mosparo: Problems with performing custom verification
Hi
First of all, sorry for the many issues.
I am currently working on a backed client for Mosparo, written in ColdFusion, that will eventually be made into a plugin for MasaCMS. I am currently working on the verification of the Form data but I’m having some issues with the Auth header.
I am generating the auth header as described in the docs.
/**
* Generates the authorization header for the API call.
*
* @param formData The data struct to be used in generating the header.
*/
private void function getAuthorizationHeader(
required struct formData,
string publicKey = variables.publicKey,
string privateKey = variables.privateKey
) {
local.apiEndpoint = "/api/v1/verification/verify";
local.hash = lCase(hmac(local.apiEndpoint & serializeJSON(arguments.formData), getPrivateKey(), 'HmacSHA256'));
variables.authHeader = "#getPublicKey()#:#local.hash#";
}
If I plug the example values from the example page into this function I get the same header as the example:
QqfBxsmOfIMw0-uVNnRVdDlMUZdLpTG1xo0yyifyLrI:3bdd385caa53e3da76a8dcbfcaa0d9f4e04d8c189fab03ba41383deea236b2d3
Despite all of that I keep getting the following response:
{
"error":true,
"errorMessage":"Authorization header invalid."
}
I just don’t know what to do since I have done everything that the dec asks from me and I have been on this issue since the last 4 days. In the screenshot below you will find all the values that could be useful for debugging.
All forms of help are welcome :3
Also, all my code is available in this repo.
Kind regards, Ori
About this issue
- Original URL
- State: closed
- Created a year ago
- Comments: 15 (15 by maintainers)
Hi @OriCat101
It’s me again… 😃
I’ve updated the documentation as discussed.
But when we were solving the issue today, I noticed a different thing in your code - which is not a problem right now but could generate a problem.
In line 86, you transform the field’s key to lowercase characters. This is not required by mosparo. If you have a form field with the name
firstNamein your form, then mosparo will tell you that the field is invalid since mosparo is case-sensitive, and you will try to verify it withfirstname. I suggest removing thelCaseto have no side effects.Kind regards,
zepich
Hi @OriCat101
Awesome! Thank you very much for your feedback!
You’re more than welcome! Thank you for using mosparo and helping to integrate mosparo into more systems and languages!
Wait, you already worked on that issue for two weeks? 😮 If you have any other problem in the future with mosparo, please let me know earlier! Thanks to your issue, we found two mistakes in the documentation, and I will add two new ideas for future developments (1. adding a debug mode in which the API will help you to find the issue with more information than now, and 2. adding a developer mode in which you can simulate the verification process in the UI to understand better where the problem appears), so it was very good that you created the issue!
I wish you a nice day and looking forward to your next issue… 😄
Kind regards,
zepich
Hi @zepich
Kind regards and ty sm, Ori
Hi @zepich
Thx for all your time and effort. I’ve modified my request like you told me, which has resulted in massive progress. The submissions are now showing up in the Mosparo backend🥳.
But I’m still having some problems with the client. My request get authenticated and all the tokens seem to be correct. But I am still unable to verify my submissions.
The response I get is not changing depending on what I input so I think that the issue still is my (trashy) code.
ColdFusion and good docs… Good CF documentation basically doesn’t exist. However my fav page to go for documentation is cfdocs.org, so this it what I’d suggest on using.
Kind regards, Ori
Hi @zepich
Oh, okay, here u go, this is everything I pass into hmac:
I hope this is what you needed :3
Kind regards, Ori