473,320 Members | 2,107 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

Error: client and server signatures do not match

1
Good morning to all. I need help in finding the solution to this error.
I am building integration with ShopSite.com. They have an API.
The sample code given is in PHP code.
I don't know PHP, but I have tried and successfully generated the access_token (Step 1)
Now I am trying to download the orders and getting this below error

{
"error": "access_denied",
"error_description": "client and server signatures do not match"
}

Below is my C# code:

Expand|Select|Wrap|Line Numbers
  1. string DownloadOrders()
  2.         {
  3.             Random random = new Random();
  4.             string secretKey = "D054-134B-9959-3FB2";
  5.             string token = "MTY0NzUwMTIyOHx3b29kcGFydHN8NnxGaXNoYm93bHw3NzF8";
  6.             string downloadUrl = "https://www.example.com/cgi-woodparts/sb/db_xml.cgi";
  7.             string port = "443";
  8.             string urlPath = "/cgi-woodparts/sb/db_xml.cgi";
  9.             string nonce = random.Next(123400, 9999999).ToString();
  10.             Int32 unixTimestamp = (int)DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1)).TotalSeconds;
  11.  
  12.             StringBuilder signatureBuilder = new StringBuilder();
  13.             signatureBuilder.Append(token).Append(Environment.NewLine);
  14.             signatureBuilder.Append(unixTimestamp).Append(Environment.NewLine);
  15.             signatureBuilder.Append(nonce).Append(Environment.NewLine);
  16.             signatureBuilder.Append(Environment.NewLine);
  17.             signatureBuilder.Append("POST").Append(Environment.NewLine);
  18.             Uri myUri = new Uri(downloadUrl);
  19.             string domain = myUri.Host;
  20.             signatureBuilder.Append(domain).Append(Environment.NewLine);
  21.             signatureBuilder.Append(port).Append(Environment.NewLine);
  22.             signatureBuilder.Append(urlPath).Append(Environment.NewLine);
  23.             signatureBuilder.Append("clientApp=1").Append(Environment.NewLine);
  24.             signatureBuilder.Append("dbname=orders").Append(Environment.NewLine);
  25.             signatureBuilder.Append("startdate=11%2F01%2F2021").Append(Environment.NewLine);
  26.             signatureBuilder.Append("version=14.0").Append(Environment.NewLine);
  27.  
  28.             string sSign = signatureBuilder.ToString();
  29.             string signature = GetHMAC(sSign, secretKey);
  30.  
  31.             string orderUrl = downloadUrl;
  32.             var client = new RestClient(orderUrl);
  33.             client.Timeout = -1;
  34.             var request = new RestRequest(Method.POST);
  35.             request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
  36.             request.AddParameter("token", token);
  37.             request.AddParameter("timestamp", unixTimestamp);
  38.             request.AddParameter("nonce", nonce);
  39.             request.AddParameter("signature", signature);
  40.  
  41.             request.AddParameter("clientApp", "1");
  42.             request.AddParameter("dbname", "orders");
  43.             request.AddParameter("startdate", "11%2F01%2F2020");
  44.             request.AddParameter("version", "14.0");
  45.  
  46.             var response = client.Execute(request);
  47.             return response.Content;
  48.         }
Expand|Select|Wrap|Line Numbers
  1. private string GetHMAC(string text, string key)
  2.        {
  3.             key = key ?? "";
  4.             using (var hmacsha1 = new HMACSHA1(Encoding.UTF8.GetBytes(key)))
  5.             {
  6.                 var hash = hmacsha1.ComputeHash(Encoding.UTF8.GetBytes(text));
  7.                 return Convert.ToBase64String(hash);
  8.             }
  9.         }
Below is the PHP code I am referring

