Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Session API request (PHP)

See original GitHub issue

Dears,

We are getting this below error while connecting to your api, please check anything missing

Error: {“errors”:[“Unexpected signature”]}

Php Code:

function callAPI($method, $url, $data){
   $curl = curl_init();

   switch ($method){
      case "POST":
         curl_setopt($curl, CURLOPT_POST, 1);
         if ($data)
            curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
         break;
      case "PUT":
         curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "PUT");
         if ($data)
            curl_setopt($curl, CURLOPT_POSTFIELDS, $data);			 					
         break;
      default:
         if ($data)
            $url = sprintf("%s?%s", $url, http_build_query($data));
   }

   // OPTIONS:
   curl_setopt($curl, CURLOPT_URL, $url);
   curl_setopt($curl, CURLOPT_HTTPHEADER, array(
      'Content-Length: ' . strlen($data),
      'Content-Type: application/json',
	  //'CB-Token   : '. rand(1000,10000)
   ));
   curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
   curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);

   // EXECUTE:
   $result = curl_exec($curl);
   print_r($result);
   if(!$result){die("Connection Failure");}
   curl_close($curl);
   return $result;
}
$_SESSION["nonce"] = rand(1000,10000);
$has = 'application_id=xxxxx&auth_key=xxxx&nonce="'.$_SESSION["nonce"].'"&timestamp='.time().'';
$has = hash_hmac('sha1',$has,'xxxxx');
//echo strtotime(date('Y-m-d H:i:s')).'<br>';
//echo $_SESSION["nonce"]  .'<br>';
//echo $has.'<br>';//exit;
$data = '{"application_id": "xxx", "auth_key": "xxx", "nonce": "'.$_SESSION["nonce"].'", "timestamp": "'.time().'",  "signature": "'.$has.'"}';
//echo $data;

//echo date('');
callAPI("POST",'https://api.connectycube.com/session',$data);

unset($_SESSION["nonce"]);

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Comments:6

github_iconTop GitHub Comments

5reactions
DaveLombercommented, Oct 10, 2019

Here is a complete create session request, could you please try it and let us know:

<?php
// Application credentials
DEFINE('APPLICATION_ID', 1292);
DEFINE('AUTH_KEY', "wadasdsadasdsad");
DEFINE('AUTH_SECRET', "BTsdasdsa7823mT");

// endpoints
DEFINE('CB_API_ENDPOINT', "https://api.connectycube.com");
DEFINE('CB_PATH_SESSION', "session.json");

// Generate signature
$nonce = rand();
$timestamp = time(); // time() method must return current timestamp in UTC but seems like hi is return timestamp in current time zone
$signature_string = "application_id=".APPLICATION_ID."&auth_key=".AUTH_KEY."&nonce=".$nonce."&timestamp=".$timestamp;

echo "stringForSignature: " . $signature_string . "<br><br>";
$signature = hash_hmac('sha1', $signature_string , AUTH_SECRET);

// Build post body
$post_body = http_build_query(array(
                'application_id' => APPLICATION_ID,
                'auth_key' => AUTH_KEY,
                'timestamp' => $timestamp,
                'nonce' => $nonce,
                'signature' => $signature
                ));

// $post_body = "application_id=" . APPLICATION_ID . "&auth_key=" . AUTH_KEY . "&timestamp=" . $timestamp . "&nonce=" . $nonce . "&signature=" . $signature;

 echo "postBody: " . $post_body . "<br><br>";
// Configure cURL
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, CB_API_ENDPOINT . '/' . CB_PATH_SESSION); // Full path is - https://api.connectycube.com/session.json
curl_setopt($curl, CURLOPT_POST, true); // Use POST
curl_setopt($curl, CURLOPT_POSTFIELDS, $post_body); // Setup post body
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); // Receive server response

// Execute request and read responce
$responce = curl_exec($curl);

// Check errors
if ($responce) {
        echo $responce . "\n";
} else {
        $error = curl_error($curl). '(' .curl_errno($curl). ')';
        echo $error . "\n";
}

// Close connection
curl_close($curl);
?>
0reactions
DaveLombercommented, Oct 11, 2019

In a case somebody needs to create a session with user:

<?php
// Application credentials
DEFINE('APPLICATION_ID', 1232);
DEFINE('AUTH_KEY', "adasdsad7128334");
DEFINE('AUTH_SECRET', "778adbdasddasd");

// User credentials
DEFINE('USER_LOGIN', "bobson12");
DEFINE('USER_PASSWORD', "qweqwesd");

// endpoints
DEFINE('CB_API_ENDPOINT', "https://api.connectycube.com");
DEFINE('CB_PATH_SESSION', "session.json");

// Generate signature
$nonce = rand();
$timestamp = time(); // time() method must return current timestamp in UTC but seems like hi is return timestamp in current time zone
$signature_string = "application_id=".APPLICATION_ID."&auth_key=".AUTH_KEY."&nonce=".$nonce."&timestamp=".$timestamp."&user[login]=".USER_LOGIN."&user[password]=".USER_PASSWORD;

echo "stringForSignature: " . $signature_string . "<br><br>";
$signature = hash_hmac('sha1', $signature_string , AUTH_SECRET);

// Build post body
$post_body = http_build_query(array(
                'application_id' => APPLICATION_ID,
                'auth_key' => AUTH_KEY,
                'timestamp' => $timestamp,
                'nonce' => $nonce,
                'signature' => $signature,
                'user[login]' => USER_LOGIN,
                'user[password]' => USER_PASSWORD
                ));

// $post_body = "application_id=" . APPLICATION_ID . "&auth_key=" . AUTH_KEY . "&timestamp=" . $timestamp . "&nonce=" . $nonce . "&signature=" . $signature . "&user[login]=" . USER_LOGIN . "&user[password]=" . USER_PASSWORD;

 echo "postBody: " . $post_body . "<br><br>";
// Configure cURL
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, CB_API_ENDPOINT . '/' . CB_PATH_SESSION); // Full path is - https://api.connectycube.com/session.json
curl_setopt($curl, CURLOPT_POST, true); // Use POST
curl_setopt($curl, CURLOPT_POSTFIELDS, $post_body); // Setup post body
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); // Receive server response

// Execute request and read responce
$responce = curl_exec($curl);

// Check errors
if ($responce) {
        echo $responce . "\n";
} else {
        $error = curl_error($curl). '(' .curl_errno($curl). ')';
        echo $error . "\n";
}

// Close connection
curl_close($curl);
?>
Read more comments on GitHub >

github_iconTop Results From Across the Web

How to make use of session in REST API - Stack Overflow
1 Answer 1 · It retrieve the session_id from the request · It tries to retrieve the account associated to the session_id from...
Read more >
10.5 PHP Session API and Configuration - eTutorials.org
Creates a new session, or finds an existing one. Checks for a session ID in the HTTP request?either as a cookie or a...
Read more >
Goodbye PHP Sessions, Hello JSON Web Tokens - Coderwall
REST API's are meant to be stateless. What that means is that each request from a client should include all the information needed...
Read more >
Session on API request - Laracasts
I want to use session on api request. I have changed config/auth.php file like below 'guards' => [ 'web' => [ 'driver' =>...
Read more >
Where do you recommend to store session keys for my REST ...
I'm currently developing my first REST API (tough I have written other non-rest ... You can use the built in PHP session, you...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

IOS push token not valid

Next page

Illustrator SVG > Polyline > Wont animate