Getting SignatureDoesNotMatch error from SQS SendMessage - amazon-sqs

I am constructing my own REST calls for SQS SendMessage Action.
All the parameters for SendMessage are in request body. (QueueUrl, Action and MessageBody).
I have created my own signature calculation code(mostly copied from AWS SDK Java).
Now, when my MessageBody="HelloWorld" , it works fine.
That means my signature calculation and credentials are correct.
But, when I insert a space , MessageBody="Hello World", I am getting a 403 SignatureDoesNotMatch error from SQS.
I also tried "Hello%20World" as MessageBody , but that also returns a 403 error.
Also tried "Hello+World". But got same error.
I found that aws sdk converts spaces to '+' before calculating the hash of payload.
I tried MessageBody="Hello.World" and that also worked perfectly.
Is there any issue with spaces in Message Body ?
I am sending Host and x-amz-date as the only headers in my request.
The error response from SQS suggests that the hash of the payload is the only thing different in the actual and expected canonical request.

Related

how to prevent message creation api to resend complete message

I use graph api to create a message with attachment(s).
All runs fine but the server send back the complete message in response, including the attachments.
Is there a way to only get the message id in the response ?
I try with :
string webApiUrl = $"{_apiUrl}v1.0/users/{senderId}/messages?$select=id"
but I still get the whole message with 98ko of attachment.
You can do it using the prefer:return=minimal header in the request which will mean you will just get a 204 response. However the id of the item that was created will be returned in the location header (the response should really have the OData-EntityId if they are following the oData spec to the letter, also I'm not sure why it return the Outlook v2 location rather then the graph but the message Id is the same between them)

Postman gives right response,but restassured returns empty for same request?

As you can see that postman returns expected result
but res.asString() gives [] in the blow code,can you tell me why?
def "simple test"(){
String url="http://xxx.xxx.xxx/assessment/api/Test.html"
when:""
io.restassured.response.Response res=RestAssured.given().header("Content-Type", "application/x-www-form-urlencoded").formParam("Action", "getDiagnosisList").formParam("Data", "[{\"subject\":\"冠心病\",\"option\":\"是\"}]").post(url)
then:""
res.prettyPrint()=="[\"身体健康状态不良\",\"医疗处置\"]"
}
It turns out that Chinese characters can't be encoded correctedly by default,after adding blow code,everything worked as expected:
RestAssured.given().config(RestAssured.config().encoderConfig(EncoderConfig.encoderConfig().defaultContentCharset("UTF-8")))
Maybe the request did via postman has not been cached, and on the other hand the same request via restassured is using some kind of cache. Recently I was having a similar issue because of it was hitting the varnish server. I'd recommend you to take a look at the response headers from both postman and restassured.

Yelp Place API returning "Invalid Signature" Error only from Nginx on EC2

Problem: I am getting an "Invalid Signature" error from Yelp API only from production (running on nginx server in AWS) When I run locally on my localhost:3000, there is no signature error, and everything works fine.
I am using the yelp gem in rails. Here's some code in ruby.:
$client = Yelp::Client.new({
consumer_key: $SL_CONSUMER_KEY,
consumer_secret: $SL_CONSUMER_SECRET,
token: $SL_TOKEN,
token_secret: $SL_TOKEN_SECRET
})
begin
$client.search("Los Angeles")
rescue => error
puts error.message
puts error.inspect
end
error.message prints out: "Signature was invalid"
error.inspect prints out: < Yelp::Error::InvalidSignature: Signature was invalid >
Everything works when I run locally on rails' Webrick server but when I run it in production, I get an "Invalid Signature" error.
Has anyone seen this? I've looked at some relevant posts, but this seems different. Thanks!
This will probably not pertain to most people, but the off chance it could help someone, here it is:
My "time" was effed up on my EC2 instance. So for example, in ruby, Time.now was not printing the actual time. (I think it was off by a few minutes or so).
Anyway, Yelp API requires a oauth_timestamp when you send a request. Of course, then, my request was timing out b/c the time was off.
How did I found this error out?
I just pinged the URL on my browser with the oauth, token, oauth_timestamp, etc. (few more) as query params. The browser spits out the error response in JSON, and it was saying that my request was timing out. When you use the ruby Yelp Client and catch the exception in code, it doesn't spit out the error response in terminal, so it's a bit more difficult to locate the exact root of the error.
How I solved it:
I re-calibrated the time in my ec2 instance by following the directions here: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/set-time.html
Problem is solved. Peace.
Invalid signature error in Yelp API occurs due to two reasons .
First , Either of your four keys i.e consumer_key , consumer_secret_key , Token & Token Secret is invalid . Secondly Parameters passed to Yelp API Function are either invalid or any of those are nil .

