Hi there,
I’m trying to setup token based authentication on cached resources on my site which is working perfectly with the following rule
(http.host eq “our host” and not is_timed_hmac_valid_v0(“secret”, concat(http.request.uri.path,"?",http.request.uri.query),600, http.request.timestamp.sec,8))
However, we are trying to add a ip address to the hmac message, we could add any string we want and that works fine for example
(http.host eq “our host” and not is_timed_hmac_valid_v0(“secret”, concat(http.request.uri.path,“thisismyrandomextrastring”,"?",http.request.uri.query),600, http.request.timestamp.sec,8))
However, instead of that text i want to include the ip address to make sure the tokens only work on the same ip address. So e.g.
(http.host eq “our host” and not is_timed_hmac_valid_v0(“secret”, concat(http.request.uri.path,ip.src,"?",http.request.uri.query),600, http.request.timestamp.sec,8))
However, this gives me a error that ip.src is of datatype ip, which is not a byte value. Are there any ways to go around this datatype issue?
Kind regards,