0

Hi I'm having problems creating a Gygia signature. I've tryed everything on this post and I am almost sure my problem resides in wich Base64 I'm using. Here is what i got right now.

Both methods give me wrong keys

static String sign(String timestamp, String uid, String key) {
    String baseString = timestamp + "_" + uid;
    String lRet = "";
    byte[] baseBytes;
    try {
        baseBytes = baseString.getBytes("UTF-8");

        byte[] secretKeyBytes = org.apache.commons.codec.binary.Base64
                .decodeBase64(key.getBytes());
        Mac mac = Mac.getInstance("HmacSHA1");
        mac.init(new SecretKeySpec(secretKeyBytes, "HmacSHA1"));
        byte[] signatureBytes = mac.doFinal(baseBytes);
        byte[] encodedSign = org.apache.commons.codec.binary.Base64
                .encodeBase64(signatureBytes);
        lRet = new String(encodedSign, "UTF-8");
    } catch (Exception e) {
        e.printStackTrace();
    }
    return lRet;
}

The other implementation I tried is this one but my signature includes characters like '/' and '+' and Gigya kicks it back.

private String constructSignature(String timestamp, String UID, String pKey) {

    // Construct a "base string" for signing
    String baseString = timestamp + "_" + UID;

    // Convert the base string into a binary array
    byte[] binaryBaseString = ConvertUTF8ToBytes(baseString);

    // Convert secretKey from BASE64 to a binary array
    byte[] binaryKey = ConvertFromBase64ToBytes(pKey);

    // Use the HMAC-SHA1 algorithm to calculate the signature
    byte[] binarySignature = hmacsha1(baseString, binaryKey);

    // Convert the signature to a BASE64
    String signature = ConvertToBase64(binarySignature);

    return signature;
}

private byte[] ConvertUTF8ToBytes(String pString) {
    try {
        return pString.getBytes("UTF-8");
    } catch (UnsupportedEncodingException e) {
        e.printStackTrace();
    }
    return null;
}

private byte[] ConvertFromBase64ToBytes(String pBase64String) {
    return android.util.Base64.decode(pBase64String,
            android.util.Base64.DEFAULT);
}

private String ConvertToBase64(byte[] data) {
    String retString = android.util.Base64.encodeToString(data, android.util.Base64.DEFAULT);
    return retString;
}

I've gone up and down this code quite a bit, I've used commons.codec Base64 and also the Gigya version with no luck. Any pointers will be greatly apreciated. Regards

The error I get back from Gigya with the bad key is:

errorCode:400006
errorMessage:Invalid parameter value
errorDetails:Invalid argument: invalid signature
data:{"statusCode":400,"errorMessage":"Invalid parameter 
value","errorCode":400006,"callId":"0106c32c05e14afba1fc93ae0659bb69",
"errorDetails":"Invalid argument: invalid signature","statusReason":"Bad Request"}
4

1 回答 1

1

好吧,在阅读了我提到的帖子后,我在接受的答案中找到了SigUtils类,它基本上为你完成了所有工作......花了我一段时间,我希望我没有浪费任何人的时间。下面是如何生成密钥:

String lSig  = SigUtils.getOAuth1Signature(query+"_"+expTime, lHashedKey);

并验证:

boolean valid = SigUtils.validateUserSignature(expTime, query, lHashedKey, lSig);
于 2013-08-07T20:58:24.753 回答