Improved Debug Logging for HTTP Bridge

[VisiBoost]

I'm trying to use signed requests for HTTP Pusher Service from my php application (using an asynchronous curl call).
Despite many tries I always have a "401 / invalid request signature" message into crossbar console.
I have already see that php and python default functions parameters where not the same:

• Python HMAC[SHA256] implementation using digest() return binary digest while Php hash_hmac method return hexdecimal value => Fixed using correct php parameters.
• Php base64_encode method doesn't URL encode result while the base64.urlsafe_b64encode method used into crossbar does => Fixed using url_encode.

(Note that those details could be added to Documentation: https://github.com/crossbario/crossbar/wiki/HTTP-Pusher-Service)

Even correcting that, I always have this error; I think that's linked to the JSON body content but is there a method to debug the signature process and check differences between data sent and data used on crossbar side to coompute signature ?
For example, is it possible to add logs when signature checking fail and debugging active ?

Thanks for your help.

---

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

[peelandsee]

i'm also interested in a php snippet to sign my request!
did you find a solution @VisiBoost ?

[VisiBoost]

No, I left this signing fact on the side for the moment and securize access using IP adress check to allow Push Request only from my webserver.

[peelandsee]

@VisiBoost maybe this will help you:
https://github.com/peelandsee/CrossbarHTTPPublisherBundle

[Arttii]

So I am running into this issue as well. Sometimes the request works and sometimes it does not. Its quite confusing with no apparent errors on crossbar side.