Nuki Bridge: Hashing doesn't work for me

When using the Bridge API, Hashing doesn’t work (but tokens DO work).

Time seem to be ok:
$ curl -s "${TOKEN}" | jq | grep currentTime ; ruby -r time -e 'puts'
"currentTime": "2019-07-16T16:40:24+00:00",

I do the following to construct a token:
ruby -r time -r digest -e "token=ENV['TOKEN']; rnr=rand(1001..9999);; hash=Digest::SHA256.hexdigest(%Q(#{ts},#{rand},#{token})); puts %Q(ts=#{ts}&rnr=#{rnr}&hash=#{hash})"

which results into

But using this result like
curl -s "${QUERY_PARAMS}"

always returns
HTTP 401 Unauthorized

Any ideas?

I can’t recheck your hash (as I don’t know the token), but I can see only to causes for this problem:

  • issue in the hash-calculation
  • to big difference in time-stamps (wrong time on bridge)

Considering you probably checked for time difference already I will make some wild guesses regarding hash calculation that might help you:

I am not 100% sure what your calculation does, but be sure that the commas are also part of the string to be hashed, i.e. e.g. 2019-03-05T01:06:53Z,4711,123456

For the same reason timestamp format is important (but it also looks like you are doing everything correctly here).