我在使用 Golang 为 API 访问生成正确的授权字符串时遇到问题。我尝试使用 JS,字符串可以使用,而来自 golang 的字符串不能用于身份验证。你能帮我检查一下有什么不同并纠正我吗?这是我的 golang 代码:func generateSalt(dataToSign string) string { token := hmac.New(sha256.New, []byte("secret")) token.Write([]byte(dataToSign)) macSum := token.Sum(nil) return base64.StdEncoding.EncodeToString(macSum)}func main() { date = "Wed, 25 May 2022 09:16:45 GMT" uri := "groups" url := fmt.Sprintf("https://api-worldcheck.refinitiv.com/v2/%s", uri) dataToSign := fmt.Sprintf(`(request-target): get %s%vhost: %s%vdate: %s`, "/v2/groups", "\r\n", "api-worldcheck.refinitiv.com", "\r\n", date) log.Printf("dateToSign: %s", dataToSign) hmac := generateSalt(dataToSign) authorization := fmt.Sprintf(`Signature keyId="%s",algorithm="hmac-sha256",headers="(request-target) host date",signature="%s"`, "api-key", hmac) log.Printf("authorization: %s", authorization)}golang 的结果是 dZzRZfa0yVZsTWof+qEz5VhsFyV83b6DDKXzG9pp/yk=JS上的代码function generateAuthHeader(dataToSign){ var hash = CryptoJS.HmacSHA256(dataToSign,environment["api-secret"]); return hash.toString(CryptoJS.enc.Base64); }var date = "Wed, 25 May 2022 09:16:45 GMT";var dataToSign = "(request-target): get " + environment["gateway-url"] + "groups\n" + "host: " + environment["gateway-host"] + "\n" + "date: " + date; console.log("date", date) console.log({dataToSign})var hmac = generateAuthHeader(dataToSign);var authorisation = "Signature keyId=\"" + environment["api-key"] + "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date\",signature=\"" + hmac + "\""; console.log({authorisation})结果为 nx5uyMlq4kOxY1fD5OpoLE6UGI+f5p3OUy+l6G8+oxc=
1 回答
UYOU
TA贡献1878条经验 获得超4个赞
这两个片段都有不同的数据要签名。JS 有一些使用的环境变量可能不同。我从 Go 代码中获取了这些值。
Go 代码:Go 游乐场示例
// You can edit this code!
// Click here and start typing.
package main
import (
"crypto/hmac"
"crypto/sha256"
"encoding/base64"
"fmt"
"log"
)
func generateSalt(dataToSign string) string {
token := hmac.New(sha256.New, []byte("secret"))
token.Write([]byte(dataToSign))
macSum := token.Sum(nil)
return base64.StdEncoding.EncodeToString(macSum)
}
func main() {
date := "Wed, 25 May 2022 09:16:45 GMT"
uri := "groups"
url := fmt.Sprintf("https://api-worldcheck.refinitiv.com/v2/%s", uri)
host := "api-worldcheck.refinitiv.com"
dataToSign := fmt.Sprintf("(request-target): get %s\nhost: %s\ndate: %s", url, host, date)
log.Printf("dateToSign: %s", dataToSign)
hmac := generateSalt(dataToSign)
authorization := fmt.Sprintf(`Signature keyId="%s",algorithm="hmac-sha256",headers="(request-target) host date",signature="%s"`, "api-key", hmac)
log.Printf("authorization: %s", authorization)
}
JS代码:
function generateAuthHeader(dataToSign){
var hash = CryptoJS.HmacSHA256(dataToSign, "secret");
return hash.toString(CryptoJS.enc.Base64);
}
var date = "Wed, 25 May 2022 09:16:45 GMT";
var url = "https://api-worldcheck.refinitiv.com/v2/";
var host = "api-worldcheck.refinitiv.com";
var apiKey = "api-key";
var dataToSign = "(request-target): get " + url + "groups\n" +
"host: " + host + "\n" +
"date: " + date;
console.log("date", date)
console.log("dataToSign", dataToSign)
var hmac = generateAuthHeader(dataToSign);
var authorisation = "Signature keyId=\"" + apiKey + "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date\",signature=\"" + hmac + "\"";
console.log(authorisation);
<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js"></script>
两者都有签名为pZjwRvunAPwUs7tFdbFtY6xOLjbpKUYMpnb
- 1 回答
- 0 关注
- 106 浏览
添加回答
举报
0/150
提交
取消