驗證Sinch SMS回調

我試圖在Python中重現https://www.sinch.com/using-rest/#callbackrequestsigning的示例。驗證Sinch SMS回調

我能到再現「CONTENT-MD5」使用：

>>import hasblib 
>>import base64 
>>m='{"event":"ace","callid":"822aa4b7-05b4-4d83-87c7-1f835ee0b6f6_257","timestamp":"2014-09-24T10:59:41Z","version":1}' 
>>base64.b64encode(hashlib.md5(m.encode('utf-8')).digest()) 
b'REWF+X220L4/Gw1spXOU7g=='

但我無法使用複製簽名如下：

>>>secret ="BeIukql3pTKJ8RGL5zo0DA==".encode('utf-8') 
>>>message = 'POST\nREWF+X220L4/Gw1spXOU7g==\napplication/json\nx-timestamp:2014-09-24T10:59:41Z\n/sinch/callback/ace'.encode('utf-8') 
>>>base64.b64encode(hmac.new(secret, message, digestmod=hashlib.sha256).digest())   
b'xLX5N1DejHHma4NwS7IQ40W3041JQeOiFBgE4IhLlkg='

據現場的簽名應是Tg6fMyo8mj9pYfWQ9ssbx3Tc1BNC87IEygAfLbJqZb4

任何想法？

來源

2015-10-31 Kahitarich

原來的祕密是base64編碼，所以我們必須先解碼才能使用。以下作品：

>>>secret = base64.b64decode("BeIukql3pTKJ8RGL5zo0DA==") 
>>>message = 'POST\nREWF+X220L4/Gw1spXOU7g==\napplication/json\nx-timestamp:2014-09-24T10:59:41Z\n/sinch/callback/ace'.encode('utf-8') 
>>>base64.b64encode(hmac.new(secret, message, digestmod=hashlib.sha256).digest()) 
b'Tg6fMyo8mj9pYfWQ9ssbx3Tc1BNC87IEygAfLbJqZb4='

來源

2015-11-02 03:00:50 Kahitarich

驗證Sinch SMS回調

回答

相關問題