Unable to Generate HMac using Salesforce Crypto Cl

2019-05-21 16:12发布

问题:

My Company recently signed up for Google Maps API for business.

To use the API, I need to generte a HMacSHA1 signature, and add it to my HTTP request. Unfortunately, somehow, I am not able to generate the right signature.

For testing, I am using the values provided by google to ensure that the algorithm works fine and I get the right result. Here is the code:

string url = 'maps/api/geocode/json?address=New+York&sensor=false&client=clientID';
string privateKey = 'vNIXE0xscrmjlyV-12Nj_BvUPaw=';
privateKey = privateKey.replace('-', '+');
privateKey = privateKey.replace('_', '/');

//Blob privateKeyBlob = EncodingUtil.base64Decode(privateKey);
Blob privateKeyBlob = Blob.valueOf(privateKey);
Blob urlBlob = Blob.valueOf(url);
Blob signatureBlob = Crypto.generateMac('HMacSHA1', urlBlob, privateKeyBlob);

String signature =EncodingUtil.urlEncode(EncodingUtil.base64Encode(signatureBlob), 'UTF-8');
signature = signature.replace('+', '-');
signature = signature.replace('/', '_');

system.debug('signature is ' +signature);

The generated signature should be : KrU1TzVQM7Ur0i8i7K3huiw3MsA=

Here is the link to Google Documentation where you can also find the same example: https://developers.google.com/maps/documentation/business/webservices

Few points to note: 1. I used the sample Python script provided in API Documentation and it gives the right result. 2. I think the problem is, API Documentation says that we should decode the privateKey and then provide it to the function. Although the documentation for Crypto Class says the "The value of privateKey does not need to be in decoded form.". I tried both, with and without decoding, still no result. 3. For Google API, everything has to be UTF-8 Encoded; I don't know if thats the way Encoding.Util decode's it.

I have tried a lot fo combinations, but could not find a solution. Any help would be highly appreciated.

Thanks, Ankit

回答1:

You need to sign the full path and query. Your string url is missing the leading slash (/).

Also, don't be afraid to open a support case with Google for this type of query.



回答2:

We have used the code, but there are some defects in it, for whomever intend to use this code, the actual code will be:

string url = '/maps/api/geocode/json?address=New+York&sensor=false&client=clientID';
string privateKey = 'vNIXE0xscrmjlyV-12Nj_BvUPaw=';
privateKey = privateKey.replace('-', '+');
privateKey = privateKey.replace('_', '/');

Blob privateKeyBlob = EncodingUtil.base64Decode(privateKey);
Blob urlBlob = Blob.valueOf(url);
Blob signatureBlob = Crypto.generateMac('hmacSHA1', urlBlob, privateKeyBlob);

String signature = EncodingUtil.base64Encode(signatureBlob);

signature = signature.replace('+', '-');
signature = signature.replace('/', '_');

system.debug('*** Signature: ' + signature);