I have rented a number through sinch.com and while I am able to successfully send an SMS to my own verified telephone number, I am unable to send SMS to various other telephone numbers.
function sendSignInText($phone_number, $first_name) {
$key = "xxxx-xxx-xxx-xxx-xxxxxxxx";
$secret = "xxxxxxxx";
$message = $first_name . ', thanks you for signing in. We will text you when we\'re ready for you';
$phone = $phone_number;
$body = json_encode(array('From' => $rented_number, 'Message'=>$message, ));
$timestamp = date("c");
$path = "/v1/sms/" . $phone;
$content_type = "application/json";
$canonicalized_headers = "x-timestamp:" . $timestamp;
$content_md5 = base64_encode( md5( utf8_encode($body), true ));
$string_to_sign =
"POST\n".
$content_md5."\n".
$content_type."\n".
$canonicalized_headers."\n".
$path;
$signature = base64_encode(hash_hmac("sha256", utf8_encode($string_to_sign), base64_decode($secret), true));
$authorization = "Application " . $key . ":" . $signature;
$service_url = 'https://messagingapi.sinch.com'.$path;
$curl = curl_init($service_url);
curl_setopt($curl, CURLOPT_HTTPHEADER, array(
'content-type: '.$content_type,
'x-timestamp:' . $timestamp,
'authorization:' . $authorization
));
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $body);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
$curl_response = curl_exec($curl);
// #todo: checking response / working with results
curl_close($curl);
}
It could be an issue with the number transferring from a sandbox version of the app. Sinch recommends you play in a sandbox before putting it out into production. So it was working as a sandbox version with my own personal telephone number and is still working as a production app with my own number but doesn't work with other, non-verified numbers. Any help would be greatly appreciated, thanks.
Related
I'm using coinbase pro API to fetch some data and to make some trades but API is returning
{"message":"IP does not match IP whitelist"}
I'm using Rest API with correct API keys. I'm sure API keys are authenticated correctly and while creating API keys, I've entered correct IP address of my server. I rechecked IP 5 times but it's correct. Below is my sample code
<?php
function signature($request_path='', $body='', $timestamp=false, $secret = '', $method='GET') {
$body = is_array($body) ? json_encode($body) : $body;
$timestamp = $timestamp ? $timestamp : time();
$what = $timestamp.$method.$request_path.$body;
return base64_encode(hash_hmac("sha256", $what, base64_decode($secret), true));
}
function make_request($url, $method, $headers, $body = ''){
$ch = curl_init();
// Disable SSL verification
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
// Will return the response, if false it print the response
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
// Set the url
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_VERBOSE, true);
if ($method == "POST") {
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
}
// "accept" => "application/json"
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
// Execute
$result_json = curl_exec($ch);
curl_close($ch);
return $result_json;
}
try {
$apiurl = "https://api.pro.coinbase.com";
$secret = "SUPER_SECRET";
$api_key = "API_KEY";
$passphrase = "PASSPHRASE";
$method = "GET";
$requestPath = "/accounts";
$body = "";
$url = $apiurl . $requestPath;
$data["name"] = "";
$body = json_encode($data);
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$list = explode(" ", $user_agent);
$user_agent = $list[0];
$timestamp = (string) time();
$string = $timestamp . $method . $requestPath;
$sig = signature($requestPath, '', $timestamp, $secret);
$headers = [
"CB-ACCESS-KEY: ".$api_key,
"CB-ACCESS-SIGN: ".$sig,
"CB-ACCESS-TIMESTAMP: ".$timestamp,
"CB-ACCESS-PASSPHRASE: ".$passphrase,
"User-Agent:". $user_agent,
"Content-Type: application/json",
];
$result_json = make_request($url, $method, $headers);
var_dump($result_json);
die;
}
catch(Exception $e){
var_dump($e->getMessage());
die;
}
I've searched a lot for this problem and been struggling with it since 2 days. If anyone can help or point me in right direction? That would be highly appreciated.
Thanks & Regards.
What is wrong?
This is all my code, I think that it should be fine, but I don't know why... with postman I haven't errors and I receive the tokens while with Curl I receive this error. I'm working in local with Mamp pro.