Google docs API: can't download a file, downloading documents works

I'm trying out http requests to download a pdf file from google docs using google document list API and OAuth 1.0. I'm not using any external api for oauth or google docs.
Following the documentation, I obtained download URL for the pdf which works fine when placed in a browser.
According to documentation I should send a request that looks like this:
GET https://doc-04-20-docs.googleusercontent.com/docs/secure/m7an0emtau/WJm12345/YzI2Y2ExYWVm?h=16655626&e=download&gd=true
However, the download URL has something funny going on with the paremeters, it looks like this:
https://doc-00-00-docs.googleusercontent.com/docs/securesc/5ud8e...tMzQ?h=15287211447292764666&amp\;e=download&amp\;gd=true
(in the url '&amp\;' is actually without '\' but I put it here in the post to avoid escaping it as '&').
So what is the case here; do I have 3 parameters h,e,gd or do I have one parameter h with value 15287211447292764666&ae=download&gd=true, or maybe I have the following 3 param-value pairs: h = 15287211447292764666, amp;e = download, amp;gd = true (which I think is the case and it seems like a bug)?
In order to form a proper http request I need to know exectly what are the parameters names and values, however the download URL I have is confusing. Moreover, if the params names are h,amp;e and amp;gd, is the request containing those params valid for obtaining file content (if not it seems like a bug).
I didn't have problems downloading and uploading documents (msword docs) and my scope for downloading a file is correct.
I experimented with different requests a lot. When I treat the 3 parameters (h,e,gd) separetaly I get Unauthorized 401. If I assume that I have only one parameter - h with value 15287211447292764666&ae=download&gd=true I get 500 Internal Server Error (google api states: 'An unexpected error has occurred in the API.','If the problem persists, please post in the forum.').
If I don't put any paremeters at all or I put 3 parameters -h,amp;e,amp;gd, I get 302 Found. I tried following the redirections sending more requests but I still couldn't get the actual pdf content. I also experimented in OAuth Playground and it seems it's not working as it's supposed to neither. Sending get request in OAuth with the download URL responds with 302 Found instead of responding with the PDF content.
What is going on here? How can I obtain the pdf content in a response? Please help.
I have experimented same issue with oAuth2 (error 401).
Solved by inserting the oAuth2 token in request header and not in URL.
I have replaced &access_token=<token> in the URL by setRequestHeader("Authorization", "Bearer <token>" )

Adobe Flex 3 : Fault Event doesnt return XML Feed sent from Server

I am working on a flex application which communicates with a Rails backened.
When i request for some data, It sends back xml feed.
In some cases, if given parameters are not valid, then rails return an error feed with status code = 422 as following
email is wrong
But I dont get this feed in FaultEvent of Flex, How could i read error feed?
Thanks
Are you getting the result in ResultEvent in such cases? I am not sure for what all HTTP error codes FaultEvent will get invoke(I know only it goes for 404 and 500). May be its still going to ResultEvent as a valid result!
You can use HTTPService instead of URLLoader.
Flex HTTP results will not include the actual underlying HTTP response codes. It just doesn't work. (TM)

Resources