How to generate Signature in Golang any one help me ?

yunyun.chen
yunyun.chen Newcomer
in World-Check One

Hi

In Thomson-Reuters-World-Check-One-API-documentation.v2.0 we can see request example and description for it


"Given the above signing text, if a secret key of “1234” is used, the computed HMAC-SHA256 value would be 224B73FC07571E60E8B8D9BAB8107C656D3171F346B96183C665FD4C5330B85D when printed using hex encoding, or Iktz/AdXHmDouNm6uBB8ZW0xcfNGuWGDxmX9TFMwuF0= when printed using base64 encoding."


But i got first value “45F3083DA84B9C129E5B9575EA1AA81B656582E048E5D40F51535143A5985C02”


my golang code:


func HmacSha256(data string, secret string) string {
   h := hmac.New(sha256.New, []byte(secret))
   h.Write([]byte(data))
   sha := hex.EncodeToString(h.Sum(nil))
   sha = strings.ToUpper(sha)
   return base64.StdEncoding.EncodeToString([]byte(sha))
}


What am I doing wrong? @Irfan.Khan

Tagged:

Best Answer

  • Irfan.Khan
    Irfan.Khan LSEG
    Answer ✓

    V2_HMAC.zip

    @yunyun.chen

    I tried to generate the hex digest and Base64 signature using my python script and find it to be as follows:

    HMAC-->bb3adc06d7878b861f4a872a1e7a357b4cc8aecfa8989065257b9f7d95b5147c

    Base64-->uzrcBteHi4YfSocqHno1e0zIrs+omJBlJXuffZW1FHw=


    So, the values of HMAC and Base64 mentioned in the API documentation is incorrect and I am working to get those changed.

    In the mean time, I would like to tell that the way you are generating the HMAC and Base64 in golang is correct, so you can proceed with writing the code to connect to simple GET request first. Do not worry about the Base64/HMAC signature not matching for the moment, as there are lot of factors involved to get the correct base64, for example: spaces and indentation in the payload also matters a lot.

    Are you sure you are trying the correct payload. Try this:

    payload := strings.NewReader("{
    \n  \"caseId\": \"my customer ID\",
    \n  \"name\": \"John Doe\",
    \n  \"providerTypes\": [\"WATCHLIST\"]
    \n}")

    and then add this to your dataToSign variable. After this convert it to a byte class.


    I am attaching a python code for your reference.

Answers

  • Irfan.Khan
    Irfan.Khan LSEG

    @yunyun.chen

    Try this code snippet instead:

    apiSecret is the API secret and payload is the other data you are blending with API secret.

    hmac256 := hmac.New(sha256.New, []byte(apiSecret))
    hmac256.Write([]byte(payload))
    base64.StdEncoding.EncodeToString(hmac256.Sum(nil))


  • yunyun.chen
    yunyun.chen Newcomer
    https://community.developers.refinitiv.com/discussion/comment/57051#Comment_57051

    The Reault of the example in the documentation ,

    "ktz/AdXHmDouNm6uBB8ZW0xcfNGuWGDxmX9TFMwuF0=" when printed using base64 encoding.


    But I'm getting this

    "RfMIPahLnBKeW5V16hqoG2VlguBI5dQPUVNRQ6WYXAI="

    by the 

    hmac256 := hmac.New(sha256.New, []byte(apiSecret))
    hmac256.Write([]byte(payload))
    base64.StdEncoding.EncodeToString(hmac256.Sum(nil))

    payload

    (request-target): post /v2/cases
    host: rms-world-check-one-api.thomsonreuters.com
    date: Tue, 07 Jun 2016 20:51:35 GMT
    content-type: application/json
    content-length: 88
    {
      "caseId": "my customer ID",
      "name": "John Doe",
      "providerTypes": ["WATCHLIST"]
    }

Categories