I have problem with Golang to generate the correct the correct Authorization string for API access. I try with JS and the string is okay to use while the string from golang can not be used for authentication. Can you help me check what is the different and correct me? Here is my golang code:
func generateSalt(dataToSign string) string {
token := hmac.New(sha256.New, []byte("secret"))
token.Write([]byte(dataToSign))
macSum := token.Sum(nil)
return base64.StdEncoding.EncodeToString(macSum)
}
func main() {
date = "Wed, 25 May 2022 09:16:45 GMT"
uri := "groups"
url := fmt.Sprintf("https://api-worldcheck.refinitiv.com/v2/%s", uri)
dataToSign := fmt.Sprintf(`(request-target): get %s%vhost: %s%vdate: %s`, "/v2/groups", "\r\n", "api-worldcheck.refinitiv.com", "\r\n", date)
log.Printf("dateToSign: %s", dataToSign)
hmac := generateSalt(dataToSign)
authorization := fmt.Sprintf(`Signature keyId="%s",algorithm="hmac-sha256",headers="(request-target) host date",signature="%s"`, "api-key", hmac)
log.Printf("authorization: %s", authorization)
}
The result from golang is dZzRZfa0yVZsTWof+qEz5VhsFyV83b6DDKXzG9pp/yk=
The code on JS:
function generateAuthHeader(dataToSign){
var hash = CryptoJS.HmacSHA256(dataToSign,environment["api-secret"]);
return hash.toString(CryptoJS.enc.Base64);
}
var date = "Wed, 25 May 2022 09:16:45 GMT";
var dataToSign = "(request-target): get " + environment["gateway-url"] + "groups\n" +
"host: " + environment["gateway-host"] + "\n" +
"date: " + date;
console.log("date", date)
console.log({dataToSign})
var hmac = generateAuthHeader(dataToSign);
var authorisation = "Signature keyId=\"" + environment["api-key"] + "\",algorithm=\"hmac-sha256\",headers=\"(request-target) host date\",signature=\"" + hmac + "\"";
console.log({authorisation})
The result is nx5uyMlq4kOxY1fD5OpoLE6UGI+f5p3OUy+l6G8+oxc=