FiveTech Software tech support forums

Hello everyone,
I have a problem creating a signature to validate my identity in an oath 1.0 system
y have this credentials

oauth_consumer_key="8pr53tcagfih9bpvo24m1t8z9xd42tx3",
oauth_nonce="W6ndLpigOjP025vmvGSJdqEEylRUusgg",
oauth_signature_method="HMAC-SHA256",
oauth_timestamp="1697034473",
oauth_token="jx9997t7pd3ldvjemmiz9co6qtxj3igk",
oauth_version="1.0"' \

and....
Consumer Secret and Access Token Secret

I create the oath_signature parmeter with openssl
1- I create a file param.txt with the method, uri and parameters

POST&http://testting.ip.xxxxxxxcontent.com/staging.cal/rest/V1/products&oauth_consumer_key=8pr53tcagfih9bpvo24m1t8z9xd42tx3&oauth_nonce=W6ndLpigOjP025vmvGSJdqEEylRUusgg&oauth_signature_method=HMAC-SHA256&oauth_timestamp=1697034473&oauth_token=jx9997t7pd3ldvjemmiz9co6qtxj3igk&oauth_version=1.0

2- I run openssl.exe
openssl dgst -hmac "CONSUMER_SECRET&$ACCESS_TOKEN_SECRET" -binary -sha256 < param.txt

3 - i convert de binary result to base64, and the result is not valid !

Is there a way to generate the valid signature in some way?

best regards , jorge

Hello,

Check out this link and it may help you with your problem.

https://forum.modharbour.app/viewtopic ... KEN#p1394

It is an excellent contribution to the
JSON Web Token (JWT) support

Saludos,

David,
The problem I had is how I put together the string to be encrypted,
when to consider or not the characters that should be converted to hexadecimal,
that was solved, both your contribution and openssl work perfectly

thanks again
best regards