如何从Bash生成Pusher认证字符串？ [英] How to generate Pusher authentication string from Bash?

问题描述

当
通过curl向Pusher发送消息时，我无法生成正确身份验证字符串

这是我的脚本，秘密

 ＃！/ bin / bash 
 
 key =my_key
 secret =my_secret
 appID =my_app_id
 
 timestamp =`date +％s` 
 data ='{name：say_stuff， channel：test，data：{\message\：\oh_yeah\}}'
 md5data =`echo'$ data md5` 
 authSig =`echo'POST\\\
 / apps /$ appID/ events\\\
auth_key =$ key& auth_timestamp =$ timestamp& auth_version = 1.0& body_md5 = $ md5data'| openssl dgst -sha256 -hex -hmac$ secret`
 
 curl -HContent-Type：application / json-d$ datahttp://api.pusherapp.com/ apps / $ appID / events？body_md5 = $ md5data& auth_version = 1.0& auth_key = $ key& auth_timestamp = $ timestamp& auth_signature = $ authSig
   
 
 authSig是肯定生成的，看起来像有效的HmacSHA256Hex 
 
 
 
但是，当它运行curl命令时， ：
 无效的签名：您应该已经发送了HmacSHA256Hex（POST\\\
 / apps / $ appID / events\\\
auth_key = $键和放大器; auth_timestamp = 1432086733&安培; auth_version = 1.0安培; body_md5 = e5997a811232ffae050be74242254ceb，your_secret_key），但你送55029a5e2d1058b352b5c22709e7fb9cb0c6f147846ed09dbc6bcaf6a7a804c7
  
我的机器上的openssl实用程序（Mac OS X 10.10）有可能与Pusher的不同吗？
 
 
 
这里有一些有趣的事情我已经注意到了。如果您去这里：
 
 
 
  https://pusher.com / docs / rest_api  
 
 
 
向下滚动到工作认证示例，您就可以按照示例操作。
 
 
 
我已经尝试通过运行示例生成签名：
  \
 /应用/ 3 / events\\\
auth_key = 278d425bdf160c739803&安培; auth_timestamp = 1353088179&安培; auth_version = 1.0安培; body_md5 = ec365a775a4cd0599faeb73354201b6f'| openssl dgst -sha256 -hex -hmac 7ad3773142a6692b25b8 
  
我得到
  aa368756587116f3997427fe1b315ed0e2f2faa555066e565a25cfe6f47c9396 
  
，而不是他们的榜样这将导致
  da454824c97ba181a32ccc17a72625ba02771f50b50e1e7430e47a1f3f457e6c 
  
 
 
解决方案
请尝试以下操作：
 ＃！ bash 
 
 key =my_key
 secret =my_secret
 appID =my_app_id
 
 timestamp = $（date +％s）
 data ='{name：say_stuff，channel：test，data：{\message\：\oh_yeah\}} $ b＃确保使用`printf％s`来防止后面的\\\
被添加到数据。 
 md5data = $（printf'％s'$ data| md5）
 
 path =/ apps / $ {appID} / events
 queryString =auth_key = $ {键}&安培; auth_timestamp = $ {时间戳}&安培; auth_version = 1.0安培; body_md5 = $ {md5data}
 
＃一定要使用多行，双引号的字符串，没有按' t结束在\\\
作为
＃输入为SHA-256 HMAC。 
 authSig = $（printf'％s'POST 
 $ path 
 $ queryString| openssl dgst -sha256 -hex -hmac$ secret）
 
 curl -HContent-Type：application / json-d$ datahttp：//api.pusherapp.com$ {path}？$ {queryString}& auth_signature = $ {authSig}
  
您的代码有几个问题：
 
 
 
 
 
通过使用 echo ，您在添加到 md5 和 openssl ，它改变了数据。
 
 
要传递的字符串中的 \\\
 到 openssl 意在表示实际的换行符，而您将它们用作文字。
 
 
 
 
 
此外，我已删除重复的代码，使用 $ {name} 变量引用为了更好的视觉清晰度，
和我也修正了双引号问题。
 
 
 
 
 
 
关于从网站的示例哈希：再次，您的问题是使用 echo ，而不是扩展嵌入的 \\\
 序列到实际的换行符;以下shell命令 给出正确的结果：
 ＃展开'\\\
'要使用ANSI C引号字符串
＃（$'...'）
S = $'POST\\\
 /应用换行符/ 3 / events\\\
auth_key = 278d425bdf160c739803&安培; auth_timestamp = 1353088179&安培; auth_version = 1.0& body_md5 = ec365a775a4cd0599faeb73354201b6f'
＃使用`printf％s`传递给openssl。 
 printf％s$ s| openssl dgst -sha256 -hex -hmac 7ad3773142a6692b25b8 
  
