signature error - string

This shows error "The request signature we calculated does not match the signature you provided. Check your AWS.
string url;
integer statuscode;
String date1=json.serialize(Datetime.now());
if(date1.contains('"')){
date1=date1.replace('"','');}
String algorithmName = 'HmacSHA256';
date1=date1.substring(0,(date1.length()-5));
date1=date1+'Z';
date1=EncodingUtil.UrlEncode(date1,'UTF-8');
String Action=EncodingUtil.UrlEncode('CreateTopic','UTF-8');
String AccessKey=EncodingUtil.UrlEncode('APIKEY','UTF-8'); // API key hide due to security resion but i check it work fine for SES
String Signaturemethod=EncodingUtil.UrlEncode('HmacSHA256','UTF-8');
string str= 'GET\nsns.us-east-1.amazonaws.com\n/\nAction='+Action+'&Name=Testtopics&AWSAccessKeyId='+AccessKey+'&Timestamp='+date1+'&SignatureVersion=2&SignatureMethod='+Signaturemethod;
Blob mac = Crypto.generateMac(algorithmName,Blob.valueOf(str),Blob.valueOf('SECURITYKEY')); //blob value of key used in signature
url='https://sns.us-east-1.amazonaws.com/?Action=CreateTopic&Name=Testtopics&AWSAccessKeyId=ACCESSKEY&Timestamp='+date1+'&SignatureVersion=2&SignatureMethod=HmacSHA256&Signature='+EncodingUtil.UrlEncode(EncodingUtil.base64Encode(mac),'UTF-8'); // final url


I don't have much Idea about the AWS but below is what I was able to find. can't test these things anywhere to figue out the problem.
A common cause of the error message below is not properly creating the string to sign, such as forgetting to URL encode characters such as the colon (:) and the forward slash (/) in Amazon S3 bucket names.
<Error>
<Type>Sender</Type>
<Code>SignatureDoesNotMatch</Code>
<Message>The request signature we calculated does not match the signature you provided.
Check your AWS Secret Access Key and signing method.
Consult the service documentation for details.</Message>
</Error>
http://docs.aws.amazon.com/general/latest/gr/signature-version-2.html
http://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html


It looks like you might be missing a trailing single quote at the end of your url. See if that makes a difference.
url="https://sns.us-east-1.amazonaws.com/?Action=CreateTopic&Name=Testtopics&AWSAccessKeyId=ACCESSKEY&Timestamp='+date1+'&SignatureVersion=2&SignatureMethod=HmacSHA256&Signature='+EncodingUtil.UrlEncode(EncodingUtil.base64Encode(mac),'UTF-8')+"'";

Related

How to copy S3 object with special character in key

I have objects in an S3 bucket, and I do not have control over the names of the keys. Some of these keys have special characters and AWS SDK does not like them.
For example, one object key is: folder/‍Johnson, Scott to JKL-Discovery.pdf, it might look fine at first glance, but if I URL encode it: folder%2F%E2%80%8DJohnson%2C+Scott+to+JKL-Discovery.pdf, you can see that after folder/ (or folder%2F when encoded) there is a random sequence of characters %E2%80%8D before Johnson.
It is unclear where these characters come from, however, I need to be able to handle this use case. When I try to make a copy of this object using the Node.js AWS SDK,
const copyParams = {
Bucket,
CopySource,
Key : `folder/‍Johnson, Scott to JKL-Discovery.pdf`
};
let metadata = await s3.copyObject(copyParams).promise();
It fails and can't find the object, if I encodeURI() the key, it also fails.
How can I deal with this?
DO NOT SUGGEST I CHANGE THE ALLOWED CHARACTERS IN THE KEY NAME. I DO NOT HAVE CONTROL OVER THIS

Faced the same problem but with PHP. copyObject() method is automatically encoding destination parameters (Bucket and Key) parameters, but not source parameter (CopySource) so it has to be encoded manually. In php it looks like this:
$s3->copyObject([
'Bucket' => $targetBucket,
'Key' => $targetFilePath,
'CopySource' => $s3::encodeKey("{$sourceBucket}/{$sourceFilePath}"),
]);
I'm not familiar with node.js but there should also exist that encodeKey() method that can be used?

trying your string, there's a tricky 'zero width space' unicode char...
http://www.ltg.ed.ac.uk/~richard/utf-8.cgi?input=342+200+213&mode=obytes
I would sanitize the string removing unicode chars and then proceding with url encoding as requested by official docs.
encodeURI('folder/‍johnson, Scott to JKL-Discovery.pdf'.replace(/[^\x00-\x7F]/g, ""))

Amazon Seller Central MWS ListOrders GET request fails with "The request signature we calculated does not match the signature you provided."

