This repository was archived by the owner on Oct 30, 2023. It is now read-only.
This repository was archived by the owner on Oct 30, 2023. It is now read-only.
Signature is calculated wrongly for query string containing encoded characters #297
Description
Took me a while, but I've identified a bug in 'AuthenticationInterceptor'.
Maybe it was not needed yet, but when I was locally implementing support for sub-account APIs and some of the query string parameters were containing email address (with @ symbol) then the request was failing with 'msg':
-1022:Signature for this request is not valid
The issue is that 'AuthenticationInterceptor' is creating the SHA256 signature from original query string, for example:
email=foo@bar.com
But it needs to be calculating it from URL encoded query string, for example:
email=foo%40bar.com
Pull request with fix: #298