thanks for the reply. Well I don' really know what the expected output should be either, thats my issue really.
I tried with the pack function to get the hex key into bytes but with no success either.
as for using hmac_sha256_hex, thanks for the information. I have now changed to hmac_sha256 instead, still no joy but I think thats now the correct hashing mechanism
I really appreciate the assistance thanks.
the full instructions to build the authorization header are:
For GET endpoint:
1. Build a string based on the request METHOD (GET) DATE/TIME APPLICATION ID PATH (API endpoint, e.g. /xxxxxxxxx/api/v1/users/<userID>/factors)
2. Create an HMAC SHA256 hash of step 1 using the Application Key This step is executed by calling the HMAC and producing the hash value
3. Encode the HMAC SHA256 hash from step 2 in Base64
4. Concatenate the "Application ID", ":", and the "Base64 encoded HMAC SHA256 hash" from step 3 ApplicationID:Base64EncodedHMACSHA256Hash
5. Encode the value from step 4 in Base64
6. Concatenate "Basic " and the "Value of Step 5"
the encoding is all ok, its the creation of the HMAC that seems to be my issue.
currently I have it as
#lets check the time $datestring = strftime "%a, %e %b %Y %H:%M:%S GMT", gmtime; #set the strings $method="GET"; $appid="d6468df6c1e8419fb5ec50f62be9a28b"; $appkey="15c7a6e1a5bd73500db29dffd0e19b6c6228b044c64348a6f5d6d470c54fc +208"; $path="/xxxxxxxxxxxx/xxxxxxx/api/v1/users/xxxxx/factors"; #build the hash string $step1="$method\\n$datestring\\n$appid\\n$path"; #hmac sha256hash the string $step2a= encode_base64(hmac_sha256($step1, pack("H*",$appkey))); $step4="$appid:$step2a"; #encode value from step 4 into base 64 $step5 = encode_base64($step4); #now add Basic and the value from step 5 $step6 = ("Basic $step5");
In reply to Re^2: HMAC Sha256 Help! (updated)
by ribble
in thread HMAC Sha256 Help!
by ribble
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |