HMAC-SHA1 Swift 3 - 403禁止

时间:2017-07-06 06:27:14

标签: ios swift digital-signature hmac kong

我尝试从Swift 3执行HMAC-SHA1签名到kong服务器,该服务器返回重定向到Twitter主机(在HK上启用HMAC - 后跟https://getkong.org/plugins/hmac-authentication/

我在swift中使用相同的密钥,用户名。使用密钥在当前日期执行HMAC-SHA1并将请求发送到http://localhost:8000/@foo

Swift 3代码:

override func viewDidLoad() {
    super.viewDidLoad()
    let date = Date()
    let currentDateF = DateFormatter()
    let localeF = Locale(identifier: "en_US")
    let tzone = TimeZone(identifier: "UTC")
    currentDateF.dateFormat = "EEE, dd MMM yyyy HH:mm:ss z"
    currentDateF.timeZone = tzone
    currentDateF.locale = localeF
    let currentDate = currentDateF.string(from: date)
    let dat = "date: \(currentDate)"
    let username = "bar"
    let hmacResult: String = dat.getHmac(algorithm: .SHA1, key: "foo")
    HTTPrequest(Datestr: currentDate, hmacAuth: hmacResult, username: username)
}

func HTTPrequest(Datestr: String, hmacAuth: String, username: String) {
    let url = URL(string: "http://localhost:8000/@foo")
    var request = URLRequest(url: url!)
    request.addValue(Datestr, forHTTPHeaderField: "date")
    request.addValue("twitter.com", forHTTPHeaderField: "Host")
    request.setValue("hmac username='\(username)', algorithm='hmac-sha1', headers='date', signature='\(hmacAuth)'", forHTTPHeaderField: "Authorization")
    let dataTask = URLSession.shared.dataTask(with: request) {
        (data,response,error) in
        if error != nil {
            print(error!)
        }
        print("DATA RETURNED: \(data!)")
        let str = String(data: data!, encoding: .utf8)
        print("VALUE: \(str!)")
        print("RESPONSE: \(response!)")
    }
    dataTask.resume()
}


enum hmacAlgo {
    case SHA1
    func  toHMACAlgorithm() -> CCHmacAlgorithm {
        var result: Int = 0
        switch self {
        case .SHA1:
            result = kCCHmacAlgSHA1
        }
        return CCHmacAlgorithm(result)
    }

    func digestLength() -> Int {
        var result: CInt = 0
        switch self {
        case .SHA1:
            result = CC_SHA1_DIGEST_LENGTH
        }
        return Int(result)
    }
}

extension String  {
    func getHmac(algorithm: hmacAlgo, key: String) -> String {
        let stringData = self.cString(using: String.Encoding.ascii)
        let keyData = key.cString(using: String.Encoding.ascii)
        var result = [CUnsignedChar](repeating: 0, count: Int(algorithm.digestLength()))
        CCHmac(algorithm.toHMACAlgorithm(), keyData!, Int(strlen(keyData!)), stringData!, Int(strlen(stringData!)), &result)
        let hmacData: NSData = NSData(bytes: result, length: (Int(algorithm.digestLength())))
        let hmacb64 = hmacData.base64EncodedString(options: NSData.Base64EncodingOptions.lineLength76Characters)
        return hmacb64
    }
}

但我收到403状态代码 - 禁止显示无法验证HMAC签名的消息

1 个答案:

答案 0 :(得分:0)

解决,

request.setValue("hmac username=\"\(username)\", algorithm=\"hmac-sha1\", headers=\"date\", signature=\"\(hmacAuth)\"", forHTTPHeaderField: "Authorization")

我只是使用双引号将字符串包装在授权标头中并发送请求。 谢谢。

相关问题
最新问题