|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(PHP Extension) ebay: Add Digital Signature to HTTP RequestSee more eBay ExamplesDemonstrates how to add a digital signature to an ebay HTTP request. For more information, see https://developer.ebay.com/develop/guides/digital-signatures-for-apis
<?php // The version number (9_5_0) should match version of the Chilkat extension used, omitting the micro-version number. // For example, if using Chilkat v9.5.0.48, then include as shown here: include("chilkat_9_5_0.php"); // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // Note: Ebay provides a Key Management API // See https://developer.ebay.com/api-docs/developer/key-management/overview.html // The following test keys can be used: // // Ed25519 // // Private Key: // // -----BEGIN PRIVATE KEY----- // MC4CAQAwBQYDK2VwBCIEIJ+DYvh6SEqVTm50DFtMDoQikTmiCqirVv9mWG9qfSnF // -----END PRIVATE KEY----- $strPrivateKey = 'MC4CAQAwBQYDK2VwBCIEIJ+DYvh6SEqVTm50DFtMDoQikTmiCqirVv9mWG9qfSnF'; // // Public Key: // // -----BEGIN PUBLIC KEY----- // MCowBQYDK2VwAyEAJrQLj5P/89iXES9+vFgrIy29clF9CC/oPPsw3c5D0bs= // -----END PUBLIC KEY----- $strPublicKey = 'MCowBQYDK2VwAyEAJrQLj5P/89iXES9+vFgrIy29clF9CC/oPPsw3c5D0bs='; // This example assumes you got a JWE for your given private key from the Ebay Key Management REST API. // This JWE is just for example: $strJwe = 'eyJ6aXAiOiJERUYiLCJlbmMiOiJBMjU2R0NNIiwidGFnIjoiSXh2dVRMb0FLS0hlS0Zoa3BxQ05CUSIsImFsZyI6IkEyNTZHQ01LVyIsIml2IjoiaFd3YjNoczk2QzEyOTNucCJ9.2o02pR9SoTF4g_5qRXZm6tF4H52TarilIAKxoVUqjd8.3qaF0KJN-rFHHm_P.AMUAe9PPduew09mANIZ-O_68CCuv6EIx096rm9WyLZnYz5N1WFDQ3jP0RBkbaOtQZHImMSPXIHVaB96RWshLuJsUgCKmTAwkPVCZv3zhLxZVxMXtPUuJ-ppVmPIv0NzznWCOU5Kvb9Xux7ZtnlvLXgwOFEix-BaWNomUAazbsrUCbrp514GIea3butbyxXLNi6R9TJUNh8V2uan-optT1MMyS7eMQnVGL5rYBULk.9K5ucUqAu0DqkkhgubsHHw'; $sbBody = new CkStringBuilder(); $sbBody->Append('{\'hello\': \'world\'}'); print 'Body of request:' . "\n"; print $sbBody->getAsString() . "\n"; // ------------------------------------------------- // Build the signature base string... $sbSigBase = new CkStringBuilder(); $sbSigBase->Append('\'content-digest\': sha-256=:'); $sbSigBase->Append($sbBody->getHash('sha256','base64','utf-8')); $sbSigBase->Append(':\n'); $sbSigBase->Append('\'x-ebay-signature-key\': '); $sbSigBase->Append($strJwe); $sbSigBase->Append('\n'); $sbSigBase->Append('\'@method\': POST\n'); // This is the path part of the URL without query params... $sbSigBase->Append('\'@path\': '); $sbSigBase->Append('/verifysignature'); $sbSigBase->Append('\n'); // The is the domain, such as "api.ebay.com" w/ port if the port is something unusual. // In this example, we're testing against a local docker test server (see the info at https://developer.ebay.com/develop/guides/digital-signatures-for-apis) // Normally, I think it would just be "api.ebay.com" instead of "localhost:8080". $sbSigBase->Append('\'@authority\': '); $sbSigBase->Append('localhost:8080'); $sbSigBase->Append('\n'); $sbSigBase->Append('\'@signature-params\': '); $sbSigInput = new CkStringBuilder(); $sbSigInput->Append('(\'content-digest\' \'x-ebay-signature-key\' \'@method\' \'@path\' \'@authority\')'); $sbSigInput->Append(';created='); $dt = new CkDateTime(); $dt->SetFromCurrentSystemTime(); $unixTimeNow = $dt->getAsUnixTimeStr(false); $sbSigInput->Append($unixTimeNow); $sbSigBase->AppendSb($sbSigInput); // ------------------------------------------------- // Sign the signature base string using the Ed25519 private key $bdPrivKey = new CkBinData(); $bdPrivKey->AppendEncoded($strPrivateKey,'base64'); $privKey = new CkPrivateKey(); $success = $privKey->LoadAnyFormat($bdPrivKey,''); if ($success == false) { print $privKey->lastErrorText() . "\n"; exit; } $bdToBeSigned = new CkBinData(); $bdToBeSigned->AppendSb($sbSigBase,'utf-8'); $eddsa = new CkEdDSA(); $sigBase64 = $eddsa->signBdENC($bdToBeSigned,'base64',$privKey); if ($eddsa->get_LastMethodSuccess() == false) { print $eddsa->lastErrorText() . "\n"; exit; } print 'sigBase64:' . "\n"; print $sigBase64 . "\n"; // ---------------------------------------------------------- // Send the JSON POST $http = new CkHttp(); $http->SetRequestHeader('x-ebay-signature-key',$strJwe); $sbContentDigestHdr = new CkStringBuilder(); $sbContentDigestHdr->Append('sha-256=:'); $sbContentDigestHdr->Append($sbBody->getHash('sha256','base64','utf-8')); $sbContentDigestHdr->Append(':'); $http->SetRequestHeader('Content-Digest',$sbContentDigestHdr->getAsString()); $sbSigHdr = new CkStringBuilder(); $sbSigHdr->Append('sig1=:'); $sbSigHdr->Append($sigBase64); $sbSigHdr->Append(':'); $http->SetRequestHeader('Signature',$sbSigHdr->getAsString()); $sbSigInput->Prepend('sig1='); $http->SetRequestHeader('Signature-Input',$sbSigInput->getAsString()); // Add this header to make eBay actually check the signature. $http->SetRequestHeader('x-ebay-enforce-signature','true'); // Set the OAuth2 access token to add the "Authorization: Bearer <access_token>" to the header. $http->put_AuthToken('your_oauth2_access_token'); // The signature base string constructed above is valid if we send this POST to "http://localhost:8080/verifysignature" // Normally, you'll send your POST to some api.ebay.com endpoint. $url = 'http://localhost:8080/verifysignature'; // resp is a CkHttpResponse $resp = $http->PostJson2('http://localhost:8080/verifysignature','application/json',$sbBody->getAsString()); if ($http->get_LastMethodSuccess() == false) { print $http->lastErrorText() . "\n"; exit; } print 'Response status code: ' . $resp->get_StatusCode() . "\n"; print 'Response body:' . "\n"; print $resp->bodyStr() . "\n"; ?> |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.