我正在尝试使用PHP连接到API并需要正确的签名.
他们的文件逐字记录:
The command string needs to hashed using HMAC SHA-1 hashing algorithm
against the API secret key. The resulting byte array should be Base64
encoded in UTF-8 format so that it can be passed via http.
To generate the signature you have to lower case the complete list of
request parameters and sort them alphabetically via the field for each
field-value pair. The resulting string to sign from the previous
example with a secret key VDaACYb0LV9eNjTetIOElcVQkvJck_J_QljX would
be:
apikey=mivr6x7u6bn_sdahobpjnejpgest35exqjb8cg20&command=deployvirtualmachine&serviceofferingid=21624abb-764e-4def-81d7-9fc54b5957fb&templateid=54c83a5e-c548-4d91-8b14-5cf2d4c081ee&zoneid=1128bd56-b4d9-4ac6-a7b9-c715b187ce11
Resulting in a signature value of:
ahlpA6J1Fq6OYI1HFrMSGgBt0WY%3D
示例尝试:
$string = 'apikey=mivr6x7u6bn_sdahobpjnejpgest35exqjb8cg20&command=deployvirtualmachine&serviceofferingid=21624abb-764e-4def-81d7-9fc54b5957fb&templateid=54c83a5e-c548-4d91-8b14-5cf2d4c081ee&zoneid=1128bd56-b4d9-4ac6-a7b9-c715b187ce11
';
$string = utf8_encode(strtolower($string));
$key = 'VDaACYb0LV9eNjTetIOElcVQkvJck_J_QljX';
$signature = hash_hmac('sha1', $string , $key);
print 'SIGNATURE:'.$signature.'
';
if($signature=='ahlpA6J1Fq6OYI1HFrMSGgBt0WY%3D'){
print 'SUCCESS';
}else{
print 'FAIL';
}
结果:9077d90baa7ab8913811b64a50814b640dce60eb
假设是:ahlpA6J1Fq6OYI1HFrMSGgBt0WY =
问题:结果与他们的文档不符.知道我做错了什么吗?
解决方法:
您的签名应该像这样生成:
$signature = urlencode(base64_encode(hash_hmac('sha1', $string , $key, true)));
最后一个参数的默认值为false.然后它将返回十六进制编码的字符串而不是原始字节.然后你必须按照文档中的说明对字节进行base64_encode.然后你必须对它进行urlencode,因为=必须进行转换
标签:hmac,php,hmacsha1
来源: https://codeday.me/bug/20190827/1744948.html
829
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
