0

我正在我的应用程序中集成 INSTAMOJO 支付网关。我正在对来自 INSTAMOJO 站点的 webhook 响应使用 MAC 验证。可用教程仅适用于 PHP 和 Python。但我正在使用 NodeJs (ExpressJs) 来实现它。我在下面附上了我的代码。所以问题是预期的 HashCode 和计算的 HashCode 不一样,请查看我的代码和 INSTAMOJO 文档。

func(req, res){
    body= req.body
    {mac}=body
    delete body.mac
    const instaCredentials= {key:***********, secret:*********, webhooks:********}
    const bodyKeys= Object.keys(body).map(key => key);
    const sortedKeys = bodyKeys.sort()

    const values = sortedKeys.map(key => {
        const value = body[key];
        return value.toLowerCase();
    });

    let message = values.join('|');
    const secret = instaCredentials.webhooks
    let calculatedMac= cryptoJs.HmacSHA1(message, secret)
    calculatedMac = expectedMac.toString();
    console.log(mac,calculatedMac)
}

https://support.instamojo.com/hc/en-us/articles/207816249-What-is-the-Message-Authentication-Code-in-Webhook-

4

1 回答 1

0

尝试这个

const CryptoJS = require('crypto-js');


function verifyHmac(
    receivedHmac, // received in Kindly-HMAC request header
    dataString, // received in request body (stringified JSON)
    key // shared secret, known by your service
) {
    const generatedHmac = CryptoJS.HmacSHA256(dataString, key);
    const generatedHmacBase64 = CryptoJS.enc.Base64.stringify(generatedHmac);

    return generatedHmacBase64 === receivedHmac;
}

// test the function
const receivedHmac = "uEeD0Q7eW9btdx6LFvvlpwkzQBWdbknsQkg1C27Cx7Q=";
const dataString = '{"foo":1,"bar":2}';
const key = "examplekey";

if (!verifyHmac(receivedHmac, dataString, key)) {
    throw new Error("HMAC did not authenticate");
}
于 2020-11-24T19:45:04.117 回答