How can i create the hmac-auth signature

#1

I am trying to configure hmac-auth plugin in kong, i have tried so many time to create signature but every time when i hit the request through postman i got the error " message": “HMAC signature does not match”"

please let me know the proper steps to configure and to generate the signature

Thanks
Prashant

0 Likes

#2

You can find an example in the docs, here’s the relevant bit:

In the above request, we are composing the signing string using the date and request-line headers and creating the digest using the hmac-sha256 to hash the digest:

  signing_string="date: Thu, 22 Jun 2017 17:15:21 GMT\nGET /requests HTTP/1.1"
  digest=HMAC-SHA256(<signing_string>, "secret")
  base64_digest=base64(<digest>)
0 Likes

#3

what i am doing is,

  1. let us suppose today’s date and time is (Mon, 01 Apr 2019 17:15:21 GMT)
    taking signing string as “date: Mon, 01 Apr 2019 17:15:21 GMT\nGET /requests HTTP/1.1”

  2. creating digest through https://www.freeformatter.com/hmac-generator.html through hmac-sha256 algorithm with secret “secret456”

"

ca9eaa377b3a77a0457c9093562e83e2032bdf6261ae00b81cc6d05b58273db6

3.creating base64_digest of (ca9eaa377b3a77a0457c9093562e83e2032bdf6261ae00b81cc6d05b58273db6)
through https://www.base64encode.org/ i.e - > Y2E5ZWFhMzc3YjNhNzdhMDQ1N2M5MDkzNTYyZTgzZTIwMzJiZGY2MjYxYWUwMGI4MWNjNmQwNWI1ODI3M2RiNg==

  1. Test the hmac through postman with below authorization header

Authorization: hmac username=“bob”, algorithm=“hmac-sha256”, headers=“date, request-line”, signature="Y2E5ZWFhMzc3YjNhNzdhMDQ1N2M5MDkzNTYyZTgzZTIwMzJiZGY2MjYxYWUwMGI4MWNjNmQwNWI1ODI3M2RiNg==

X-Date(header) :- Mon, 01 Apr 2019 17:15:21 GMT

The Plugin parameters are
clock_skew=30000000000
enforce_header=date, request-line
algorithms :- hmac-sha256

The error i get is : “message”: “HMAC signature cannot be verified”

Please let me know , am i following the right process. if no than please mention the right one

0 Likes