Note |
---|
From version 4.0 the recommended authentication method is JWT and not the URL signing described below |
Example of how to sign a request in Node.js.
This example requires that the module "date-utils" is loaded by npm.
Code Block | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
function randomString(length) { var chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; var result = ''; for (var i = length; i > 0; --i) result += chars[Math.round(Math.random() * (chars.length - 1))]; return result; } function createSignature(text) { var crypto = require('crypto'); var hash = crypto.createHash('md5').update(text).digest('hex'); return hash; } var token = "42f94ba7c9bi4b8887b66baa8a567c28"; console.log('Token:\n' + token); var secret = "2c9e39f72f434a8"; console.log('Secret:\n' + secret); var request = "http://site.meridix.se/api/customerscustomer/listlistcustomers"; console.log('Request URL:\n' + request); var nonce = randomString(8); console.log('Nonce:\n' + nonce); require('date-utils'); var now = new Date(); var utc = new Date(now.getTime() + now.getTimezoneOffset() * 60000); var timestamp = utc.toFormat('YYYYMMDDHH24MISS'); console.log('Timestamp:\n' + timestamp); var parameters = [ 'auth_nonce=' + nonce, 'auth_timestamp=' + timestamp, 'auth_token=' + token ]; parameters.sort(); var parametersConcated = parameters.join('&'); console.log('ParametersConcated:\n' + parametersConcated); var parametersConcatedEncoded = encodeURIComponent(parametersConcated); console.log('ParametersConcatedEncoded:\n' + parametersConcatedEncoded); var requestEncoded = encodeURIComponent(request); console.log('RequestEncoded:\n' + requestEncoded); // IMPORTANT - The GET&-prefix must be change to POST& etc. when using different HTTP Verbs than GET. var verbRequestQuery = 'GET&' + requestEncoded + '&' + parametersConcatedEncoded + '&' + secret; console.log('VerbRequestQuery:\n' + verbRequestQuery); var signature = createSignature(verbRequestQuery); console.log('Signature:\n' + signature); var signedRequest = request + '?' + parametersConcated + '&auth_signature=' + signature; console.log('SignedRequest:\n' + signedRequest); |
...