4356

4356

关注
发信
关注(28)粉丝(399)

使用JavaScript使用HmacSHA256正确签名字符串

本文介绍了使用JavaScript使用HmacSHA256正确签名字符串的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

在用于身份验证的Houndify API文档中,您有以下内容块:

In the Houndify API Docs for Authentication, you have the following block of content:

假设我们有以下信息:

UserID: ae06fcd3-6447-4356-afaa-813aa4f2ba41
    RequestID: 70aa7c25-c74f-48be-8ca8-cbf73627c05f
    Timestamp: 1418068667
    ClientID: KFvH6Rpy3tUimL-pCUFpPg==
    ClientKey: KgMLuq-k1oCUv5bzTlKAJf_mGo0T07jTogbi6apcqLa114CCPH3rlK4c0RktY30xLEQ49MZ-C2bMyFOVQO4PyA==




  1. 连接UserID字符串RequestID字符串和TimeStamp字符串采用以下格式: {user_id}; {request_id} {timestamp}

使用示例中的值,在这种情况下,预期输出将是: ae06fcd3-6447-4356-afaa-813aa4f2ba41; 70aa7c25-c74f-48be-8ca8-cbf73627c05f1418068667

With the values from the example, the expected output would be in this case: ae06fcd3-6447-4356-afaa-813aa4f2ba41;70aa7c25-c74f-48be-8ca8-cbf73627c05f1418068667

使用已解码的ClientKey对消息进行签名。结果是一个32字节的二进制字符串(我们无法直观地表示)。但是,在base-64编码之后,签名为: myWdEfHJ7AV8OP23v8pCH1PILL_gxH4uDOAXMi06akk =

Sign the message with the decoded ClientKey. The result is a 32-byte binary string (which we can’t represent visually). After base-64 encoding, however, the signature is: myWdEfHJ7AV8OP23v8pCH1PILL_gxH4uDOAXMi06akk=

客户端然后生成两个身份验证标头 Hound-Request-Authentication Hound-Client-Authentication

The client then generates two authentication headers Hound-Request-Authentication and Hound-Client-Authentication.

Hound-Request -Authentication头是通过以下列格式连接UserID和RequestID组成的: {user-id}; {request-id} 。继续上面的例子,这个标题的值是:
Hound-Request-Authentication: ae06fcd3-6447-4356-afaa-813aa4f2ba41; 70aa7c25-c74f-48be-8ca8-cbf73627c05f

The Hound-Request-Authentication header is composed by concatenating the UserID and RequestID in the following format: {user-id};{request-id}. Continuing the example above, the value for this header would be:Hound-Request-Authentication: ae06fcd3-6447-4356-afaa-813aa4f2ba41;70aa7c25-c74f-48be-8ca8-cbf73627c05f

Hound-Client-Authentication标头是通过以下格式连接ClientID,TimeStamp字符串和签名组成的: {客户端ID}; {时间戳}; {签名} 。继续上面的示例,此标头的值为: Hound-Client-Authentication:KFvH6Rpy3tUimL-pCUFpPg ==; 1418068667; myWdEfHJ7AV8OP23v8pCH1PILL_gxH4uDOAXMi06akk =

The Hound-Client-Authentication header is composed by concatening the ClientID, the TimeStamp string and the signature in the following format: {client-id};{timestamp};{signature}. Continuing the example above, the value for this header would be: Hound-Client-Authentication: KFvH6Rpy3tUimL-pCUFpPg==;1418068667;myWdEfHJ7AV8OP23v8pCH1PILL_gxH4uDOAXMi06akk=





对于Number 3,它表示使用已解码的ClientKey对消息进行签名。 message和ClientKey是两个不同的字符串。

For Number 3, it says "Sign the message with the decoded ClientKey". The "message" and "ClientKey" are two distinct strings.

我的问题:你如何用另一个字符串签署一个字符串,即这究竟是什么意思?你会怎么用JavaScript做的?

My question(s): How do you sign one string with another string i.e. what exactly does that mean? And how would you do that in JavaScript?

var message = 'my_message';
var key = 'signing_key';

//??what next??

我正在尝试解决所有问题,以便我可以在Postman中创建一个预请求脚本做一个正确的HmacSHA256哈希。

I'm trying to figure all this out so I can create a pre-request script in Postman to do a proper HmacSHA256 hash.

推荐答案

根据文档,如果您使用的是其中一个SDK,它将自动进行身份验证您的请求:

According to the documentation, if you're using one of their SDKs, it will automatically authenticate your requests:

但是,如果你想手动完成,我相信你需要计算他们在您的问题中的链接中描述的字符串的值,然后在您的请求中将其作为 Hound-Client-Authentication 标头的一部分发送base64编码。他们为node.js提供:

However, if you want to do it manually, I believe you need to compute the HMAC value of the string they describe in the link in your question and then send it base64 encoded as part of the Hound-Client-Authentication header in your requests. They provide an example for node.js:

var uuid = require('node-uuid');
var crypto = require('crypto');

function generateAuthHeaders (clientId, clientKey, userId, requestId) {

    if (!clientId || !clientKey) {
        throw new Error('Must provide a Client ID and a Client Key');
    }

    // Generate a unique UserId and RequestId.
    userId      = userId || uuid.v1();

    // keep track of this requestId, you will need it for the RequestInfo Object
    requestId   = requestId || uuid.v1();

    var requestData = userId + ';' + requestId;

    // keep track of this timestamp, you will need it for the RequestInfo Object
    var timestamp   = Math.floor(Date.now() / 1000),

        unescapeBase64Url = function (key) {
            return key.replace(/-/g, '+').replace(/_/g, '/');
        },

        escapeBase64Url = function (key) {
            return key.replace(/\+/g, '-').replace(/\//g, '_');
        },

        signKey = function (clientKey, message) {
            var key = new Buffer(unescapeBase64Url(clientKey), 'base64');
            var hash = crypto.createHmac('sha256', key).update(message).digest('base64');
            return escapeBase64Url(hash);

        },

        encodedData = signKey(clientKey, requestData + timestamp),
        headers = {
            'Hound-Request-Authentication': requestData,
            'Hound-Client-Authentication': clientId + ';' + timestamp + ';' + encodedData
        };

    return headers;
};

这篇关于使用JavaScript使用HmacSHA256正确签名字符串的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-03 12:57
Powered by LMLPHP ©2024 4356 0.036514