I'm trying to make a GET call to pull orders from Amazon, but I keep getting the same signature error. I've googled around and I see that a lot of people appear to have this error, but none of their solutions seem to fix my issue. Any thoughts?
My request code:
$MWS_Timestamp=GetUTCFormattedDateTime(Date(Now_()),'UTC',false); // 2018-10-22T13:51:32Z
$MWS_AccessKey='AKIA****************';
$MWS_ClientSecret='ChOqu*************************';
$MWS_DeveloperID=798*********;
$MWS_SellerID='A3DL**********';
$MWS_MarketPlaceID='ATVP*********';
$MWS_AuthToken='amzn.mws.********-****-****-****-************';
$MWS_Action='ListOrders';
$MWS_RequestString="";
$MWS_RequestString+="AWSAccessKeyId="+UrlEncode($MWS_AccessKey,0);
$MWS_RequestString+="&Action="+UrlEncode("ListOrders",0);
$MWS_RequestString+="&LastUpdatedAfter="+UrlEncode('2018-10-21T00:00:00Z',0);
$MWS_RequestString+="&MarketplaceId.Id.1="+UrlEncode($MWS_MarketPlaceID,0);
$MWS_RequestString+="&SellerId="+UrlEncode($MWS_SellerID,0);
$MWS_RequestString+="&SignatureVersion="+UrlEncode("2",0);
$MWS_RequestString+="&SignatureMethod="+UrlEncode("HmacSHA1",0);
$MWS_RequestString+="&Timestamp="+UrlEncode($MWS_Timestamp,0);
$MWS_RequestString+="&Version=2013-09-01";
$MWS_SignatureString=$MWS_RequestString;
$signature='';
/* Creating signature with CryptoJS
var hmacsha1Data=CryptoJS.HmacSHA1($MWS_SignatureString,$MWS_ClientSecret); //Also tried $MWS_AccessKey with the same results
var base64EncodeData=CryptoJS.enc.Base64.stringify(hmacsha1Data);
$signature=encodeURIComponent(base64EncodeData);
*/
RunScript("<TAG>Scripts/JS-CryptoJS_v3.12</TAG>");
$signature=Replace($signature,"+","%2B");
$signature=Replace($signature,"/","%2F");
$signature=Replace($signature,"=","%3D");
$MWS_Request=$MWS_RequestString+"&Signature="+$signature;
$MWS_URL='https://mws.amazonservices.com/Orders/2013-09-01?'+$MWS_Request;
The Response:
<ErrorResponse xmlns="https://mws.amazonservices.com/Orders/2013-09-01">
<Error>
<Type>Sender</Type>
<Code>SignatureDoesNotMatch</Code>
<Message>
The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
</Message>
</Error>
<RequestID>54d6059b-9aa8-4d4f-a0b8-beb663599b25</RequestID>
</ErrorResponse>
I'm at a loss here as to which part is wrong. I double-checked the credentials, but everything looks good.

These parameters must all be appended in lexical order.
Here is one example where that isn't the case.
$MWS_RequestString+="&SellerId="+UrlEncode($MWS_SellerID,0);
$MWS_RequestString+="&LastUpdatedAfter="+UrlEncode('2018-10-21T00:00:00Z',0);
The order in the actual URL doesn't matter, but if you don't build them in this order then you won't calculate the right signature -- because the service will sort them before calculating the signature it expects you to send.
Also, your signature encoding is wrong.
$signature=Replace($signature,"+","%20")
There should be only 3 possibilities other than A-Z a-z 0-9:
+ becomes %2B
/ becomes %2F
= becomes %3D