Expand|Select|Wrap|Line Numbers
  1. $json = json_decode($json, true);
  2.  $nonce2 = mt_rand(10000000,99999999); # nonce for download request
  3.  $timestamp = time();                  # UNIX time
  4.  $token = $json['access_token'];
  5.  $endpointurl = $json['download_url'];
  6.  $url_stuff = parse_url($endpointurl);
  7.  $endpoint = $url_stuff['path'];
  8.  $domain = $url_stuff['host'];
  9.  $protocol = $url_stuff['scheme'];
  10.  if(isset($url_stuff['port']))
  11.    $port = $url_stuff['port'];
  12.  else if(strcasecmp($protocol, 'https') == 0)
  13.    $port = 443;
  14.  else
  15.    $port = 80;
  16.  
  17.  # put the array back into an MAC-compatible string
  18.  $imploded = "";
  19.  ksort($data);
  20.  foreach($data as $k=>$v) {
  21.    $imploded .= "$k=" . rawurlencode($v) . "\n";
  22.  }
  23.  $imploded = trim($imploded,"\n");
  24.  $macdigest = "$token\n$timestamp\n$nonce2\n\nPOST\n$domain\n$port\n$endpoint\n$imploded\n";
  25.  $macdigesthash = hash_hmac("sha1", $macdigest, $secretkey, true);
  26.  $signature2 = base64_encode($macdigesthash);
  27.  
  28.  $data['signature'] = $signature2;
  29.  $data['token'] = $token;
  30.  $data['timestamp'] = $timestamp;
  31.  $data['nonce'] = $nonce2;
  32.  
  33.  $db_request = "";
  34.  foreach ($data as $k=>$v) {
  35.    $db_request .= "$k=$v&";
  36.  }
  37.  $db_request = trim($db_request, "&");
  38.  
  39.  $ch = curl_init();
  40.  curl_setopt($ch, CURLOPT_URL, $endpointurl);
  41.  
  42.  curl_setopt($ch, CURLOPT_POST, true);
  43.  curl_setopt($ch, CURLOPT_POSTFIELDS, $db_request);
  44.  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  45.  
  46.  $downloaddata = curl_exec($ch);
  47.  curl_close($ch);
Step 2 is explained in this picture. I have coded based on this and the sample PHP code above.
Please let me know what I have missed.



This is my first post to this forum, so kindly excuse me if I have missed any rules.
Mar 18 '22 #1
0 2329

Sign in to post your reply or Sign up for a free account.

Similar topics

4
by: jobs | last post by:
Works great on my client when I test from vs.net 2005. Howevever, when I deploy to the web server, I get this error: remotely and local from the web server. An error has occurred while...
3
by: khu84 | last post by:
Here is client server very simple code, seems to work with telnet but with with web client code gives blank output. Following is the server code:- <? function...
3
by: jlgeris | last post by:
I have a fairly simple client/server structure using System.Net.Sockets, where the server only sends data to a collection of clients, and the clients only receive data, so, the data flow is...
5
by: Navdip | last post by:
Hi All, i'm implementing client & server in my java application. in which client and server both have same class structure which they want to access . client wants some data related to...
0
by: Maurizio | last post by:
I'd like to ask some suggestion regarding a software that I'm developping. For develop the project I've to use VB.NET and Framework 3.5 This is a Client Server application. I've some computer...
3
by: Python | last post by:
On 22 okt 2008, at 13:50, ryan fox wrote: does it work if you temporarily switch off the firewall? gr Arno
10
by: Elaine121 | last post by:
Hi i've been batteling for hours and can't seem to find the problem. When my server runs and I press the connect button the gui freezes until the client gui is terminated.. only then the gui becomes...
0
by: rotaryfreak | last post by:
Hello, Im building a client-server application and the user needs to input the hostName and the portNumber the client application and needs to send the portnumber to the server application. I...
1
by: HaroonAbbasi | last post by:
Hi Everyone! I need some help. i am working on .net client server application.This application is using on both server/client side enitity framewok of same entities architecture. but from different...
0
by: alexx12 | last post by:
I am developing a client server application in C#. I am sending from my server to client an object of `Student` type which I serialize on the server side and deserialize on client side. The...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.