I tried to implement HMAC plugin on Kong using steps on konghub
Plugin installed on kong, and I’m trying to hit it, but my signature always failed. Then I try to validate my algorithm using Kong example on documentation (alice123
with key secret
)
However I can’t get the same signature as in plugin. Am I did something wrong?
From the example
signing_string="date: Thu, 22 Jun 2017 17:15:21 GMT\nGET /requests HTTP/1.1"
digest=HMAC-SHA256(<signing_string>, "secret")
base64_digest=base64(<digest>)
Final signature from Kong example is ujWCGHeec9Xd6UD2zlyxiNMCiXnDOWeVFMu5VeRUxtw=
My algorithm (checked it against few HMAC online tools + base64 encode online) give this result fro Kong example. This match with online tools but not with Kong example
Base64 : Sf6cEUMuDNgm4gbdOD7uSZkLUcsaSdD+4SQrIe5jFTQ=
What’s wrong with my algorithm?