HMAC signing of API Call body

Hi,

I need to create API calls where the JSON in the request body is used to generate an HMAC signature. This signature is then sent in an HTTP header with the call.

This Web Crypto API doesn’t seem to be available in Code Studio:

What is the best way to generate the HMAC in Code Studio?

Is it possible to get the full and final API request body and set a HTTP header value derived from it?
(Or do I need to cache these before creating the API request?)

Thanks,
Paul

Frosse
Netcall Partner

Not that I’ve tested this, but is there anything you can do with a “Request line processor” and use Crypto.js in your data processor?

I messed around with HMAC for verifying the x-locust-signature from a Liberty Connect App header.

I downloaded the v4.1.1 min version of the library (downloaded from accessing the link from here: crypto-js - Libraries - cdnjs - The #1 free and open source CDN built to make life easier for developers) and added the .js file to the data processor. Then referenced it as follows:

const CryptoJS = require("./crypto-js.min.4.1.1.js");
...
let hash = CryptoJS.HmacSHA1(body, VERIFCATION_TOKEN);
hash = CryptoJS.enc.Hex.stringify(hash);
...

Just a thought.

Regards,

Neil.

Hi Neil,

I was hoping someone had trod this path before me!

I had observed that CryptoJS did not seem to be available natively in CS in any form (in the same way it is in browsers).

I hadn’t got as far as trying to include it manually as a library. Excellent news this worked for you. I will give it a go!

Thanks,
Paul

Frosse
Netcall Partner