SurveyMonkey API 如何创建 hmac?
[英]How SurveyMonkey API creates the hmac?
问题描述
We are trying to verify that the SurveyMonkey hmac we receive (sm-signature) is correct.
我们正在尝试验证我们收到的 SurveyMonkey hmac(sm 签名)是否正确。 To check this we create an hmac and compare it to SurveyMonkey's hmac.为了检查这一点,我们创建了一个 hmac 并将其与 SurveyMonkey 的 hmac 进行比较。
We create the hmac as follows (we are working with nodejs):我们按如下方式创建 hmac(我们正在使用 nodejs):
let bodyString = JSON.stringify(req.body);
let body = Buffer.from(bodyString, "ascii");
let apiClientId = Buffer.from(surveyMonkeyClientId, "ascii");
let apiSecret = Buffer.from(surveyMonkeyApiSecret, "ascii");
let hmac = crypto
.createHmac('sha1', apiClientId+'&'+apiSecret)
.update(Buffer.from(body))
.digest()
.toString('base64');
We have verified this code with (it is with python): https://github.com/SurveyMonkey/public_api_docs/blob/main/includes/_webhooks.md我们已经使用(使用 python)验证了这段代码: https://github.com/SurveyMonkey/public_api_docs/blob/main/includes/_webhooks.md
But for some reason this doesn't work as expected.但由于某种原因,这并没有按预期工作。 Because the hmac we generated is not the same as the hmac generated by SurveyMonkey (sm-signature).因为我们生成的hmac和SurveyMonkey(sm-signature)生成的hmac不一样。
Could someone help us?有人可以帮助我们吗? Thanks!谢谢!
1 个解决方案
解决方案1
0 2022-03-30 11:06:30
The problem is the signature, that comes with spaces between the json fields and when you do JSON.stringify this removes the spaces.问题是签名,它在 json 字段之间带有空格,当您执行 JSON.stringify 时,这会删除空格。
One possible solution is:一种可能的解决方案是:
let payloadString = JSON.stringify(req.body);
payloadString = payloadString.replace(/":/g, '": ');
payloadString = payloadString.replace(/,/g, ', ');
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.