Where to put authentication header code? | ww.wp.xz.cn

Resolved MovingMap
(@movingmap)

6 years, 6 months ago

Hi Bernhard,

trying to connect to a site that requires the following authentication:
Authorization: http://api.xxx.com/v1/hmac/v1 ClientID="_your client id_", Signature="_signature_", Nonce="_nonce_", Created="_YYYY-MM-ddTHH:ii:ssZ_"
where Nonce is created by PHP as follows:
$nonce=rtrim(base64_encode(openssl_random_pseudo_bytes(rand(12,30))), '=');
The date/time must not be off of the Server’s date/time more than 5 minutes, so a one-time correction is needed. In addition, the date/time is coded in PHP as follows:
$date = gmdate(Y-m-d\TH:i:s\Z);
Then, the signature ios created as follows:
$signature = base64_encode(hash_hmac('sha256', $nonce . $date . CLIENT , SECRET, true));
CLIENT and SECRET are the credentials from the server for authenticated access.

Well, is there any chance to create such header sent with each request? If so, how?

So far I am using the free version. If you need the URL, I’d prefer to send a private EMail.

Thanks!
Klaus.

Viewing 1 replies (of 1 total)

Plugin Author berkux
(@berkux)

6 years, 6 months ago

Hi Klaus,

the free plugin can’t handle.

But – my idea for that:
Install a plugin like
https://de.ww.wp.xz.cn/plugins/php-code-widget/
With that you can use PHP to calc the $signature etc.
And do the http-request.

As this can’t be covered by the free plugin you might switch to
https://jsoncontentimporter.freshdesk.com/widgets/feedback_widget/new?searchArea=no
for further discussions.

Bernhard

Viewing 1 replies (of 1 total)

The topic ‘Where to put authentication header code?’ is closed to new replies.

Tags

1 reply
2 participants
Last reply from: berkux
Last activity: 6 years, 6 months ago
Status: resolved