Error with supabase hmac
I am trying to set a function to verify an api:
CREATE EXTENSION IF NOT EXISTS pgcrypto;
CREATE OR REPLACE FUNCTION public.verify_api_key(
input_api_key text,
secret_key text
) RETURNS TABLE(
id uuid,
game_id text,
is_active boolean,
created_at timestamptz,
computed_hash text,
stored_hash text,
match_found boolean
) AS $$
DECLARE
computed_hmac text;
BEGIN
computed_hmac := encode(
hmac(
decode(input_api_key, 'hex'),
decode(secret_key, 'hex'),
'sha256'
),
'hex'
);
RETURN QUERY SELECT gi.id, gi.game_id, gi.is_active, gi.created_at, computed_hmac as computed_hash, gi.encrypted_api_key as stored_hash, (gi.encrypted_api_key = computed_hmac) as match_found FROM game_integrations gi WHERE gi.is_active = true AND gi.encrypted_api_key = computed_hmac; END; $$ LANGUAGE plpgsql SECURITY DEFINER SET search_path = public; But there is a problem, my postman returns this: { "error": "Invalid API key", "debug": { "receivedApiKeyLength": 64, "activeIntegrationsCount": 1, "rpcError": "function hmac(bytea, bytea, unknown) does not exist", "verificationResult": null } } Here is part of the code: const { data: _gameIntegration, error: gameError } = await supabase.rpc('verify_api_key', { input_api_key: apiKey, secret_key: Deno.env.get('API_SECRET_KEY') }); ... return new Response(JSON.stringify({ error: 'Invalid API key', debug: { receivedApiKeyLength: apiKey?.length, activeIntegrationsCount: allIntegrations?.length, rpcError: gameError?.message, verificationResult: _gameIntegration ? _gameIntegration[0] : null } }), The problem is that hmac works when used like this in the sql editor: SELECT encode(hmac('...', '...', 'sha256'), 'hex');
RETURN QUERY SELECT gi.id, gi.game_id, gi.is_active, gi.created_at, computed_hmac as computed_hash, gi.encrypted_api_key as stored_hash, (gi.encrypted_api_key = computed_hmac) as match_found FROM game_integrations gi WHERE gi.is_active = true AND gi.encrypted_api_key = computed_hmac; END; $$ LANGUAGE plpgsql SECURITY DEFINER SET search_path = public; But there is a problem, my postman returns this: { "error": "Invalid API key", "debug": { "receivedApiKeyLength": 64, "activeIntegrationsCount": 1, "rpcError": "function hmac(bytea, bytea, unknown) does not exist", "verificationResult": null } } Here is part of the code: const { data: _gameIntegration, error: gameError } = await supabase.rpc('verify_api_key', { input_api_key: apiKey, secret_key: Deno.env.get('API_SECRET_KEY') }); ... return new Response(JSON.stringify({ error: 'Invalid API key', debug: { receivedApiKeyLength: apiKey?.length, activeIntegrationsCount: allIntegrations?.length, rpcError: gameError?.message, verificationResult: _gameIntegration ? _gameIntegration[0] : null } }), The problem is that hmac works when used like this in the sql editor: SELECT encode(hmac('...', '...', 'sha256'), 'hex');
0 Replies