Search code examples
powershelloauthovh

OVH API Authentication with powershell

I'm trying to get a list of dedicated servers hosted at OVH using powershell, via their new spangly API. But I'm a bit stuck at generating the authentication signature. I think I followed the steps here: https://api.ovh.com/g934.first_step_with_api but I guess I messed something up. My script so far looks like this:

$ApplicationKey = 'myAppKey'
$ApplicationSecret = 'myAppSecret'

function MakeApiRequest($url, $method, $body = $null)
{
    $timestamp = (Invoke-WebRequest 'https://eu.api.ovh.com/1.0/auth/time').Content
    $consumerKey = GetConsumerKey
    $hashInput = "$ApplicationSecret+$consumerKey+$method+$url+$(if($body -eq $null) { ''} else { $body })+$timestamp"
    Write-Host "hashInput is $hashInput"
    $hashStream = new-object System.IO.MemoryStream(,[System.Text.Encoding]::UTF8.GetBytes($hashInput))
    $hash = (Get-FileHash -InputStream $hashStream -Algorithm SHA1).Hash.ToLower()
    Write-Host "hash is $hash"

    $headers = @{
        'X-Ovh-Application' = $ApplicationKey;
        'X-Ovh-Signature' = $hash;
        'X-Ovh-Consumer' = $consumerKey;
        'X-Ovh-Timestamp' = $timestamp
    }

    return Invoke-WebRequest -Method $method -Uri $url -Body $body -Headers $headers -ContentType 'application/json'
}

function GetConsumerKey()
{
    $body = @{
        accessRules = @(
            @{
                method = 'GET';
                path = '/*'
            }
        );
        redirection = 'http://crispthinking.com'
    }

    $headers = @{ 'X-Ovh-Application' = $ApplicationKey }

    $response = (Invoke-WebRequest -Method Post -Uri 'https://eu.api.ovh.com/1.0/auth/credential' -Body $($body | ConvertTo-Json) -Headers $headers -ContentType 'application/json') | ConvertFrom-Json

    return $response.consumerKey
}

$result = MakeApiRequest -url 'https://eu.api.soyoustart.com/1.0/dedicated/server/' -method 'GET'

However I get a response back that looks like this:

HTTP/1.1 400 Bad Request
Date: Mon, 11 May 2015 12:08:25 GMT
Server: Apache/2.2.20 (Unix) mod_ssl/2.2.20 OpenSSL/0.9.8o mod-xslt/1.3.9
X-OVH-QUERYID: FR.ws-2.55509bb9.27183.3172
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Connection: close
Content-Type: application/json; charset=utf-8
Content-Length: 92

{"errorCode":"INVALID_SIGNATURE","httpCode":"400 Bad Request","message":"Invalid signature"}

Can anyone see the flaw in the script?

Solution

  • I think you 've forgoten to prepend $1$ to the signature. 

    "$1$" + SHA1_HEX(AS+"+"+CK+"+"+METHOD+"+"+QUERY+"+"+BODY+"+"+TSTAMP)