AudioHook HTTP Signature Verification Failing

Genesys Cloud Integrations
1

I have integrated with Genesys AudioHooks and am facing difficulties in verifying HTTP signatures (the computed signature does not match the expected signature) for incoming audio streams as given in the Genesys documentation.

I have implemented the signature verification algorithm in NodeJS as per the Signing HTTP Messages specification provided in the docs.

As an example, I have tried computing the signature for the example given in the Genesys docs but the signature hash does not match.

This is the link to my code: Verify HTTP Signature · GitHub

This is the generated signing string:

"@request-target": /api/v1/voicebiometrics/ws
"@authority": audiohook.example.com
"audiohook-organization-id": d7934305-0972-4844-938e-9060eef73d05
"audiohook-session-id": e160e428-53e2-487c-977d-96989bf5c99d
"audiohook-correlation-id": 30b0e395-84d3-4570-ac13-9a62d8f514c0
"x-api-key": SGVsbG8sIEkgYW0gdGhlIEFQSSBrZXkh
"@signature-params": sig1=("@request-target" "@authority" "audiohook-organization-id" "audiohook-session-id" "audiohook-correlation-id" "x-api-key");keyid="SGVsbG8sIEkgYW0gdGhlIEFQSSBrZXkh";nonce="VGhpc0lzQVVuaXF1ZU5vbmNl";alg="hmac-sha256";created=1641013200;expires=3282026430

This is the computed vs expected hash.

  computedSignature: 'NzEX+susxwmO0Rh6sE6HoB+oOcLSx701vhPSkkCujyE='
  expectedSignature: 'NZBwyBHRRyRoeLqy1IzOa9VYBuI8TgMFt2GRDkDuJh4='

Would appreciate any help / pointers on what could be going wrong!

Thank you.

2

Hi Aditya,

There is a mistake in our documentation which was pointed out by another partner haven similar issues. We haven't had the time to fix the mistake yet. Basically, the values of the audiohook-session-id and audiohook-correlation-id are mixed up. Could you please try with the following:

"audiohook-session-id": 30b0e395-84d3-4570-ac13-9a62d8f514c0
"audiohook-correlation-id": e160e428-53e2-487c-977d-96989bf5c99d

Thanks,
Camiel

3

Hi @Camiel_Coppelmans,

I swapped the ids as you mentioned but the signatures are still not matching.

  computedSignature: 'gI+MSUhA8esUHDnXTve6OCkgg5QLtFAC9b6+jbkiKxo='
  expectedSignature: 'NZBwyBHRRyRoeLqy1IzOa9VYBuI8TgMFt2GRDkDuJh4='

Signing string:

"@request-target": /api/v1/voicebiometrics/ws
"@authority": audiohook.example.com
"audiohook-organization-id": d7934305-0972-4844-938e-9060eef73d05
"audiohook-session-id": 30b0e395-84d3-4570-ac13-9a62d8f514c0
"audiohook-correlation-id": e160e428-53e2-487c-977d-96989bf5c99d
"x-api-key": SGVsbG8sIEkgYW0gdGhlIEFQSSBrZXkh
"@signature-params": sig1=("@request-target" "@authority" "audiohook-organization-id" "audiohook-session-id" "audiohook-correlation-id" "x-api-key");keyid="SGVsbG8sIEkgYW0gdGhlIEFQSSBrZXkh";nonce="VGhpc0lzQVVuaXF1ZU5vbmNl";alg="hmac-sha256";created=1641013200;expires=3282026430
4

Hi @aditya.patange1,

Do you have access to our reference code? We have a reference implementation of an audiohook server in node.js. I need a GitHub user in order to give you access to it.

Maybe by comparing our reference code with yours you might be able to spot something.

Thanks,
Camiel

6

@Camiel_Coppelmans ,

Sure, I can compare the code and find out what's going wrong.

Github: AdityaPatangeProdigal

7

@aditya.patange1,

I added you as a member of this repo: https://github.com/felixwyss-genesys/audiohook-fargate

You should receive an email soon. This repo has a server reference code as well as a client tool you can use to test your own server.

Let me know if you have questions.

Thanks,
Camiel

8

@Camiel_Coppelmans

I'm in the same situation but with java. Could I also get access to the repo to view the reference code and the client tool? My public GH repo is alejandro-flores (Alejandro Flores) · GitHub

Thank you!

9

Sure, Just added you as a member of the repo.

Thanks,
Camiel

10

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.