Skip to content

ERROR_AUTH HMAC-SHA1 #57

Description

@Fruchtgummi

<common:messages xmlns:common="http://rest.immobilienscout24.de/schema/common/1.0">

ERROR_AUTHENTICATION_REQUIRED
Invalid signature for signature method HMAC-SHA1

</common:messages>

We can't use PHP, only Golang. We build the header with follow code. I hope you can derive it from golang-code.

signatureBase := strings.ToUpper(oa.Method) + "&" + url.QueryEscape(strings.Split(oa.Url+oa.Path, "?")[0]) + "&" + url.QueryEscape(parameterString)
	signingKey := url.QueryEscape(oa.Config.ConsumerSecret) + "&" + url.QueryEscape(oa.RequestToken.TokenSecret)
	signature := GetSignature(signatureBase, signingKey)

and the endcoding-function

func GetSignature(base, key string) string {
	hash := hmac.New(sha1.New, []byte(key))
	hash.Write([]byte(base))
	signature := hash.Sum(nil)
	return base64.StdEncoding.EncodeToString(signature)
}

If I get the offers, example from "/restapi/api/financing/construction/v2/offer" than run this with the generated header from my function.

Why do i have to treat leads differently than offers?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions