AnsweredAssumed Answered

How to generate Authorization Header

Question asked by Javier Trillo Enriquez on Mar 21, 2016
Latest reply on Aug 9, 2017 by Srikanth Vaddanti

Hello:

 

We are trying  to generate the Authorization header from DataPower, according to format EdgeGrid v1.

To generate the Authorization header we are using an xsl.

 

When we send a request we can see the next response:

 

Request

url: https://server_hostname:port/ccu/v3/invalidate/url/staginguurl:

method: post

Content-Type: application/json

body: {"hostname": "www.example.com","objects":["/graphics/picture.gif","/documents/brochure.pdf"]}

 

      Request Headers:

Host akab-xudyurmilwbp2qn7-n2acv3zncms2hakv.purge.akamaiapis.net

Content-Length 94

User-Agent Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36

Origin chrome-extension://hgmloofddffdnphfgcellkdfbfbjeloo

Content-Type application/json

Accept */*

Accept-Encoding gzip, deflate

Accept-Language es-ES,es;q=0.8

Via 1.1 AQAAANfyAwA-

X-Client-IP 10.101.140.145

X-Global-Transaction-ID 384083335

Authorization EG1-HMAC-SHA256 client_token=************************;access_token=************************;timestamp=20160322T10:34:22+0100;nonce=fda4145a-34d4-4f3c-9525-2dd83f60b81e;signature=Rk5Xb1RVKzNOaUlMYldqcVQvYWhwdDB4TUlZMSsxSE14TjdnK3I4UDYvcz0=

 

 

               Note: client_token and access token has been replaced with ************************

 

The generated value of Authorization header is:

 

EG1-HMAC-SHA256 client_token=************************;access_token=************************;timestamp=20160322T10:34:22+0100;nonce=fda4145a-34d4-4f3c-9525-2dd83f60b81e;signature=Rk5Xb1RVKzNOaUlMYldqcVQvYWhwdDB4TUlZMSsxSE14TjdnK3I4UDYvcz0=

 

 

The value of field signature is obtained from Data to Sign:

 

POST\thttps\takab-xudyurmilwbp2qn7-n2acv3zncms2hakv.purge.akamaiapis.net\t/ccu/v3/invalidate/url/staging\thost:akab-xudyurmilwbp2qn7-n2acv3zncms2hakv.purge.akamaiapis.net\tcontent-length:94\tuser-agent:mozilla/5.0(windowsnt6.1;wow64)applewebkit/537.36(khtml,likegecko)chrome/49.0.2623.87safari/537.36\torigin:chrome-extension://hgmloofddffdnphfgcellkdfbfbjeloo\tcontent-type:application/json\taccept:*/*\taccept-encoding:gzip,deflate\taccept-language:es-es,es;q=0.8\tvia:1.1aqaaanfyawa-\tx-client-ip:10.101.140.145\tx-global-transaction-id:384083335\t\tM0NSR3g5R2t6Q1NBbmJHdDE2aFByNG4wbjAvNEMxN25XWjczK1VLNkR4OD0=\tEG1-HMAC-SHA256 client_token=************************;access_token=************************;timestamp=20160322T10:34:22+0100;nonce=fda4145a-34d4-4f3c-9525-2dd83f60b81e;

 

 

Response

{

"type": "https://problems.purge.akamaiapis.net/-/pep-authn/request-error"

"title": "Bad request"

"status": 400

"detail": "The authorization header does not have the right format"

"instance": "https://akab-xudyurmilwbp2qn7-n2acv3zncms2hakv.purge.akamaiapis.net/ccu/v3/invalidate/url/staging"

"method": "POST"

"serverIp": "95.101.109.26"

"clientIp": "91.117.253.203"

"requestId": "184e77c0"

"requestTime": "2016-03-22T09:34:23Z"

}

 

 

We don't really know where the problem can be. Maybe it can be on how we have created "Canonicalized request" headers.

It will be possible that somebody can help us to identify the issue?

 

 

Thank you very much

Regards

Outcomes