1

I'm currently getting an error when I make a GET request using httparty. The call works when I use curl. The error is as follows:

\"Authdate\":\"1531403501\"}" }, { "error_code": "external_auth_error", "error_message": "Date header is missing or timestamp out of bounds" } ] }

When I make the request via curl this is the header I use.

curl -X GET -H "AuthDate: 1531403501"

However, as you can see, the request changes from AuthDate to Authdate causing the error. Here is how I'm making the call:

require 'openssl'
require 'base64'

module SeamlessGov
  class Form
    include HTTParty
    attr_accessor :form_id
    base_uri "https://nycopp.seamlessdocs.com/api"

    def initialize(id)
      @api_key = ENV['SEAMLESS_GOV_API_KEY']
      @signature = generate_signature
      @form_id = id
      @timestamp = Time.now.to_i
    end

    def relative_uri
      "/form/#{@form_id}/elements"
    end

    def create_form
      self.class.get(relative_uri, headers: generate_headers)
    end

    private

    def generate_signature
      OpenSSL::HMAC.hexdigest('sha256', ENV['SEAMLESS_GOV_SECRET'], "GET+#{relative_uri}+#{@timestamp}")
    end

    def generate_headers
      {
        "Authorization"  => "HMAC-SHA256 api_key='#{@api_key}' signature='#{@signature}'",
        "AuthDate" => @timestamp
      }
    end
  end
end

any workaround this?

Steven Aguilar
  • 3,107
  • 5
  • 39
  • 89

2 Answers2

1

Headers are case-insensitive per the spec https://stackoverflow.com/a/41169947/1518336, so it seems like the server you're accessing is in the wrong.

Looking at Net::HTTPHeader, on which HTTParty is implemented

Unlike raw hash access, HTTPHeader provides access via case-insensitive keys

It looks like the class downcases the header keys for uniformity.

You'll likely need to look at a different networking library which doesn't rely on the net/http. Perhaps curb?

Daniel Westendorf
  • 3,375
  • 18
  • 23
0

There is a work around this in the following article

https://github.com/jnunemaker/httparty/issues/406#issuecomment-239542015

I created the file lib/net_http.rb

require 'net/http'

class Net::HTTP::ImmutableHeaderKey
  attr_reader :key

  def initialize(key)
    @key = key
  end

  def downcase
    self
  end

  def capitalize
    self
  end

  def split(*)
    [self]
  end

  def hash
    key.hash
  end

  def eql?(other)
    key.eql? other.key.eql?
  end

  def to_s
    def self.to_s
      key
    end
    self
  end
end

Then in the headers 

def generate_headers
      {
        "Authorization"  => "HMAC-SHA256 api_key='#{@api_key}' signature='#{@timestamp}'",
         Net::HTTP::ImmutableHeaderKey.new('AuthDate') => "#{@timestamp}"
      }
end
Steven Aguilar
  • 3,107
  • 5
  • 39
  • 89