APIs & Integrations

EM9
参加者

Impossible to verify signature v2 with AWS API Gateway

解決

Hi,

 

Unfortnatly API gateway normalises the URL before it hits the lamba function, so the query params are in the wrong order.  This makes it impossible to match against the actual URL.

 

Is there a specific ordering of the URL that we can rely on? I don't mind hard coding, just need to make sure it doesn't change otherwise everything will break.

 

For example, if you order alphabetically the params before sending, it would at least allow us to deterministically re-construct the URL  😞

 

Related to this:

https://community.hubspot.com/t5/APIs-Integrations/Unable-to-correctly-validate-v2-request-signature...

 

Thanks

1件の承認済みベストアンサー
dennisedson
解決策
HubSpot製品開発チーム
HubSpot製品開発チーム

Impossible to verify signature v2 with AWS API Gateway

解決

@EM9 ,

I asked the team and their advice presently is to use one of two workarounds

  1. Choose not to verify the requests
  2. Compute hashes for all permutations of ordering of the query params

Eventually, we will have a solution on our end for this, but there is no timeline and I would not expect it to happen soon.

元の投稿で解決策を見る

0 いいね!
4件の返信
TiphaineCuisset
コミュニティーマネージャー
コミュニティーマネージャー

Impossible to verify signature v2 with AWS API Gateway

解決

Hi @EM9 

 

Thank you for reaching out.

 

I want to tag some of our experts on this - @himanshurauthan @Gonzalo do you have any thoughts for @EM9 on this? 

 

Thank you!

Best

Tiphaine


Saviez vous que la Communauté est disponible en français?
Rejoignez les discussions francophones en changeant votre langue dans les paramètres !

Did you know that the Community is available in other languages?
Join regional conversations by changing your language settings !


0 いいね!
EM9
参加者

Impossible to verify signature v2 with AWS API Gateway

解決

Hi, did you get any update on this? Thanks

0 いいね!
dennisedson
解決策
HubSpot製品開発チーム
HubSpot製品開発チーム

Impossible to verify signature v2 with AWS API Gateway

解決

@EM9 ,

I asked the team and their advice presently is to use one of two workarounds

  1. Choose not to verify the requests
  2. Compute hashes for all permutations of ordering of the query params

Eventually, we will have a solution on our end for this, but there is no timeline and I would not expect it to happen soon.

0 いいね!
EM9
参加者

Impossible to verify signature v2 with AWS API Gateway

解決

Hi,

 

Just wondering if we've had any updates on this? It really isn't ideal to not verify, and we also can't even compute all permuations because we have to replicate the parsing and encoding logic on our side, which is constatly breaking our customers integrations when we run into edge cases.