The error received is:
My Code To generete the Signature and get the Token:
$url = "https://account.api.here.com/oauth2/token";
$data = array(
"grant_type" => "client_credentials"
);
$oauthNonce = mt_rand();
$oauthTimestamp = time();
$oauthCustomereKey = "******";
$oauthSignatureMethod = "HMAC-SHA256";
$httpMethod = "POST";
$oauthVersion = "1.0";
$keySecret = "*****";
$baseString = $httpMethod."&". urlencode($url);
$paramString =
"grant_type=client_credentials&".
"oauth_consumer_key=". urlencode($oauthCustomereKey).
"&oauth_nonce=". urlencode($oauthNonce).
"&oauth_signature_method=". urlencode($oauthSignatureMethod).
"&oauth_timestamp=". urlencode($oauthTimestamp).
"&oauth_version=". urlencode($oauthVersion)
;
$baseString = $baseString . "&" . urlencode($paramString);
var_dump($baseString);
$signingKey= urlencode($keySecret) . "&";
$signature = urlencode(
base64_encode(
hash_hmac(
'sha256',
$baseString,
$signingKey,
true
)
)
);
$params = [
"oauth_consumer_key" => $oauthCustomereKey,
"oauth_nonce" => $oauthNonce,
"oauth_signature_method" => $oauthSignatureMethod,
"oauth_timestamp" => $oauthTimestamp,
"oauth_version" => $oauthVersion,
"oauth_signature" => $signature
];
// $lol = 'oauth_consumer_key="' . $oauthCustomereKey . '",oauth_signature_method="'.$oauthSignatureMethod . '",oauth_timestamp="'.$oauthTimestamp.'",oauth_nonce="'.$oauthNonce.'",oauth_version="'.$oauthVersion.'",oauth_signature="'.$signature.'"';
/* This will give you the proper encoded string to include in your Authorization header */
$params = http_build_query($params, null, ',', PHP_QUERY_RFC3986);
$authorization = "Authorization: OAuth " . $params;
var_dump($authorization);
if(!$curl = curl_init()){
exit;
}
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_HTTPHEADER, array(
"Content-Type : application/x-www-form-urlencoded",
$authorization));
$token = curl_exec($curl);
curl_close($curl);
return $token;
Result basestring (dump on line 87):
string(253) "POST&https%3A%2F%2Faccount.api.here.com%2Foauth2%2Ftoken&grant_type%3Dclient_credentials%26oauth_consumer_key%3D********%26oauth_nonce%3D1468397107%26oauth_signature_method%3DHMAC-SHA256%26oauth_timestamp%3D1605523226%26oauth_version%3D1.0"
And on the doc here we have this example... it look the same:
POST
&https%3A%2F%2Faccount.api.here.com%2Foauth2%2Ftoken
&grant_type=client_credentials%26oauth_consumer_key%3Daccess-key-id-1234%26oauth_nonce%3DLIIpk4%26
oauth_signature_method%3DHMAC-SHA256%26oauth_timestamp%3D1456945283%26oauth_version%3D1.0
FIXED
Finally... after 2 days...
There are 2 errors on the code above:
The parameter $data to CURLOPT_POSTFIELDS
Oauth 1.0 wants the double quotes.
So change:
curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
With
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($data));
This is strange for me, because with curl I use http_build_query with GET request and not POST, where we can use $data directly like array.
And delete:
$params = http_build_query($params, null, ',', PHP_QUERY_RFC3986);
And write the query with your beautifuls hand because $params doesn't have double quote.
I have the script below written in Ruby. I was wondering is anyone can help me convert it to PHP. I know this is a big ask. I am looking to convert the ruby script to a PHP curl request.
See the link to the documentation https://www.sinch.com/docs/rest-apis/api-documentation/#applicationsignedrequest
The first code is the SAMPLE ruby script. While the second below it is what i have attempted to write in PHP on my own. Without success because i get "Invalid signature error".
