blob/master/src/BaseCloudStackClient.php
>
>
>
> > error:
> >
> > unable to verify user credentials and/or request signature
> >
> > Can some one help me what is the mistake here. Thank you in advance
> >
> > $apikey =
> >
> "apikey=BN_HAbfozXjgmwUFIFLtJ7wMkhxoN7Wn2kU0_0gtGed1wu7rZDw3yHbc4QjRN-PjJRkgY1EsCWYMBlwcf0k99Q";
> >
> > $secretkey =
> >
> "IUobE620Jg3CCxNA_amoaWeoMjXh5GNU0zjhYfXjZGbq9JxOsnQlutF5VjDF3-fZ2715JEceteNqnN6bN3woqw";
> >
> > $response = "response=json";
> >
> > $urlcommand_deployvm = $apikey . "&command=listUsers" . "&" . $response;
> >
> > $hashcommand = $apikey . "&". "command=listUsers" . "&". $response;
> >
> > $query = str_replace("+", "%20", $hashcommand );
> >
> > $lower = strtolower($hashcommand);
> >
> > $hash = hash_hmac("SHA1", $lower, $secretkey . true, TRUE);
> >
> > $base64encoded = base64_encode($hash);
> >
> > $signature = "signature=" . urlencode($base64encoded);
> >
> > $url = "http://localhost:8080/client/api?" . $urlcommand_deployvm . "&"
> .
> > $signature;
>
>


-- 
*Met vriendelijke groet,*
*Salar Darwish*

Re: signature php

Posted by sebgoa <ru...@gmail.com>.

On Dec 12, 2013, at 10:14 AM, Salar Darwish <sa...@gmail.com> wrote:

> Hello,
> 
> I am very new with cloudstack and trying to generate a signature to reqeust
> some simpel api's with php. I use the following script but still get the

you might want to check this one out:

https://github.com/qpleple/cloudstack-php-client/blob/master/src/BaseCloudStackClient.php



> error:
> 
> unable to verify user credentials and/or request signature
> 
> Can some one help me what is the mistake here. Thank you in advance
> 
> $apikey =
> "apikey=BN_HAbfozXjgmwUFIFLtJ7wMkhxoN7Wn2kU0_0gtGed1wu7rZDw3yHbc4QjRN-PjJRkgY1EsCWYMBlwcf0k99Q";
> 
> $secretkey =
> "IUobE620Jg3CCxNA_amoaWeoMjXh5GNU0zjhYfXjZGbq9JxOsnQlutF5VjDF3-fZ2715JEceteNqnN6bN3woqw";
> 
> $response = "response=json";
> 
> $urlcommand_deployvm = $apikey . "&command=listUsers" . "&" . $response;
> 
> $hashcommand = $apikey . "&". "command=listUsers" . "&". $response;
> 
> $query = str_replace("+", "%20", $hashcommand );
> 
> $lower = strtolower($hashcommand);
> 
> $hash = hash_hmac("SHA1", $lower, $secretkey . true, TRUE);
> 
> $base64encoded = base64_encode($hash);
> 
> $signature = "signature=" . urlencode($base64encoded);
> 
> $url = "http://localhost:8080/client/api?" . $urlcommand_deployvm . "&" .
> $signature;