Thomas_Guimezanes | 2024-07-04 09:43:17 UTC | #1
Hello,
We're working on using Audiohook Monitor integration and I encounter issue regarding signature validation.
Below are the data I receive from AUdiohook Monitor integration on my local websocket:
< GET / HTTP/1.1
< Host: bf9d-92-154-51-247.ngrok-free.app
< User-Agent: GenesysCloud-AudioHook-Client
< Accept-Encoding: gzip
< Audiohook-Correlation-Id: e0259999-2fda-4dbc-805c-bc40ace2d319
< Audiohook-Organization-Id: 25adf637-f94d-46a2-ae87-c608a9d124a8
< Audiohook-Session-Id: ddb39f3d-e48d-4c70-ac58-8d80f57e97d9
< Cache-Control: no-cache
< Connection: Upgrade
< Pragma: no-cache
< Sec-Websocket-Key: nWfXDuf/EhMlZu/U+skEKg==
< Sec-Websocket-Version: 13
< Signature: sig1=:i7z+TjKA/ACmaKYSKynTIg6bvsaOaKMluMAlzNrrMOA=:
< Signature-Input: sig1=("@request-target" "audiohook-session-id" "audiohook-organization-id" "audiohook-correlation-id" "x-api-key" "@authority");created=1720080003;expires=1720080013;keyid="123-456-789";nonce="IGum9ClGTcHAYvIR29vcT5ac";alg="hmac-sha256"
< Upgrade: websocket
< X-Api-Key: 123-456-789
< X-Forwarded-For: 52.50.203.105
< X-Forwarded-Host: bf9d-92-154-51-247.ngrok-free.app
< X-Forwarded-Proto: https
> HTTP/1.1 101 Switching Protocols
> Upgrade: websocket
> Connection: Upgrade
> Sec-WebSocket-Accept: nY412KM81vjupQkirNKmzr71Jlo=
> Date: Thu, 04 Jul 2024 08:00:03 GMT
> Server: Python/3.11 websockets/12.0
connection open
Below is my python code to validate signature:
signature_in_header = b"i7z+TjKA/ACmaKYSKynTIg6bvsaOaKMluMAlzNrrMOA="
request_target = "/"
authority = "bf9d-92-154-51-247.ngrok-free.app"
audiohook_Correlation_Id = "e0259999-2fda-4dbc-805c-bc40ace2d319"
audiohook_Org_Id = "25adf637-f94d-46a2-ae87-c608a9d124a8"
audiohook_Session_Id = "ddb39f3d-e48d-4c70-ac58-8d80f57e97d9"
x_api_key = "123-456-789"
signature_to_encode = (
f'"@request-target": {request_target}\n'
+ f'"audiohook-session-id": {audiohook_Session_Id}\n'
+ f'"audiohook-organization-id": {audiohook_Org_Id}\n'
+ f'"audiohook-correlation-id": {audiohook_Correlation_Id}\n'
+ f'"x-api-key": {x_api_key}\n'
+ f'"@authority": {authority}\n'
)
signature = hmac.new(
base64.b64decode(private_key),
signature_to_encode.encode(),
hashlib.sha256,
)
print(f"signature in header = {signature_in_header}")
print(f"signature = {base64.b64encode(signature.digest())}")
The private_key is the base64 encoded secret set in our Audiohook Monitor configuration.
When running the script, I get different signatures:
signature in header = b'i7z+TjKA/ACmaKYSKynTIg6bvsaOaKMluMAlzNrrMOA=' signature = b'jTN4PTuItmr3156XgLbOcw97Ip0pT/BhJo4WiQQuzgU='
I must be missing something obvious, but I can't get it...
Any help would be appreciated !
Thank you in advance.
Thomas.
system | 2024-08-04 09:43:59 UTC | #2
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.
This post was migrated from the old Developer Forum.
ref: 27084