we are using below java methods to provice HMAC->SHA1 signature.But its showing the signature doesnt match in sso console.Please try to help in this issue.let me know if there is any other methods to use in java.What methods is being used by disqus to generate the signature from message and timestamp -
/**
* To convert into base16
*
* @param bytes
* @return
*/
private static String toHexString(byte[] bytes) {
Formatter formatter = new Formatter();
for (byte b : bytes) {
formatter.format("%02x", b);
}
return formatter.toString();
}
/**
*
* @param data
* @param key
* @return
* @throws SignatureException
* @throws NoSuchAlgorithmException
* @throws InvalidKeyException
*/
public static String calculateRFC2104HMAC(String data, String key)
throws SignatureException, NoSuchAlgorithmException,
InvalidKeyException {
final String HMAC_SHA1_ALGORITHM = "HmacSHA1";
SecretKeySpec signingKey = new SecretKeySpec(key.getBytes(),
HMAC_SHA1_ALGORITHM);
Mac mac = Mac.getInstance(HMAC_SHA1_ALGORITHM);
mac.init(signingKey);
return toHexString(mac.doFinal(data.getBytes()));
//return DatatypeConverter.printBase64Binary(mac.doFinal(data.getBytes()));
}
Reference: Disqus sso java
Hmac sha1 method returns hex string of the encripted message.I had to make sure that the secret key we pass to the method is correct. It solved the problem.