CODEWITHSUNDEEP
javaokhttphmac
Zakaria Shahed
Zakaria Shahed

Reputation: 2707

okhttp authorization signature hmac-sha256 not working

I am working with remote.it api Here is documentation https://link.remote.it/docs/graphql I have created a test account which acess is

R3_ACCESS_KEY_ID=########
R3_SECRET_ACCESS_KEY=################

Remote it have insomnia plugins, Using those plugins I can send a request to the site which is working fine enter image description here

Now I convert it to okhttp request but it always show unauthorized. I have tried with lots of options but it's not work for me.

OkHttpClient client = new OkHttpClient();

MediaType mediaType = MediaType.parse("application/graphql");
RequestBody body = RequestBody.create(mediaType, "{\"query\":\"#Query\\n\\nquery getDevices($size: Int, $from: Int, $sort: String) {\\n  login {\\n    devices(size: $size, from: $from, sort: $sort) {\\n      total\\n      hasMore\\n      items {\\n        id\\n        name\\n        hardwareId\\n        created\\n        services {\\n          id\\n          name\\n          port\\n          type\\n          state\\n          host\\n          enabled\\n        }\\n      }\\n    }\\n  }\\n}\\n\\n\",\"variables\":{\"size\":1000,\"from\":0}}");
Request request = new Request.Builder()
  .url("https://api.remote.it/graphql/v1")
  .post(body)
  .addHeader("Content-Type", "application/json")
  .addHeader("Date", "Mon, 09 Aug 2021 07:44:57 GMT")
  .addHeader("Authorization", "Signature keyId="KHHUWNUWBY6NFXLOWSSA",algorithm="hmac-sha256",headers="(request-target) host date content-type content-length",signature="zQO/9ehBLSt80jXk26Rxvgi/wJixEDJiXG9X5sXeloo="")
  .build();

Response response = client.newCall(request).execute();

I am not getting any way to solve this issue..Can anyone help me to solve this unauthorized issue?

Upvotes: 2

Views: 792

Answers (2)

Brenda Strech
Brenda Strech

Reputation: 11

It appears you are making all of the signing yourself by inspecting the request by Insomnia.

You would need a library such as https://github.com/tomitribe/http-signatures-java to generate the signed request header. You cannot calculate this header yourself as it is a product of several headers such as:

  • Access Key
  • request-target
  • host
  • date
  • content-type
  • content-length

We do not have an example for java, but you can review the other examples for elements in the signing string. https://docs.remote.it/api-reference/authentication#api-request-signing

If you still continue to have issues, please contact remote.it support at [email protected]

Upvotes: 1

Benoit Menendez
Benoit Menendez

Reputation: 11

The source for the insomnia plugin is available here: https://github.com/remoteit/insomnia-plugin-remoteit

We use the http-signature library here https://www.npmjs.com/package/http-signature, but I assume any http signature library would work as long as they follow the specification.

Upvotes: 1

Related Questions