How to convert string in URI

I setup OpenSips 2.3 proxy server, so any call come on server, my script grabs sip URI from DB, and forward call to that uri. When I get value I used AVP to get value and save it in $avp(didnumber), if I use rewrite with manually specifying uri it is working, but when I grab this value from DB and than assign it, it is not working in rewriteuri() method.
$ru = "sip:"+$avp(didnumber)
if I write
rewriteuri("[$ru]")
it throws following error
ERROR:core:parse_sip_msg_uri: bad uri <[$ru>
ERROR:tm:new_t: uri invalid
ERROR:tm:t_newtran: new_t failed
I think this method does not accept normal variable so I added quotation to make it string variable, now it shows fine on log but seem I have to convert variable using AVP or transformation, I tried many syntaxes but still could not do it. Please suggest.

rewrite_uri() has been deprecated in favour of simply using $ru. Your R-URI already gets completely rewritten by this statement:
$ru = "sip:" + $avp(didnumber);
However, note that the above is incorrect, since you do not supply a "hostport" part to the uri, according to the SIP RFC 3261:
SIP-URI = "sip:" [ userinfo ] hostport
uri-parameters [ headers ]
The parser will likely report an error. There are two fixes for this:
either only rewrite the R-URI "userinfo" part, like so:
$rU = $avp(didnumber);
supply a destination hostname:
$ru = "sip:" + $avp(didnumber) + "#" + $var(destination);
Following from here, you can just t_relay() using your new R-URI.
EDIT: the OpenSIPS URI parser will actually tolerate a URI such as "sip:44776772882", but it will interpret the DID as a hostname, so the errors may start appearing later, should the script writer attempt to relay the message to the invalid "44776772882" hostname.

GetMyFeesEstimate API Amazon vba

I have a problem getting a reasonable answer from Amazon. The problem is only with GetMyFeesEstimate. The other stuff like GetMyPriceForASIN works. I'm trying to get a response with VBA/Excel.
Example Code from Amazon:
https://mws.amazonservices.de/Products/2011-10-01?
FeesEstimateRequestList.FeesEstimateRequest.1.MarketplaceId=A1PA6795UKMFR9
&FeesEstimateRequestList.FeesEstimateRequest.1.IdType=ASIN
&FeesEstimateRequestList.FeesEstimateRequest.1.IdValue=3828934897
&FeesEstimateRequestList.FeesEstimateRequest.1.IsAmazonFulfilled=true
&FeesEstimateRequestList.FeesEstimateRequest.1.Identifier=request1
&FeesEstimateRequestList.FeesEstimateRequest.1.PriceToEstimateFees.ListingPrice.CurrencyCode=EUR
&FeesEstimateRequestList.FeesEstimateRequest.1.PriceToEstimateFees.ListingPrice.Amount=30.00
&FeesEstimateRequestList.FeesEstimateRequest.1.PriceToEstimateFees.Shipping.CurrencyCode=EUR
&FeesEstimateRequestList.FeesEstimateRequest.1.PriceToEstimateFees.Shipping.Amount=3.99
&FeesEstimateRequestList.FeesEstimateRequest.1.PriceToEstimateFees.Points.PointsNumber=0
&AWSAccessKeyId=XXXXXXXXXXXXX
&Action=GetMyFeesEstimate
&SellerId=XXXXXXXXXXXXXX
&SignatureMethod=HmacSHA256
&SignatureVersion=2
&Timestamp=2018-01-07T10%3A26%3A27Z&Version=2011-10-01&Signature=bJJJorhyeKwejuddJs6Z%2BVYZZmKtm0CG2GAXTrShyZM%3D
If I try to use this signed request with my data I get the following mistake:
The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
Can someone help me with this?
Here is the Documentation from Amazon.

