How to generate QuickBlox authentication signature in PHP?

Question

I want to access the APIs in QuickBlox, but before that we need to authenticate our apps and get a session token, and using session token we can access the other APIs. But the problem is, when I send the authentication request using the required specification given on the QuickBloxwebsite, I am getting the error message:

{"errors":{"base":["Unexpected signature"]}}

The parameters to generate the signature is:

application_id=22&auth_key=wJHd4cQSxpQGWx5&nonce=33432&timestamp=1326966962

And then we convert it in HMAC-SHA format:

hash_hmac( 'sha1', $signatureStr , $authSecret);

Please help me to resolve this problem.

Answer 1

I wrote code snippet on php, it generates signature. It works good

this is my test application's credentials:

$application_id = 92;
$auth_key = "wJHdOcQSxXQGWx5";
$authSecret = "BTFsj7Rtt27DAmT";

$nonce = rand();
echo "<br>nonce: " . $nonce;

$timestamp = time();
echo "<br>timestamp: " . $timestamp ."<br>";

$stringForSignature = "application_id=".$application_id."&auth_key=".$auth_key."&nonce=".$nonce."&timestamp=".$timestamp;
echo $stringForSignature."<br>";

$signature = hash_hmac( 'sha1', $stringForSignature , $authSecret);
echo $signature;

hope this help

Answer 2

Problem solved

There was a problem in my request parameters.

$params = "application_id=$application_id&auth_key=$auth_key&timestamp=$timestamp&nonce=$nonce&signature=$signature&**auth_secret=$authSecret**";

In this parameter I was passing an extra parameter, my auth secret key which should not be there. I removed this parameter and now its working.