Incorrect Signature error

Oct 18, 2007 at 7:20 PM
Hi all,

I'm getting error regarding Incorrect signature in xml payload that is returned once I login.
This is the line for signature building :
hash = md5.ComputeHash(Encoding.Default.GetBytes(signatureBuilder.ToString().Trim()));

I've pasted xml below.. .any clues??

<?xml version="1.0" encoding="UTF-8" ?>
- <error_response xmlns="http://api.facebook.com/1.0/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://api.facebook.com/1.0/ http://api.facebook.com/1.0/facebook.xsd">
<errorcode>104</errorcode>
<errormsg>Incorrect signature</errormsg>
- <request_args list="true">
- <arg>
<key>method</key>
<value>auth.getSession</value>
</arg>
- <arg>
<key>auth_token</key>
<value>#######################</value>
</arg>
- <arg>
<key>api_key</key>
<value>#######################</value>
</arg>
- <arg>
<key>v</key>
<value>1.0</value>
</arg>
- <arg>
<key>call_id</key>
<value>##########</value>
</arg>
- <arg>
<key>sig</key>
<value>#########################</value>
</arg>
</request_args>
</error_response>


Thanks
Rajiv
Developer
Oct 23, 2007 at 7:12 PM
There was a bug before with creating a signature when using non-ASCII characters. It's fixed now in the latest version in source control, and will be included in the next release.
Oct 26, 2007 at 12:34 PM
Could you please let us know what the fix is, or maybe provide us with a patch so we can make this update now on our applications instead of waiting for the next release. This issue is causing hundreds of errors a day in my application and I would appreaciate it a lot if you could provide us with the patch now. Thanks
Developer
Oct 26, 2007 at 1:53 PM
If I have some time later today I'll look into the source again and see if I can find the parts with the fix. However, you can look into the source code yourself if you want and find the patch. To get the most recent source, just go to the "Source Code" tab at the top of this page. I think the only part that needed to be changed was a section in FacebookAPI.GenerateSignature(), namely the following line:

hash = md5.ComputeHash(Encoding.UTF8.GetBytes(
signatureBuilder.ToString().Trim()));

That used to use ASCII encoding rather than UTF8, so if you change that line to use UTF8 as shown, I think it should work. If it doesn't, let me know, and I'll try to find the other parts of the fix.