 
I'm having trouble generating the "right" authentication string to use when
sending a message to Pusher via curl

Here's my script, the secret bits cut out of course:
#!/bin/bash

key="my_key"
secret="my_secret"
appID="my_app_id"

timestamp=`date +%s`
data='{"name":"say_stuff","channel":"test","data":"{\"message\":\"oh_yeah\"}"}'
md5data=`echo "$data" | md5`
authSig=`echo 'POST\n/apps/"$appID"/events\nauth_key="$key"&auth_timestamp="$timestamp"&auth_version=1.0&body_md5="$md5data"' | openssl dgst -sha256 -hex -hmac "$secret"`

curl -H "Content-Type:application/json" -d "$data" "http://api.pusherapp.com/apps/$appID/events?body_md5=$md5data&auth_version=1.0&auth_key=$key&auth_timestamp=$timestamp&auth_signature=$authSig"
The authSig is certainly generated, and looks like valid HmacSHA256Hex

However, when it runs the curl command, I get this response:
Invalid signature: you should have sent HmacSHA256Hex("POST\n/apps/$appID/events\nauth_key=$key&auth_timestamp=1432086733&auth_version=1.0&body_md5=e5997a811232ffae050be74242254ceb", your_secret_key), but you sent "55029a5e2d1058b352b5c22709e7fb9cb0c6f147846ed09dbc6bcaf6a7a804c7"
Is it possible that the openssl utility on my machine (Mac OS X 10.10) is somehow different than Pusher's?

Here's something funny I've noticed now. If you go here:

https://pusher.com/docs/rest_api

And scroll down to "Worked authentication example" you'll be able to follow along with an example.

I've tried generating the signature using the example by running:
echo 'POST\n/apps/3/events\nauth_key=278d425bdf160c739803&auth_timestamp=1353088179&auth_version=1.0&body_md5=ec365a775a4cd0599faeb73354201b6f' | openssl dgst -sha256 -hex -hmac 7ad3773142a6692b25b8
and I get 
aa368756587116f3997427fe1b315ed0e2f2faa555066e565a25cfe6f47c9396
as opposed to their example which results in
da454824c97ba181a32ccc17a72625ba02771f50b50e1e7430e47a1f3f457e6c

解决方案
Try the following:
#!/bin/bash

key="my_key"
secret="my_secret"
appID="my_app_id"

timestamp=$(date +%s)
data='{"name":"say_stuff","channel":"test","data":"{\"message\":\"oh_yeah\"}"}'
# Be sure to use `printf %s` to prevent a trailing \n from being added to the data.
md5data=$(printf '%s' "$data" | md5)

path="/apps/${appID}/events"
queryString="auth_key=${key}&auth_timestamp=${timestamp}&auth_version=1.0&body_md5=${md5data}"

# Be sure to use a multi-line, double quoted string that doesn't end in \n as 
# input for the SHA-256 HMAC.
authSig=$(printf '%s' "POST
$path
$queryString" | openssl dgst -sha256 -hex -hmac "$secret")

curl -H "Content-Type:application/json" -d "$data" "http://api.pusherapp.com${path}?${queryString}&auth_signature=${authSig}"
There were several problems with your code:


By using echo you appended a trailing newline to the input fed to md5 and openssl, which altered the data.
The \n sequences in the string to pass to openssl are meant to represent actual newlines, whereas you used them as literals.


Also, I've de-duplicated the code, used ${name} variable references (names enclosed in curly braces) for better visual clarity,
and I've also fixed the double-quoting problems.



Regarding the sample hash from the website: again, your problems were using echo and not expanding the embedded \n sequences to actual newlines; the following shell command does give the correct result:
# Expand the '\n' sequences to newlines using an ANSI C-quoted string
# ($'...')
s=$'POST\n/apps/3/events\nauth_key=278d425bdf160c739803&auth_timestamp=1353088179&auth_version=1.0&body_md5=ec365a775a4cd0599faeb73354201b6f'
# Pass to openssl using `printf %s`.
printf %s "$s" | openssl dgst -sha256 -hex -hmac 7ad3773142a6692b25b8


                        
这篇关于如何从Bash生成Pusher认证字符串？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！