Here is some of my JS code. I am creating the hmac using Crypto, then passing in the date and signature as request headers to use in PHP:
events: {
proxyReq: (proxyReq, req) => {
const date = Date.now();
const API_KEY = 125;
const API_SECRET_KEY = 'abc';
const s = new Buffer(API_SECRET_KEY, 'base64');
const message = req.method + req.url + date;
let hmac = crypto.createHmac('sha512', s);
const signature = hmac.update(message).digest('base64');
proxyReq.setHeader('x-api-key', API_KEY);
proxyReq.setHeader('x-api-signature', signature);
proxyReq.setHeader('x-api-date', date);
},
},
Here is my PHP function where I try to reproduce the same hmac using hash_hmac():
public function handle($request, \Closure $next)
{
try {
$API_SECRET_KEY = 'abc';
$method = $request->method();
$url = $request->path();
$date = $request->header('x-api-date');
$client_key = $request->header('x-api-key');
$client_signature = $request->header('x-api-signature');
$message = $method . $url . $date;
$hmac = base64_encode(hash_hmac('sha512', $message, base64_decode($API_SECRET_KEY), true));
$all['x-api-date'] = $date;
$all['x-api-signature'] = $client_signature;
$all['x-api-key'] = $client_key;
Log::error($client_signature);
Log::error($hmac);
return $next($request);
}
My last outputs:
[2018-07-10 14:23:57] local.ERROR: D0xis7BbxLBg6eWBlIT0ZSnhzk4c3Z3Ore9B16bNZow8xoinfM1zuMlS+lZ6pcOqRRHuupodUVFAIHfv89v4xw==
[2018-07-10 14:23:57] local.ERROR: Uypk5ZAd/I6E6sMi9UjIMyMxVhuQm7MatZbKCcGjGjsE2JqqrvTRYuJAR/SSde10eHAkPIz0g24CSZp0G+833A==
Can someone explain to me what I am doing wrong? I made sure to use base64 encoding/decoding and made sure the values passed into the hmac function were the same as the headers.
I appreciate any help!