require "base64"
require "openssl"
require "time"
require "net/http"
require "uri"
require "json"
to = "+4412345678"
message = "Test sms message"
key = "wwwwwwwwwxxxxxxxx" //Key as supplied by sinch.com
secret = "zzzzzzzyyyyyyyyy" // Secret as supplied by sinch.com
body = "{\"message\":\"" + message + "\"}"
timestamp = Time.now.iso8601
http_verb = "POST"
path = "/v1/sms/" + to
scheme = "Application"
content_type = "application/json"
digest = OpenSSL::Digest.new('sha256')
canonicalized_headers = "x-timestamp:" + timestamp
content_md5 = Base64.encode64(Digest::MD5.digest(body.encode("UTF-8"))).strip
string_to_sign = http_verb + "\n" + content_md5 + "\n" + content_type + "\n" + canonicalized_headers + "\n" + path
signature = Base64.encode64(OpenSSL::HMAC.digest(digest, Base64.decode64(secret), string_to_sign.encode("UTF-8"))).strip
authorization = "Application " + key + ":" + signature
uri = URI.parse("https://messagingApi.sinch.com" + path)
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
headers = {"content-type" => "application/json", "x-timestamp" => timestamp, "authorization" => authorization}
request = Net::HTTP::Post.new(uri.request_uri)
request.initialize_http_header(headers)
request.body = body
puts JSON.parse(http.request(request).body)
Below is my script and i have no problem accepting an entirely new script. I am a super ruby rookie. Please help.
$to="+4412345678";
$text="Hello there test message";
$curl_post_data = array(
'Message' => $text
);
$curl_post_data=json_encode($curl_post_data);
$timestamp=date("c");
$key = "wwwwwwwwwwwxxxxxxxxxxx";
$secret = "zzzzzzzzzzzzyyyyyyyyyyy";
$http_verb="POST";
$path = "/v1/sms/".$to."";
$scheme = "Application ";
$content_type = "application/json";
$canonicalized_headers = "x-timestamp:".$timestamp."";
$content_md5=base64_encode( md5($curl_post_data,true) );
$string_to_sign = array(
'http_verb' => $http_verb,
'content_md5' => $content_md5,
'content_type' => $content_type,
'canonicalized_headers' =>$canonicalized_headers
);
$signature = hash_hmac("sha256", $secret,json_encode($string_to_sign));
$authorization = "".$scheme."".$key.":".$signature."";
$service_url = 'https://messagingapi.sinch.com/v1/sms/'.$to.'';
$curl = curl_init($service_url);
curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: application/json; charset=UTF-8', 'x-timestamp: '.$timestamp.'','authorization: '.$authorization.''));
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $curl_post_data);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
$curl_response = curl_exec($curl);
$response = json_decode($curl_response);
curl_close($curl);
var_dump($response);
?>
Any help will do please, Stackoverflow has been a useful resource whenever am stuck with something, i hope my question helps others too.
I got it to work, had to rewrite a few things. Anyway, here's a working code for anyone that might need it.
<?php
$to="+4412345678";
$text2="Test sms message from PHP";
$curl_post_data = array(
'message' => $text2
);
$timestamp=date("c");
$key = "wwwwwwwwwwwwwxxxxxxxxxxxxxxx";
$secret ="zzzzzzzzzzzzyyyyyyyyyyyyyy";
$http_verb="POST";
$path = "/v1/sms/".$to."";
$scheme = "Application";
$content_type = "application/json";
$canonicalized_headers = "x-timestamp:".$timestamp."";
$content_md5=md5(json_encode($curl_post_data),true);
$string_to_sign ="".$http_verb."\n".$content_md5."\n".$content_type."\n".$canonicalized_headers."\n".$path."\n";
$signature = hash_hmac("sha256", base64_encode($secret),utf8_encode($string_to_sign) true);
$signature=base64_encode($signature);
$authorization = "".$scheme."".$key.":".$signature."";
$curl_post_data=json_encode($curl_post_data);
$service_url = 'https://messagingapi.sinch.com/v1/sms/'.$to.'';
$curl = curl_init($service_url);
curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: application/json; charset=UTF-8','x-timestamp:'.$timestamp.'','authorization:'.$authorization.''));
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $curl_post_data);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
$curl_response = curl_exec($curl);
$response = json_decode($curl_response);
curl_close($curl);
var_dump($response);
?>
Completely working code. Also, thanks to 'Stephen' for basical porting from Ruby to PHP. It saves me a lot of time.
Some notes:
Key should be copied from apps menu of sinch account as is (without any conversion)
String to sign shouldn't contain new line at the end. Also, please check every changes by setting default values from commented code.
In the PHP hash_hmac function cody should be defined before secret (in Ruby arguments should be defined in other order)
If actual headers will contain charset definition - string_to_sign should contain it too. I have deleted them at all.
$key = 'key';
$secret = 'secret';
$message = 'your message';
$phone = '+000000000000';
$body = json_encode(array('message'=>$message));
$timestamp = date("c");
// {{{ test values for checking code (from docs)
/*
$phone="+46700000000";
$key = "5F5C418A0F914BBC8234A9BF5EDDAD97";
$secret ="JViE5vDor0Sw3WllZka15Q==";
$timestamp='2014-06-04T13:41:58Z';
$body = '{"message":"Hello world"}';
*/
// result:
// content-md5 should be 'jANzQ+rgAHyf1MWQFSwvYw=='
// signature should be 'qDXMwzfaxCRS849c/2R0hg0nphgdHciTo7OdM6MsdnM='
// }}}
$path = "/v1/sms/" . $phone;
$content_type = "application/json";
$canonicalized_headers = "x-timestamp:" . $timestamp;
$content_md5 = base64_encode( md5( utf8_encode($body), true ));
$string_to_sign =
"POST\n".
$content_md5."\n".
$content_type."\n".
$canonicalized_headers."\n".
$path;
$signature = base64_encode(hash_hmac("sha256", utf8_encode($string_to_sign), base64_decode($secret), true));
$authorization = "Application " . $key . ":" . $signature;
$curl_post_data=json_encode($curl_post_data);
$service_url = 'https://messagingapi.sinch.com'.$path;
$curl = curl_init($service_url);
curl_setopt($curl, CURLOPT_HTTPHEADER, array(
'content-type: '.$content_type,
'x-timestamp:' . $timestamp,
'authorization:' . $authorization
));
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $curl_post_data);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
$curl_response = curl_exec($curl);
// #todo: checking response / working with results
curl_close($curl);
i get this error calling webservice, status is:401 when i made a new account a member account (non developer account and try to integrate it in a form that i have..i based the code from the api walkthroughs in docusign itself
<?php
if(($_POST['submit']))
{
// Input your info here:
$integratorKey = 'XXXX-XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX';
$email = 'XXXXXXXXXX';
$email1 = 'XXXXXXXXX';
$email2 = 'XXXXXXXX';
$password = 'XXXXXXXX';
$name = 'XXX';
$name2 = 'XXXXXX';
// construct the authentication header:
$header = "<DocuSignCredentials><Username>" . $email . "</Username><Password>" . $password . "</Password><IntegratorKey>" . $integratorKey . "</IntegratorKey></DocuSignCredentials>";
/////////////////////////////////////////////////////////////////////////////////////////////////
// STEP 1 - Login (to retrieve baseUrl and accountId)
/////////////////////////////////////////////////////////////////////////////////////////////////
$url = "https://demo.docusign.net/restapi/v2/login_information";
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_HTTPHEADER, array("X-DocuSign-Authentication: $header"));
$json_response = curl_exec($curl);
$status = curl_getinfo($curl, CURLINFO_HTTP_CODE);
if ( $status != 200 ) {
echo "error calling webservice, status is:" . $status;
exit(-1);
}
$response = json_decode($json_response, true);
$accountId = $response["loginAccounts"][0]["accountId"];
$baseUrl = $response["loginAccounts"][0]["baseUrl"];
curl_close($curl);
//--- display results
/////////////////////////////////////////////////////////////////////////////////////////// //////
// STEP 2 - Create an envelope with one recipient, one tab, one document and send!
