问题
Hi i am trying to push data using curl. I have to add digest value that i need to create using HMAC and send the data as form-urlencoded. My issue is i am getting the error of signature mismatch while i try to push data.
Here what i have tried so far:
Stringpayload="{\"gavisitorid\":\"1117878577.1576839389\",\"mobile\":\"999999999\"}"
$postdata = "";
$a = fopen('php://input' , 'r');
while (!feof($a))
{
$postdata .= fread($a, 4096);
}
$sk='EghAfDrNv4RrGpRv00BGiC3vCP49cwVAEIzT7ob5JFiEQS5oMg=='; // client secret key
$secret = base64_decode('EghAfDrNv4RrGpRv00BGiC3vCP49cwVAEIzT7ob5JFiEQS5oMg==');
$pad = hash_hmac('sha1', $postdata,$secret, true);
$digestvalue = bin2hex($pad);
Curl:
$vars='ipru.Client_ID=web2Call&ipru.Bearer=Bearer_ParkingData&ipru.Payload='.$postdata;
$headers=['Content-Type:application/x-www-form-urlencoded','ipru.DigestValue:'.$digestvalue,'ipru.Access_token:'.$key]; //headers
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,"urlgoeshere"); //icici data consume url
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,http_build_query($vars)); //sendinng post data
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$server_output = curl_exec ($ch);
curl_close ($ch);
From the docs of api how to create hmac and sending data:
, with a post request to start sending data.
For calculating the Digest value Please follow below Steps:
1) Get an hmac_sha1 key from the raw key bytes (Here raw key bytes will be the Client_secret
2) Compute the hmac on Payload bytes
3) Hex-encode the hmac(Hex encode instead of Base64 as mentioned in Example) and return the string obtained is the DigestValue
4) The algorithm used is: HmacSHA1
Please refer Example 50 on below link for more help: http://www.javatips.net/api/java.security.signatureexception
Hex encode instead of Base64 as mentioned in Example, Here Client_secret to be used instead of key as mentioned
in example
来源:https://stackoverflow.com/questions/60971203/how-to-compute-hmac-on-the-bases-of-payload-and-secret-key