phptuya

What is Tuya expecting for the "message"in API calls?


I'm trying to interact with the Tuya API from a PHP webapp.

I have to authenticate the user with user ID and sign to receive the TOKEN.

The main problem - I can understand what I shoude write in "message" field when I'm generating SIGN.

Following is the code I'm using to make the request to the Authorsiation Management API:

$secret = 'secret';
$clientId = 'client';

$url = "https://openapi.tuyaeu.com/v1.0/token?grant_type=1";

                        $s = strtoupper(hash_hmac("sha256", "Message",$secret));

                        $curl = curl_init($url);
                        curl_setopt($curl, CURLOPT_URL, $url);
                        curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);

                        $headers = array(
                            "sign_method: HMAC-SHA256",
                            "client_id: *MY ID*",
                            "secret: *MY Secret code*",
                            "sign:".$s,
                            "t: " . time()*1000,
                            "Content-Type: application/json",
                        );
                        curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
                        //for debug only!
                        curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
                        curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);

                        $resp = curl_exec($curl);
                        curl_close($curl);
                        var_dump($resp);

So now my request generate "wrong sign" answer. Probably coz I don't know what to put inside "message" in sign generation code at first


Solution

  • Solved:

    1. To recieve token, "message" should be MY ID + time()*1000
    2. To recieve data, "message" => my id + token (from 1)) + time()*1000