/////////////////////////////////////////////////////////////////////////////////////////// //////
$data = "{
\"emailBlurb\":\"This comes from Dateguard\",
\"emailSubject\":\"DocuSign API - Please Sign This Contract for Dateguard...\",
\"documents\":[
{
\"documentId\":\"1\",
\"name\":\"contract.pdf\"
}
],
\"recipients\":{
\"signers\":[
{
\"email\":\"$email1\",
\"name\":\"$name\",
\"recipientId\":\"1\",
\"tabs\":{
\"signHereTabs\":[
{
\"xPosition\":\"80\",
\"yPosition\":\"550\",
\"documentId\":\"1\",
\"pageNumber\":\"1\"
}
]
}
},
{
\"email\":\"$email2\",
\"name\":\"$name2\",
\"recipientId\":\"2\",
\"tabs\":{
\"signHereTabs\":[
{
\"xPosition\":\"400\",
\"yPosition\":\"550\",
\"documentId\":\"1\",
\"pageNumber\":\"1\"
}
]
}
}
]
},
\"status\":\"sent\"
}";
$file_contents = file_get_contents("contract.pdf");
$requestBody = "\r\n"
."\r\n"
."--myboundary\r\n"
."Content-Type: application/json\r\n"
."Content-Disposition: form-data\r\n"
."\r\n"
."$data\r\n"
."--myboundary\r\n"
."Content-Type:application/pdf\r\n"
."Content-Disposition: file; filename=\"contract.pdf\"; documentid=1 \r\n"
."\r\n"
."$file_contents\r\n"
."--myboundary--\r\n"
."\r\n";
// *** append "/envelopes" to baseUrl and as signature request endpoint
$curl = curl_init($baseUrl . "/envelopes" );
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $requestBody);
curl_setopt($curl, CURLOPT_HTTPHEADER, array(
'Content-Type: multipart/form-data;boundary=myboundary',
'Content-Length: ' . strlen($requestBody),
"X-DocuSign-Authentication: $header" )
);
$json_response = curl_exec($curl);
$status = curl_getinfo($curl, CURLINFO_HTTP_CODE);
if ( $status != 201 ) {
echo "error calling webservice, status is:" . $status . "\nerror text is --> ";
print_r($json_response); echo "\n";
exit(-1);
}
$response = json_decode($json_response, true);
$envelopeId = $response["envelopeId"];
//--- display results
$home_url = 'thanks.php';
header('Location: ' . $home_url);
}
?>
now the problem is when i use my developer account in docusign as credentials for the api it works but when i create a member account it does not( the free trial )..is it supposed to work that way?am i missing something? if it is then how am i supposed to use the api to work so that a member use their own account and use their own credentials and be able to use it in docusign api and not my own developer account because of the "test" indication. thanks in advance.
401 Authorization Required
If the code is good with developer account, then the reason should be the account privilege.
The API is not enabled on DocuSign free-trial accounts - it's enabled on free developer sandbox accounts (which do NOT expire after 30 days). The only way to create those accounts are through the DocuSign Developer Center .
Of course, if you have a live integration, meaning you passed Certification with DocuSign, then you might have a production account which has the api enabled, but while you are developing and testing you can only do so with developer accounts and not the free trials.
I am trying to connect to Windows Azure REST API, but always get issue like this:
The MAC signature found in the HTTP request '...' is not the same as any computed signature.
I can't get correct signature. I also tried on Objective-C and with different methods of Windows Azure REST API, but always get the same error. There are full listing on PHP:
function send_request($url, $headers)
{
if ($curl = curl_init())
{
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
return curl_exec($curl);
curl_close($curl);
}
return false;
}
function encode_string_to_sign($string_to_sign, $key)
{
$hash = hash_hmac("sha256", $string_to_sign, $key, true);
$signature = base64_encode($hash);
return $signature;
}
header("Content-Type: application/xhtml+xml");
// GET Container Metadata
$url = "http://snip.blob.core.windows.net/elements?restype=container&comp=metadata";
$access_key_1 = "...";
$access_key_2 = "...";
$current_date = "Thu, 28 Feb 2013 21:10:00 GMT";
$canonicalized_headers = "x-ms-date:$current_date\nx-ms-version:2009-09-19";
$canonicalized_resource = "/snip/elements\ncomp:metadata\nrestype:container";
$string_to_sign = "GET\n\n\n\n\n\n\n\n\n\n\n\n" . $canonicalized_headers . "\n" . $canonicalized_resource;
$signature = utf8_encode(encode_string_to_sign($string_to_sign, $access_key_1));
$headers = array("Authorization: SharedKey snip:" . $signature, "x-ms-date: " . $current_date, "x-ms-version: 2009-09-19");
echo send_request($url, $headers);
?>
If you are using PHP, why not using Windows Azure PHP SDK to do it? https://github.com/WindowsAzure/azure-sdk-for-php
which had been well tested against real server.