Issue with Audiohook Monitor signature validation

Thomas_Guimezanes · July 4, 2024, 9:43am

Hello,

We're working on using Audiohook Monitor integration and I encounter issue regarding signature validation.

Below are the data I receive from AUdiohook Monitor integration on my local websocket:

< GET / HTTP/1.1
< Host: bf9d-92-154-51-247.ngrok-free.app
< User-Agent: GenesysCloud-AudioHook-Client
< Accept-Encoding: gzip
< Audiohook-Correlation-Id: e0259999-2fda-4dbc-805c-bc40ace2d319
< Audiohook-Organization-Id: 25adf637-f94d-46a2-ae87-c608a9d124a8
< Audiohook-Session-Id: ddb39f3d-e48d-4c70-ac58-8d80f57e97d9
< Cache-Control: no-cache
< Connection: Upgrade
< Pragma: no-cache
< Sec-Websocket-Key: nWfXDuf/EhMlZu/U+skEKg==
< Sec-Websocket-Version: 13
< Signature: sig1=:i7z+TjKA/ACmaKYSKynTIg6bvsaOaKMluMAlzNrrMOA=:
< Signature-Input: sig1=("@request-target" "audiohook-session-id" "audiohook-organization-id" "audiohook-correlation-id" "x-api-key" "@authority");created=1720080003;expires=1720080013;keyid="123-456-789";nonce="IGum9ClGTcHAYvIR29vcT5ac";alg="hmac-sha256"
< Upgrade: websocket
< X-Api-Key: 123-456-789
< X-Forwarded-For: 52.50.203.105
< X-Forwarded-Host: bf9d-92-154-51-247.ngrok-free.app
< X-Forwarded-Proto: https
> HTTP/1.1 101 Switching Protocols
> Upgrade: websocket
> Connection: Upgrade
> Sec-WebSocket-Accept: nY412KM81vjupQkirNKmzr71Jlo=
> Date: Thu, 04 Jul 2024 08:00:03 GMT
> Server: Python/3.11 websockets/12.0
connection open

Below is my python code to validate signature:

signature_in_header = b"i7z+TjKA/ACmaKYSKynTIg6bvsaOaKMluMAlzNrrMOA="

request_target = "/"
authority = "bf9d-92-154-51-247.ngrok-free.app"
audiohook_Correlation_Id = "e0259999-2fda-4dbc-805c-bc40ace2d319"
audiohook_Org_Id = "25adf637-f94d-46a2-ae87-c608a9d124a8"
audiohook_Session_Id = "ddb39f3d-e48d-4c70-ac58-8d80f57e97d9"
x_api_key = "123-456-789"

signature_to_encode = (
    f'"@request-target": {request_target}\n'
    + f'"audiohook-session-id": {audiohook_Session_Id}\n'
    + f'"audiohook-organization-id": {audiohook_Org_Id}\n'
    + f'"audiohook-correlation-id": {audiohook_Correlation_Id}\n'
    + f'"x-api-key": {x_api_key}\n'
    + f'"@authority": {authority}\n'
)

signature = hmac.new(
    base64.b64decode(private_key),
    signature_to_encode.encode(),
    hashlib.sha256,
)

print(f"signature in header = {signature_in_header}")
print(f"signature = {base64.b64encode(signature.digest())}")

The private_key is the base64 encoded secret set in our Audiohook Monitor configuration.

When running the script, I get different signatures:

signature in header = b'i7z+TjKA/ACmaKYSKynTIg6bvsaOaKMluMAlzNrrMOA='
signature = b'jTN4PTuItmr3156XgLbOcw97Ip0pT/BhJo4WiQQuzgU='

I must be missing something obvious, but I can't get it...

Any help would be appreciated !

Thank you in advance.

Thomas.

system · August 4, 2024, 9:43am

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.