[英]HMAC-SHA1 Swift 3 - 403 Forbidden
我正在嘗試從Swift 3到kong服務器執行HMAC-SHA1簽名,然后將其重定向到Twitter主機(要在Kong上啟用HMAC-跟隨https://getkong.org/plugins/hmac-authentication/ )
我在Swift中使用了相同的密鑰和用戶名。 使用密鑰在當前日期執行HMAC-SHA1並將請求發送到http:// localhost:8000 / @ foo
Swift 3代碼:
override func viewDidLoad() {
super.viewDidLoad()
let date = Date()
let currentDateF = DateFormatter()
let localeF = Locale(identifier: "en_US")
let tzone = TimeZone(identifier: "UTC")
currentDateF.dateFormat = "EEE, dd MMM yyyy HH:mm:ss z"
currentDateF.timeZone = tzone
currentDateF.locale = localeF
let currentDate = currentDateF.string(from: date)
let dat = "date: \(currentDate)"
let username = "bar"
let hmacResult: String = dat.getHmac(algorithm: .SHA1, key: "foo")
HTTPrequest(Datestr: currentDate, hmacAuth: hmacResult, username: username)
}
func HTTPrequest(Datestr: String, hmacAuth: String, username: String) {
let url = URL(string: "http://localhost:8000/@foo")
var request = URLRequest(url: url!)
request.addValue(Datestr, forHTTPHeaderField: "date")
request.addValue("twitter.com", forHTTPHeaderField: "Host")
request.setValue("hmac username='\(username)', algorithm='hmac-sha1', headers='date', signature='\(hmacAuth)'", forHTTPHeaderField: "Authorization")
let dataTask = URLSession.shared.dataTask(with: request) {
(data,response,error) in
if error != nil {
print(error!)
}
print("DATA RETURNED: \(data!)")
let str = String(data: data!, encoding: .utf8)
print("VALUE: \(str!)")
print("RESPONSE: \(response!)")
}
dataTask.resume()
}
enum hmacAlgo {
case SHA1
func toHMACAlgorithm() -> CCHmacAlgorithm {
var result: Int = 0
switch self {
case .SHA1:
result = kCCHmacAlgSHA1
}
return CCHmacAlgorithm(result)
}
func digestLength() -> Int {
var result: CInt = 0
switch self {
case .SHA1:
result = CC_SHA1_DIGEST_LENGTH
}
return Int(result)
}
}
extension String {
func getHmac(algorithm: hmacAlgo, key: String) -> String {
let stringData = self.cString(using: String.Encoding.ascii)
let keyData = key.cString(using: String.Encoding.ascii)
var result = [CUnsignedChar](repeating: 0, count: Int(algorithm.digestLength()))
CCHmac(algorithm.toHMACAlgorithm(), keyData!, Int(strlen(keyData!)), stringData!, Int(strlen(stringData!)), &result)
let hmacData: NSData = NSData(bytes: result, length: (Int(algorithm.digestLength())))
let hmacb64 = hmacData.base64EncodedString(options: NSData.Base64EncodingOptions.lineLength76Characters)
return hmacb64
}
}
但是我收到403狀態碼-禁止使用消息說明無法驗證HMAC簽名
解決了,
request.setValue("hmac username=\"\(username)\", algorithm=\"hmac-sha1\", headers=\"date\", signature=\"\(hmacAuth)\"", forHTTPHeaderField: "Authorization")
我只是用雙引號將字符串包裝在授權標頭中,然后發送了請求。 謝謝。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.