-
Notifications
You must be signed in to change notification settings - Fork 230
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug Report: invalid signature in localhost via tunnel (ngrok or localhost.run) #347
Comments
Also tried implementing parseRequest() myself to skip signature validation, but got a different error func localParseRequest(r *http.Request) ([]*linebot.Event, error) {
defer r.Body.Close()
body, err := io.ReadAll(r.Body)
if err != nil {
log.Printf("unable to read request body: %v", r.Body)
return nil, err
}
log.Printf("Request body: %v", body)
request := &struct {
Events []*linebot.Event `json:"events"`
}{}
if err = json.Unmarshal(body, request); err != nil {
log.Printf("unable to unmarshal request body: %v", body)
return nil, err
}
return request.Events, nil
} A quick fix would be to support turning signature validation off, somehow. |
also working with AWS SAM CLI local (package to container image I believe) |
nevermind, this breaks after a while (a few days surprisingly). Must be some time-based signature validation |
Is this a request coming from LINE? Is there a possibility that this issue is occurring due to requests that do not carry json other than LINE? |
And can you check why it failed? signature validation fails only if request body or x-line-signature header is modified. I don't think it's a SDK's bug... |
This issue was closed because it has been inactive for 14 days. |
System Informations
Expected Behavior
signature validation should succeed with
Current Behavior
Got
Error parsing request: invalid signature
Steps to Reproduce
Tried
Tried
ngrok http 8080 --region jp
ssh -R 80:localhost:8080 localhost.run
ssh -R 80:localhost:8080 localhost.run -- --no-inject-http-proxy-headers
all failed
When deployed (via AWS Lambda Function URL) however, signature validation passes.
So I highly suspect it is caused by HTTP tunneling
Similar thread reporting issue: https://www.line-community.me/en/question/5f040855851f74ab9c18db6a
The text was updated successfully, but these errors were encountered: