【发布时间】:2021-05-19 19:48:10
【问题描述】:
我正在尝试与使用 HMAC 身份验证的服务 (paysera https://developers.paysera.com/) 集成。我已经设法集成了每个 GET 端点。然而,当涉及到POST 请求时,代码似乎无法正常工作。
createHMACAuth(data) {
let bodyHash = crypto.createHash('sha256').update(JSON.stringify(data)).digest('base64');
let method = 'POST';
let path = `/rest/v1/transfers`;
let ts = moment().unix();
let nonce = GUID(32);
let port = 443;
let macString = `${ts}\n${nonce}\n${method}\n${path}\n${host}\n${port}\n${bodyHash || ''}\n`;
let my_mac_key = 'my_mac_key';
let my_mac_id = 'my_mac_id';
let mac = crypto.createHmac('sha256', my_mac_key).update(macString).digest('base64');
let headerString = `MAC id="${my_mac_id}", ts="${ts}", nonce="${nonce}", mac="${mac}", ext="body_hash=${bodyHash}"`;
return headerString;
}
let data = {
key: 'value',
otherkey: 'othervalue'
};
let headers = {
Host: 'wallet.paysera.com',
'User-Agent': `Paysera node.js library`,
mac_id: 'my_mac_id',
Authorization: createHMACAuth(data);
};
POST_REQUEST(`${headers.host}/rest/v1/transfers`, data, headers, (err, res) => console.log(res))
我得到的回应是:
{
error: 'unauthorized',
error_description: 'Given MAC content body hash does not match actual hash of content'
}
任何帮助将不胜感激!
【问题讨论】: