Skip to content
This repository has been archived by the owner on Oct 30, 2023. It is now read-only.

Signature is calculated wrongly for query string containing encoded characters #297

Open
kovalu opened this issue Dec 4, 2020 · 0 comments
Open

Signature is calculated wrongly for query string containing encoded characters #297

kovalu opened this issue Dec 4, 2020 · 0 comments

Comments

@kovalu
Copy link

kovalu commented Dec 4, 2020
edited
Loading

Took me a while, but I've identified a bug in 'AuthenticationInterceptor'.

Maybe it was not needed yet, but when I was locally implementing support for sub-account APIs and some of the query string parameters were containing email address (with @ symbol) then the request was failing with 'msg':
-1022:Signature for this request is not valid

The issue is that 'AuthenticationInterceptor' is creating the SHA256 signature from original query string, for example:
[email protected]

But it needs to be calculating it from URL encoded query string, for example:
email=foo%40bar.com

Pull request with fix: #298
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kovalu