Chilkat2-Python
Chilkat2-Python
Plaza API (bol.com) HMAC-SHA256 Authentication
See more Encryption Examples
Demonstrates how to compute the Authorization header for bol.com using HMAC-SHA256.Chilkat Chilkat2-Python Downloads
import chilkat2
# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
crypt = chilkat2.Crypt2()
crypt.EncodingMode = "base64"
crypt.HashAlgorithm = "sha256"
crypt.MacAlgorithm = "hmac"
publicKey = "oRNWbHFXtAECmhnZmEndcjLIaSKbRMVE"
privateKey = "MaQHPOnmYkPZNgeRziPnQyyOJYytUbcFBVJBvbMKoDdpPqaZbaOiLUTWzPAkpPsZFZbJHrcoltdgpZolyNcgvvBaKcmkqFjucFzXhDONTsPAtHHyccQlLUZpkOuywMiOycDWcCySFsgpDiyGnCWCZJkNTtVdPxbSUTWVIFQiUxaPDYDXRQAVVTbSVZArAZkaLDLOoOvPzxSdhnkkJWzlQDkqsXNKfAIgAldrmyfROSyCGMCfvzdQdUQEaYZTPEoA"
# The string to sign is this:
# http_verb +'\n\n'+ content_type +'\n'+ x_bol_date +'\n'+ 'x-bol-date:'+ x_bol_date +'\n'+ uri
http_verb = "GET"
content_type = "application/xml"
x_bol_date = "Wed, 17 Feb 2016 00:00:00 GMT"
uri = "/services/rest/orders/v2"
# IMPORTANT: Notice the use of underscore and hyphen (dash) chars in x-bol-date vs. x_bol_date.
# In one place hypens are used. In two places, underscore chars are used.
sb = chilkat2.StringBuilder()
sb.Append(http_verb)
sb.Append("\n\n")
sb.Append(content_type)
sb.Append("\n")
sb.Append(x_bol_date)
sb.Append("\nx-bol-date:")
sb.Append(x_bol_date)
sb.Append("\n")
sb.Append(uri)
print("[" + sb.GetAsString() + "]")
# Set the HMAC key:
crypt.SetMacKeyEncoded(privateKey,"ascii")
mac = crypt.MacStringENC(sb.GetAsString())
# The answer should be: nqzLWvXI1eBhBXrRx5NF23V5hS8Q1xWCloJzPi/RAts=
print(mac)
# The last step is to append the public key with the signature
sbHeader = chilkat2.StringBuilder()
sbHeader.Append(publicKey)
sbHeader.Append(":")
sbHeader.Append(mac)
hdrValue = sbHeader.GetAsString()
print(hdrValue)