Error during ZoomMtg.join() call in JavaScript SDK.


#1

I was going through the demo code given in https://github.com/zoomvideo/webclient. 

When I tried calling ZoomMtg.join() given in customer.js, it is giving me the error -  {status: false, errorCode: 200, errorMessage: “No permission”, result: null, method: “join”}

apiKey and apiSecret key are the same what I use for iOS SDK where it is working fine. Can anybody help me with it? 


#2

Hi Raghu,

“no permission” means that the signature you generated is not valid. Please remember that the signature only valid for 24 hours.

Best


#3

I am trying to create Signature using the code given in webclient_v1.pdf

In the code, I coudn’t get  Crypto.hmacSha256() class. So I created one for that as below

String hmacSha256(byte data, byte secretKey) throws Exception {
String hash = “”;

Mac sha256_HMAC = Mac.getInstance(“HmacSHA256”);
SecretKeySpec secret_key = new SecretKeySpec(secretKey, “HmacSHA256”);
sha256_HMAC.init(secret_key);

hash = Base64.encodeBase64String(sha256_HMAC.doFinal(data));

return hash;
}

Will this work?


#4

Hi Raghu,

if you got “no permission”, it means your algorithm has some issues. One example to implement hmacSha256():

public static byte hmacSha256(byte data, byte key) {

return hmac(HMAC_SHA256, data, key);

}

public static byte hmac(String algorithm, byte data, byte key) {

try {

SecretKeySpec signingKey = new SecretKeySpec(key, algorithm);

Mac mac = Mac.getInstance(algorithm);

mac.init(signingKey); return mac.doFinal(data);

} catch (Exception e) {

throw new RuntimeException(e);

}

Best


#5

Hey Wei, 

After trying your custom implementation of the hmacSha256() method, there is NoSuchAlgorithmException.

 

Which is the correct crypto package we should be using? 

These are the packages in use at the moment: 

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;


#6

Hi Ming,

I am also using 

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

Best


#7

in this function you have provided

public static byte hmacSha256(byte data, byte key) {

return hmac(HMAC_SHA256, data, key);

}

What is the HMAC_SHA256 variable set to?

Also have tried using “HmacSHA256” as per the javadocs, but still gets NoSuchAlgorithmException. Am I missing something? 


#8

Hi Ming,

HMAC_SHA256 = “HmacSHA256”

Best


#9

Still get the NoSuchAlgorithm when using that value.

 

Here is a python implementation. Still getting the No Permission error. Does this look right? 

import base64
import time
import hmac
import hashlib

apiKey = ‘mykey’
apiSecret = ‘secrit’
apiSecretUTF8 = unicode(apiSecret, ‘utf-8’)
meetingNumber = str(140723271)
ts = str(int(time.time() * 1000))
role = str(1)

data = base64.standard_b64encode( unicode((apiKey + meetingNumber + ts + role), ‘utf-8’ ))

m = hashlib.sha256()
m.update(data + apiSecretUTF8)
_hash = m.digest()

s = apiKey + ‘.’ + meetingNumber + ‘.’ + ts + ‘.’ + role + ‘.’ + base64.standard_b64encode(_hash)
signature = base64.urlsafe_b64encode(unicode(s, ‘utf-8’))
print signature


#10

Hi Ming,

one thing you should be aware of is that you should use API key and API secret. NOT APP key and APP secret. Your algorithm looks correct. 

For next release, we will add this logic to code so that you don’t need to do it on your own.

Best


#11

Yes we are using API key and secret, I just obfuscated the actual values with the dummy values you see


#12

Hi Wei,

Do you have an estimated date for new SDK version release?

Best


#13

Hi Mingche,

the release will be around end of June.

Best