在Java语言中,我有:
function authenticateAndFetch(payload) {
const endpoint = PropertiesService.getScriptProperties().getProperty('WEBHOOK_URL');
const hmac_key = PropertiesService.getScriptProperties().getProperty('HMAC_SHA_256_KEY');
var send_data = JSON.stringify(payload)
const signature = Utilities.computeDigest(Utilities.DigestAlgorithm.MD5, send_data)
.map(function(chr){return (chr+256).toString(16).slice(-2)})
.join(''); // Golf https://stackoverflow.com/a/49759368/300224
const fetch_options = {
'method': 'post',
'payload': {'gmail_details': send_data, 'signature': signature},
'muteHttpExceptions': true
};
const response = UrlFetchApp.fetch(endpoint, fetch_options);
return response.getContentText();
}
然后在PHP中,我使用以下方法对此进行验证:
$detailsString = $_POST['gmail_details'];
$correctSignature = md5($detailsString);
经过一段时间的日志记录和漫长的一天,我发现Javascript和PHP将为包含以下数据的字符串产生不同的md5总和:
HEX: 65 20 c2 97 20 44
在将它们发送到PHP之前,是否有某种方法可以清除Javascript中的输入,或者在两种环境中都可以通过某种方式获取匹配的字符串?
答案 0 :(得分:0)
我从未解决过实际问题。并且认为将问题最小化将导致有关Google App Script或PHP的错误报告。但这是一种解决方法,让我继续前进,它的效率非常低:
function authenticateAndFetch(payload) {
const endpoint = PropertiesService.getScriptProperties().getProperty('WEBHOOK_URL');
const hmac_key = PropertiesService.getScriptProperties().getProperty('HMAC_SHA_256_KEY');
var send_data = JSON.stringify(payload);
send_data = Utilities.base64Encode(send_data); // https://stackoverflow.com/q/51866469/300224
const signature = Utilities.computeDigest(Utilities.DigestAlgorithm.MD5, send_data)
.map(function(chr){return (chr+256).toString(16).slice(-2)})
.join(''); // Golf https://stackoverflow.com/a/49759368/300224
const fetch_options = {
'method': 'post',
'payload': {'gmail_details': send_data, 'signature': signature},
'muteHttpExceptions': true
};
const response = UrlFetchApp.fetch(endpoint, fetch_options);
return response.getContentText();
}
和PHP
$detailsString = $_POST['gmail_details'];
$detailsString = base64_decode($_POST['gmail_details']);
$correctSignature = md5($detailsString);
总而言之,您无法可靠地将非ASCII从Javascript传输到PHP,因此仅对base64进行编码。