Child pages
  • Default Signature Type

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Create a standardized string of the query string to be hashed.
    1. URL encode both the parameters and their values.
      1. In case of an attachment, the value would be the URL encoded hexadecimal representation of the MD5 hash of the file bytes (all capital letters).

        Code Block
        themeEclipseConfluence
        languagejava
        titleExample
        MessageDigest messageDigest = MessageDigest.getInstance("MD5"); 
        FileInputStream fis = new FileInputStream(filePath); 
        byte[] bytes = new byte[4096]; 
        int readPos = fis.read(bytes); 
        while (readPos != -1) { 
              md5.update(bytes, 0, readPos); 
              readPos = fis.read(bytes); 
        } 
        String hashedValue = hexToString(messageDigest.digest()).toUpperCase();
    2. Separate the encoded parameters and their values by the equals sign.

    3. Sort the parameters and their values by natural byte ordering (as described in the below example).

    4. Append the name value pairs with an ampersand.

  2. Create the string to be hashed:

    Code Block
    themeFadeToGreyConfluence
    languagejava
    titleHashed String
    String to hash = HTTPVerb (Upper case) + "\n" + encoded Http URL + "\n" + standardized string

    The HTTP URL will include the scheme, host, port (if present), and the path. It will not include any of the query strings.

  3. Calculate the HMAC-SHA1 hash string using the secret authentication key.

Note

Spaces and asterisk should be encoded as %20 and %2A respectively.

Code Block
themeFadeToGreyConfluence
languagejava
titleExample
POST http://sandbox.apstrata.com/apsdb/rest/[authentication_key]/CreateStore
Host: host
.........
apsdb.store=myStore&additionalParam1=value1&apsws.time=1234567890


Code Block
themeFadeToGreyConfluence
languagejava
titleSorted Parameters
additionalParam1=value1
apsdb.store=myStore
apsws.time=1234567890


Code Block
themeFadeToGreyConfluence
languagejava
titleString to Hash
"POST\n
http%3A%2F%2Fsandbox.apstrata.com%2Fsandbox%2Dapsdb%2Frest%2Fauthenticationkey%2FCreateStore\n
additionalParam1=value1&apsdb.store=myStore&apsws.time=1234567890"


Code Block
themeFadeToGreyConfluence
languagejava
titleAssuming that the secret authentication key is “secret”
HMAC-SHA1("secret", "POST\n 
http%3A%2F%2Fsandbox.apstrata.com%2Fsandbox%2Dapsdb%2Frest%2FmyKey%2FCreateStore\nadditionalParam1=value1&apsdb.store=myStore&apsws.time=1234567890")


Code Block
themeFadeToGreyConfluence
languagejava
titleExample (PHP)
POST http://sandbox.apstrata.com/apsdb/rest/[authenticationkey]/CreateStore
Host: host
.........
apsdb.store=myStore&additionalParam1=value1&apsws.time=1234567890


$paramArr = array();
array_push(rawurlencode("apsws.time") . "=" . rawurlencode("1234567890"));
array_push(rawurlencode("apsdb.store") . "=" . rawurlencode("myStore"));
array_push(rawurlencode("additionalParam1") . "=" . rawurlencode("value1"));


sort($paramArr);


$stringToSign = "";
for($i = 0; $i <count($paramArr); $i++)
{
            $stringToSign .= $paramArr[$i];
            If($i <count($paramArr) - 1)
            {
                        $stringToSign .= "&";
            }
}
$stringToSign = "POST" . "\n" . rawurlencode (http://sandbox.apstrata.com/apsdb/rest/[authenticationkey]/CreateStore)  
. "\n" . $stringToSign;
// assuming that the secret authentication key has the value "secret"
$signature = hash_hmac("sha1",  $stringToSign, "secret");