You haven't shown code on how you are signing the request.
Since you already have been succesful for one API, can you check if you that the decimal values you are using are exactly the same in signing string and POST request?
Sometime excel stores values like 30.0 as 0.3E02 or something like that and this causes the signing string to be different from your post request.
I have used Amazon Scratchpad to create a POST and also to get a guidance on the signing string.
Please go to https://mws.amazonservices.com/scratchpad/index.html
Once you enter the details on the left and click on submit, you can see the Request details and the signing string. If you create the request exactly as specified there and sign exactly as specified there, you shouldnt have a singing issue.
Here is the sample for your request:
POST /Products/2011-10-01?AWSAccessKeyId=
&Action=GetMyFeesEstimate
&SellerId=XXXXXXXXXXXXXX
&SignatureVersion=2
&Timestamp=2018-06-12T04%3A19%3A55Z
&Version=2011-10-01
&Signature=vJLewLVH7FmUD8cpST8dD51GBUJkt6Aj9FADGLoCjNQ%3D
&SignatureMethod=HmacSHA256
&FeesEstimateRequestList.FeesEstimateRequest.1.MarketplaceId=A1PA6795UKMFR9
&FeesEstimateRequestList.FeesEstimateRequest.1.IdType=ASIN
&FeesEstimateRequestList.FeesEstimateRequest.1.IdValue=3828934897
&FeesEstimateRequestList.FeesEstimateRequest.1.IsAmazonFulfilled=true
&FeesEstimateRequestList.FeesEstimateRequest.1.Identifier=request1
&FeesEstimateRequestList.FeesEstimateRequest.1.PriceToEstimateFees.ListingPrice.Amount=30.00
&FeesEstimateRequestList.FeesEstimateRequest.1.PriceToEstimateFees.ListingPrice.CurrencyCode=EUR
&FeesEstimateRequestList.FeesEstimateRequest.1.PriceToEstimateFees.Shipping.Amount=3.99
&FeesEstimateRequestList.FeesEstimateRequest.1.PriceToEstimateFees.Shipping.CurrencyCode=EUR
&FeesEstimateRequestList.FeesEstimateRequest.1.PriceToEstimateFees.Points.PointsNumber=0 HTTP/1.1
Host: mws.amazonservices.com
x-amazon-user-agent: AmazonJavascriptScratchpad/1.0 (Language=Javascript)
Content-Type: text/xml
Here is the string to sign.
Note that you have to put CHR(10) for a new line. Do not put VBCRLF in the string.
POST
mws.amazonservices.com
/Products/2011-10-01
AWSAccessKeyId=&Action=GetMyFeesEstimate&FeesEstimateRequestList.FeesEstimateRequest.1.IdType=ASIN&FeesEstimateRequestList.FeesEstimateRequest.1.IdValue=3828934897&FeesEstimateRequestList.FeesEstimateRequest.1.Identifier=request1&FeesEstimateRequestList.FeesEstimateRequest.1.IsAmazonFulfilled=true&FeesEstimateRequestList.FeesEstimateRequest.1.MarketplaceId=A1PA6795UKMFR9&FeesEstimateRequestList.FeesEstimateRequest.1.PriceToEstimateFees.ListingPrice.Amount=30.00&FeesEstimateRequestList.FeesEstimateRequest.1.PriceToEstimateFees.ListingPrice.CurrencyCode=EUR&FeesEstimateRequestList.FeesEstimateRequest.1.PriceToEstimateFees.Points.PointsNumber=0&FeesEstimateRequestList.FeesEstimateRequest.1.PriceToEstimateFees.Shipping.Amount=3.99&FeesEstimateRequestList.FeesEstimateRequest.1.PriceToEstimateFees.Shipping.CurrencyCode=EUR&SellerId=XXXXXXXXXXXXXX&SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2018-06-12T04%3A19%3A55Z&Version=2011-10-01

Azure PUT BlockList returns 400 (Block ID is invalid. Block ID must be base64 encoded.)

I have what seems to be a pretty simple test of uploading a large file to Azure Blob storage.
The response I get is 400:
400 (Block ID is invalid. Block ID must be base64 encoded.)
The URL I am uploading to is: https://xxxx.blob.core.windows.net/tmp/af620cd8-.....&comp=blocklist
with the body:
<?xml version="1.0" encoding="utf-8"?>
<BlockList>
<Latest>BLOCK0</Latest>
<Latest>BLOCK1</Latest>
</BlockList>
This comes after a couple of successful block uploads:
https://xxxx.blob.core.windows.net/tmp/af620cd8-02e0-fee2....&blockid=BLOCK0
etc.
It doesn't seem like anything here requires Base64 encoding and the block IDs are of the same exact size (something mentioned in another post). Is there anything else I could try here?
The complete code is here:
https://github.com/mikebz/azureupload
and the specific front end file is here:
https://github.com/mikebz/azureupload/blob/master/formfileupload/templates/chunked.html

The block ids must be base64 encoded and because you're not doing so, you're getting this error.
From Put Block REST API documentaion:
blockid: Required. A valid Base64 string value that identifies the
block. Prior to encoding, the string must be less than or equal to 64
bytes in size. For a given blob, the length of the value specified for
the blockid parameter must be the same size for each block. Note that
the Base64 string must be URL-encoded.

Resources