Join the discussion
Invalid body hash

Jun 29, 2012

CRM Team says:

I'm getting the following message:

<Errors>
<Error>
  <Source>OAuth.BodyHash</Source>
  <ReasonCode>INVALID_BODY_HASH</ReasonCode>
  <Description>The oauth_body_hash parameter does not match body contents and is invalid.</Description>
  <Recoverable>false</Recoverable>
</Error>
</Errors>

When I post the following body:

<?xml version="1.0" encoding="utf-8"?>
<ns2:TerminationInquiryRequest xmlns:ns2="http://mastercard.com/termination">
          <AcquirerId>1996</AcquirerId>
          <Merchant>
                    <Name>TERMINATED MERCHANT 3</Name>
                    <PhoneNumber>5555555555</PhoneNumber>
                    <Address>
                              <Line1>304 BUCHANAN AVENUE</Line1>
                              <City>Staten Island</City>
                              <CountrySubdivision>NY</CountrySubdivision>
                              <PostalCode>55555</PostalCode>
                              <Country>USA</Country>
                    </Address>
                    <Principal>
                              <FirstName>Jamal</FirstName>
                              <LastName>Cortellari</LastName>
                              <PhoneNumber>5555555555</PhoneNumber>
                              <Address>
                                        <Line1>304 Buchanan Avenue</Line1>
                                        <City>Staten Island</City>
                                        <CountrySubdivision>NY</CountrySubdivision>
                                        <PostalCode>55555</PostalCode>
                                        <Country>USA</Country>
                              </Address>
                    </Principal>
          </Merchant>
</ns2:TerminationInquiryRequest>

which resulted in the following body hash:

/ZkDhTiJD1jbvva32JTzH7JxR+k=

I've been successfully processing other requests in sandbox, including before and after this one, this is the first that's ever resulted in this message.

The one thing I notice about the body hash is that the first character is a forward slash. While that's a valid base 64 alphabet character, could it be causing some kind of unhappiness? It's the first time I've seen that character in a body hash, though I've seen '+'.

Thanks,

Phil S.

Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.
  1. Jul 01, 2012

    Bivek Agrawal says:

    Hi Phil, According to our logs, the oauth_body_hash parameter received by the o...

    Hi Phil,

    According to our logs, the oauth_body_hash parameter received by the openapi gateway was different from what you have above (It was same all the way up to +). Both / and + are valid and I have seen both these characters in other successful calls. I also found other successful body hash where the first character is a forward slash. 

    Apparently, the problem lies in the fact that openapi gateway did not receive the correct hash with this payload. Could it be something in the client side? I did notice that you were able to make successful calls with other payloads/hash though. Not sure, what we can derive from these observations.

    ~ Bivek

  2. Jul 03, 2012

    CRM Team says:

    Thanks, Bivek. I tried again this morning with basically the same results. Foll...

    Thanks, Bivek.

    I tried again this morning with basically the same results. Following is the full auth header from a request I ran at about 8:27 AM Mountain Time:

    authorization: OAuth oauth_signature="vqDC052SPie3wYPRhsxEZc7dLKUgxrFQ%2F11U%2Fti57rhOw%2BySkyGIEuFghitqIOIZ5e7EBClpZB9VRqUKn6GU%2FXKRiO4Y1Fj4SuDCI1Eiz%2Bfrz6JjhlDK8FAuk9cEgvdFkYCm0i1tXYaeviRzC8x5WrD0OCWbti8R8UGzuy%2FKPDm1boJTasvkOrHsR3wwivavd66BAt3TP5z98I1xXh%2F7Pr38e22d59kEqV%2FsOceOk9nSA3ydQG9Q1osxBrldszXE0663ZlcIDrNt2nCqlckOJh11VtqjeGoIUcMIes%2F9NtBH49%2Fxq8jDyJRInIeTwO1LZKdPG4I9ZrrjMru3TVWPoA%3D%3D",oauth_body_hash="/ZkDhTiJD1jbvva32JTzH7JxR+k=",oauth_version="1.0",oauth_nonce="71511567431481",oauth_signature_method="RSA-SHA1",oauth_consumer_key="xxxxx obfuscated xxxxx",oauth_timestamp="1341239238"

    This came off a Fiddler display so it would seem to be at least a bit downstream from the actual generating code.

    Can you please confirm that the body hash I show is at least correct for that body, even if it's not getting through? And can you please provide what you show in your logs for the header, or at least the body hash, for the above submission?

    After the failed submission above, I tried moving the body hash to the end of the auth header, which didn't help. I also ran a request with different body content (which succeeeded as always).

    I then ran another with the same body as the failed submission, with all content set to upper case, which resulted in a different body hash and a successful transmission. I'm guessing that casing has no predictable effec on body hash, but just to confirm, is it OK to submit requests with body content in all-upper or all-lower case? I'm thinking that may be a fallback approach (resend request with different casing) if we can't figure out why that particular body hash fails.

    Appreciate the assistance!

    Phil S.

  3. Jul 03, 2012

    CRM Team says:

    Update: Today the request that was giving me problems has been processing succes...

    Update: Today the request that was giving me problems has been processing successfully, and has the same body hash.

    Chalk up another one to magic!

    Thanks,

    Phil S.


© 1994-2014. MasterCard. All rights reserved.