|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(AutoIt) Ibanity HTTP Signature for XS2A, Isabel Connect, Ponto ConnectSee more Ibanity ExamplesDemonstrates how to add a Signature header for Ibanity HTTP requests. For more information, see https://documentation.ibanity.com/http-signature
; This example requires the Chilkat API to have been previously unlocked. ; See Global Unlock Sample for sample code. Local $bSuccess ; In order to sign your HTTP requests, you have to add 2 headers to the HTTP request: Digest: the digest of the request payload and Signature: the actual signature of the request. ; POST /xs2a/customer-access-tokens HTTP/1.1 ; Host: api.ibanity.com ; Content-Type: application/json ; Digest: SHA-512=z4PhNX7vuL3xVChQ1m2AB9Yg5AULVxXcg/SpIdNs6c5H0NE8XYXysP+DGNKHfuwvY7kxvUdBeoGlODJ6+SfaPg== ; Ibanity-Idempotency-Key: 61f02718-eeee-46e1-b5eb-e8fd6e799c2d ; Signature: keyId="62f02718-eeee-46e1-b5eb-e8fd6e799c2e",created=1599659223,algorithm="hs2019",headers="(request-target) host digest (created) ibanity-idempotency-key",signature="SjWJWbWN7i0...zsbM=" ; ; {"data":{"type":"customerAccessToken", "attributes":{"applicationCustomerReference":"15874569"}}} ; The payload (body) of the above HTTP request is the JSON. ; Build the JSON above. ; Use this online tool to generate code from sample JSON: ; Generate Code to Create JSON $oJson = ObjCreate("Chilkat.JsonObject") $oJson.UpdateString("data.type","customerAccessToken") $oJson.UpdateString("data.attributes.applicationCustomerReference","15874569") Local $sPayload = $oJson.Emit() ConsoleWrite("payload = " & $sPayload & @CRLF) ; Step 1: Build the (created) virtual header $oDtNow = ObjCreate("Chilkat.CkDateTime") $oDtNow.SetFromCurrentSystemTime() Local $sCreated = $oDtNow.GetAsUnixTimeStr(False) ConsoleWrite("created = " & $sCreated & @CRLF) ; Step 2: Build the Digest header $oCrypt = ObjCreate("Chilkat.Crypt2") $oCrypt.HashAlgorithm = "sha512" $oCrypt.EncodingMode = "base64" $oCrypt.Charset = "utf-8" $oSbDigestHdrValue = ObjCreate("Chilkat.StringBuilder") $oSbDigestHdrValue.Append("SHA-512=") $oSbDigestHdrValue.Append($oCrypt.HashStringENC($oJson.Emit())) ConsoleWrite($oSbDigestHdrValue.GetAsString() & @CRLF) ; Step 3: Build the (request target) virtual header ; In order to build the signature you will need a virtual header named (request-target) (the parentheses are important). ; The (request-target) is the string concatenation of the HTTP method (in lowercase) with the path and query parameters. Local $sRequest_target = "post /xs2a/customer-access-tokens" ; Step 4: Build the signing string ; The signing string is the concatenation of the signed header names (in lowercase) and values separated by a LF. ; You must always sign the following headers: (request-target), host, (created), digest. ; If used, you must also sign the authorization header and any ibanity-* headers, such as ibanity-idempotency-key. $oSbSigningString = ObjCreate("Chilkat.StringBuilder") $oSbSigningString.Append("(request-target): ") $oSbSigningString.AppendLine($sRequest_target,False) $oSbSigningString.Append("host: ") $oSbSigningString.AppendLine("api.ibanity.com",False) $oSbSigningString.Append("digest: ") $oSbSigningString.AppendLine($oSbDigestHdrValue.GetAsString(),False) $oSbSigningString.Append("(created): ") $oSbSigningString.AppendLine($sCreated,False) $oSbSigningString.Append("ibanity-idempotency-key: ") Local $sIdempotencyKey = $oCrypt.GenerateUuid() $oSbSigningString.Append($sIdempotencyKey) ; Step 5: Build the signed headers list ; To allow Ibanity to check the signed headers, you must provide a list of the header names. They should be lowercase and in the same order used to create the signing string. Local $signed_headers_list = "(request-target) host digest (created) ibanity-idempotency-key" ; Step 6: Build the Signature header ; This is where the real signing happens. The signature header is a combination of several sub-headers - ; ; keyId: the identifier for the application's signature certificate, obtained from the Developer Portal ; algorithm: the digital signature algorithm used to generate the signature (must be hs2019) ; headers: The list of HTTP headers created in step 5 ; signature: the Base64-encoded digital signature of the signing string created in step 4. $oPrivKey = ObjCreate("Chilkat.PrivateKey") $bSuccess = $oPrivKey.LoadEncryptedPemFile("my_ibanity_signature_private_key.pem","pem_password") If ($bSuccess = False) Then ConsoleWrite($oPrivKey.LastErrorText & @CRLF) Exit EndIf $oRsa = ObjCreate("Chilkat.Rsa") $oRsa.PssSaltLen = 32 $oRsa.EncodingMode = "base64" ; Use the RSASSA-PSS signature algorithm $oRsa.OaepPadding = True $bSuccess = $oRsa.ImportPrivateKeyObj($oPrivKey) If ($bSuccess = False) Then ConsoleWrite($oRsa.LastErrorText & @CRLF) Exit EndIf ; Sign the signing string. Local $sigBase64 = $oRsa.SignStringENC($oSbSigningString.GetAsString(),"sha-256") If ($oRsa.LastMethodSuccess = False) Then ConsoleWrite($oRsa.LastErrorText & @CRLF) Exit EndIf ; Build the signature header value. $oSbSigHeaderValue = ObjCreate("Chilkat.StringBuilder") $oSbSigHeaderValue.Append("keyId=""") ; Use your identifier for the application's signature certificate, obtained from the Developer Portal $oSbSigHeaderValue.Append("62f02718-eeee-46e1-b5eb-e8fd6e799c2e") $oSbSigHeaderValue.Append(""",created=") $oSbSigHeaderValue.Append($sCreated) $oSbSigHeaderValue.Append(",algorithm=""hs2019"",headers=""") $oSbSigHeaderValue.Append($signed_headers_list) $oSbSigHeaderValue.Append(""",signature=""") $oSbSigHeaderValue.Append($sigBase64) $oSbSigHeaderValue.Append("""") ConsoleWrite($oSbSigHeaderValue.GetAsString() & @CRLF) |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.