堆棧內存溢出
  簡體   English   中英

PHP-HMAC身份驗證

[英]PHP - HMAC Authentication

 原文  2016-06-24 06:57:38       php/ api/ hmac

問題描述

我正在獲取該錯誤代碼(我使用的是公共API,因此肯定可以在他們這邊工作;)):

提供了HMAC身份驗證密鑰和簽名,但它們無效。 

function get_myself($request){
    $public_key = "MY_PUBLIC_KEY";
    $secret = "MY_PRIVATE_KEY";

    $parameters = array(
        "client_id" => $public_key,
        "client_secret" => $secret
    );
    $data = http_build_query($parameters);

    $ch = curl_init("https://localbitcoins.com".$request);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($ch, CURLOPT_USERAGENT, "curl");
    curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
    $nonce = time();
    $sig = base64_encode ( hash_hmac("sha256", $nonce.$public_key.$request, $secret ) );
    $options = array(
        CURLOPT_RETURNTRANSFER => 1,
        CURLOPT_TIMEOUT => 30,
        CURLOPT_HTTPHEADER =>   array(
            "Apiauth-Key:".$public_key,
            "Apiauth-Nonce:".$nonce,
            "Apiauth-Signature:".$sig
        ),
    );
    curl_setopt_array($ch, $options);
    $result = curl_exec($ch);
    curl_close($ch);
    return $result;
}

$getinfo = array();
$getinfo = get_myself("/api/myself/");
echo "<pre>"; print_r($getinfo); echo "</pre>";

1 個解決方案

解決方案1
 2 已采納  2016-06-25 09:51:15

3天后,我找到了“解決方案” ...這是一個可行的示例: 

function localbitcoins_query($path, array $req = Array()) {
   $key='MY_KEY';
   $secret='MY_SECRET';
   $mt = explode(' ', microtime());
   $nonce = $mt[1].substr($mt[0], 2, 6);
   if ($req) {
      $get=httpbuildquery($req);
      $path=$path.'?'.$get;
   }
   $postdata=$nonce.$key.$path;
   $sign = strtoupper(hash_hmac('sha256', $postdata, $secret));
   $headers = array(
      'Apiauth-Signature:'.$sign,
      'Apiauth-Key:'.$key,
      'Apiauth-Nonce:'.$nonce
   );
   $ch = null;
   $ch = curl_init('https://localbitcoins.com'.$path);
   curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
   curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, TRUE);
   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 20);
   $res = curl_exec($ch);
   if ($res === false) throw new Exception('Curl error: '.curlerror($ch));
   $dec = json_decode($res, true);
   if (!$dec) throw new Exception('Invalid data: '.$res);
   curl_close($ch);
   return $dec;
}

$getinfo = array();
$devise = "EUR";
$url = "/buy-bitcoins-online/".$devise."/western-union/.json";

$getinfo = localbitcoins_query($url);   
echo "<pre>"; print_r($getinfo); echo "</pre>";

它在我這邊工作,我想POST / GET的概念在那個版本中以前沒有正確處理。

享受:p

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 HMAC在PHP中進行Web服務認證的實現 PHP - 使用十六進制格式使用 HMAC 進行 Webhook 身份驗證 HMAC Base64身份驗證? PHP HMAC-這種hmac驗證程序的實現是否足夠? HMAC python與HMAC php不同 PHP hash_hmac 到 JS Hmac shopify hmac 驗證 php 為PHP加密創建HMAC 紅寶石openssl hmac php等效 quercus 和 PHP hmac 256 實現
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM