Apex Code Development You need to sign in to do that
Don't have an account?
Siddhartha Pendyala Integration with Amazon cognito
Hi,
I've integrated Salesforce with Amazon Cognito and it works perfectly when there are no diacritic marks(such as in the call out "á") but I am getting a "The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details" error when there are diacritic marks in the call out.
I am not able to get to the root-cause of the problem, anyone who has faced the same or similar problem?
Any guidance or help is much appreciated.
Thanks,
Sid
Datetime now = Datetime.now(); String iso8601time = now.formatGmt('YYYYMMdd\'T\'HHmmss\'Z\''); String iso8601date = now.formatGmt('YYYYMMdd'); String AccessKey = 'Acesskey'; String SecretKey = 'Secretkey'; String AWS_Region = 'Region'; String Service_Name = 'execute-api'; String Service = 'AWS4-HMAC-SHA256'; String xApiKey = 'xApiKey'; String Host = 'Invokeurl of the Api gateway I configured in Amazon'; DateTime requestTime = DateTime.now(); String payloadSha256 = EncodingUtil.convertToHex(Crypto.generateDigest('sha-256', blob.valueof(bodyData))); map<String,String> headerParams = new map<string,String>(); headerParams.put('Content-Type','application/json'); //headerParams.put('charset','utf-16'); headerParams.put('Content-Length',String.valueOf(bodyData.length())); headerParams.put('x-api-key', xApiKey); headerParams.put('x-amz-date', requestTime.formatGMT('YYYYMMdd\'T\'HHmmss\'Z\'')); //headerParams.put('x-amz-content-sha256', payloadSha256); headerParams.put('host',Host); for(String key: headerParams.keySet()) { req.setHeader(key, headerParams.get(key)); } String canonicalRequest = method + '\n'; if(MyZertoUserCreationHelper.isSandbox){ canonicalRequest += '/Beta/usercreationtest' + '\n'; } else{ canonicalRequest += '/Beta/usercreation' + '\n'; } canonicalRequest += '\n'; List<String> headersList = new List<String>(headerParams.keySet()); headersList.sort(); for (String header : headersList){ String headerContent = header.toLowerCase() + ':' + headerParams.get(header).trim(); canonicalRequest += headerContent + '\n'; } canonicalRequest += '\n'; for (String header : headersList){ canonicalRequest += header.toLowerCase() + ';'; } canonicalRequest = canonicalRequest.removeEnd(';'); canonicalRequest += '\n'; canonicalRequest += EncodingUtil.convertToHex(Crypto.generateDigest('sha-256', Blob.valueof(bodyData))); system.debug('**************************CanonicalRequest' + canonicalRequest); Blob CompleteCanonicalRequest = Crypto.generateDigest('sha-256', Blob.valueOf(canonicalRequest)); String TestRequest = EncodingUtil.convertToHex(CompleteCanonicalRequest); system.debug('**************************TestCanonicalRequest' + TestRequest); String StringtoSign = String.join( new String[] { 'AWS4-HMAC-SHA256', headerParams.get('x-amz-date'), String.join(new String[] { requestTime.formatGMT('YYYYMMdd'), AWS_Region, Service_Name, 'aws4_request' },'/'), EncodingUtil.convertToHex(Crypto.generateDigest('sha-256', Blob.valueof(canonicalRequest))) }, '\n' ); system.debug('*************StringtoSign ' + StringtoSign); String today = now.formatGmt('yyyyMMdd'); Blob signingKey = Crypto.generateMac('hmacSHA256', Blob.valueOf('aws4_request'), Crypto.generateMac('hmacSHA256', Blob.valueOf(Service_Name), Crypto.generateMac('hmacSHA256', Blob.valueOf(AWS_Region), Crypto.generateMac('hmacSHA256', Blob.valueOf(requestTime.formatGMT('YYYYMMdd')), Blob.valueOf('AWS4'+SecretKey)) ) ) ); String signature = EncodingUtil.convertToHex(Crypto.generateMac('HmacSHA256', signingKey, Blob.valueOf(stringToSign))); String[] headerKeys = new String[0]; system.debug('***********************Signature' + signature); req.setHeader( 'Authorization', String.format( 'AWS4-HMAC-SHA256 Credential={0},SignedHeaders={1},Signature={2}', new String[] { String.join(new String[] { AccessKey, requestTime.formatGMT('YYYYMMdd'), AWS_Region, Service_Name, 'aws4_request' },'/'), String.join(new String[] {'content-length','content-type','host','x-amz-date','x-api-key' }, ';'), EncodingUtil.convertToHex(Crypto.generateMac('hmacSHA256', Blob.valueOf(StringtoSign), signingKey))} )); system.debug('*********************' + req.getheader('Authorization')); req.setTimeout(30 * 1000); if(bodyData != null) { req.setBody(bodyData); } system.debug('*********************** bodyData' + req.getBody()); Http http = new Http(); if(Test.isRunningTest()) { return 'unit test result'; } //System.debug('Request'+req.getHeader(key)); HttpResponse res = http.send(req); System.debug(req.toString()); System.debug(res); System.debug(res.getBody()); System.debug(res.toString()); System.debug(res.getHeader('x-amzn-RequestId')); System.debug(res.getHeader('X-Amz-Cf-Id')); System.debug('******'+ res.getHeaderKeys()); System.debug('RequestID' + res.getBodyDocument()); System.debug(res.getHeaderKeys()); System.debug('STATUS:' + res.getStatus()); System.debug('STATUS_CODE:' + res.getStatusCode()); if(res.getStatus().equalsIgnoreCase('OK')) { string resStr = res.getBody(); system.debug('Success: ' + resStr); return resStr; } system.debug('failed'); return null; }bodyData is a JSON serialized string of all the attributes needed to be sent.