Dave Slusher

2 minute read

YouTube video: https://youtu.be/R1Qgz51T4wI

The Live Coding Team: dave.slusher, ctomasi, josh.nerius

In this episode, we work with the Sift API in order to parse emails. Specifically, the involved generation of the signature in order to validate the request is the main thrust of this session. We begin with two requests that outwardly seem the same and work through why they signatures first are different and then generate different results between using NodeJS and the integration from a ServiceNow instance.

Video Index

00:00 - Intros

02:25 - Beers!

03:05 - Discussion of Browser Caching API issues from the previous session

05:20 - Introduction to Sift API

10:45 - Breaking down to the simplest thing to see signing actually working

18:15 - “How did you get the HMAC signature working?” Via importing CryptoJS

19:45 - Signatures match, why doesn’t the API call from my instance succeed?

21:45 - Outbound HTTP Logging to the rescue!

25:20B - “Payload logging not supported for unknown content type”

35:30 - Using requestb.in to examine the payload of the NodeJS version

37:45 - Switching to mockbin.org to get the path to work

40:30 - Is URL encoding of the payload the problem?

51:00 - Comparing the instance vs NodeJS calls to the API byte by byte

56:30 - Is the order of our payload the problem?

1:07:10 - It worked!

1:13:15 - Final thoughts

1:18:45 - Beer ratings and goodbyes

Useful Resources


Work is still needed to unwind the various experiments. Time will probably show that the key aspect was switching the Content-Type from application/json to application/x-www-form-url-encoded and everything else was irrelevant. That work has not happened yet.