Ask a Question
Log In / Sign Up
Resources
Ask a Question
Log In Sign Up

Need to generate hmac-sha1 signature to send it part of REST request header. Any help??

SOLVED
Solved
VirtualTechie
New Contributor
‎09-21-2015 01:47 PM
‎09-21-2015 01:47 PM

Need to generate hmac-sha1 signature to send it part of REST request header. Any help??

Hi Team,

     We are trying to analyse soapUI as an automation tool to automate our RESTful API regression tests. But while doing a prototype we are faing an issue in setting up the headers for REST requests. As we use hmac-sha1 encrytped signature [generated using a epoch timestamp, username and secret]. We didn't find any resource online which does the same, Could you please throw some light there?

 

Any response is highly appreciated.

 

Thanks!

0 Kudos
3 REPLIES 3
nmrao
Community Hero
Community Hero
‎09-21-2015 08:55 PM
‎09-21-2015 08:55 PM

Found this thread which is a bit old and not sure if there are any updates after that.
https://community.smartbear.com/t5/SoapUI-NG/oAuth-HMAC-SHA1-Signature-Support/m-p/17649#U17649


Regards,
Rao.
0 Kudos
nmrao
Community Hero
Community Hero
‎09-21-2015 08:59 PM
‎09-21-2015 08:59 PM

See also if this is helpful
https://community.smartbear.com/t5/SoapUI-Open-Source/oAuth-and-REST-testing-using-SOAPUI/m-p/11226#...


Regards,
Rao.
0 Kudos
VirtualTechie
New Contributor
In response to nmrao
‎09-29-2015 01:34 PM
‎09-29-2015 01:34 PM

Hi Rao,

     I couldn't find a solution from those discussions. But I got it resolved using some groovy scripts.

 

Pasting it down here, if somebody feels helpful.

 

 

*****************************

import java.nio.charset.StandardCharsets;
import java.security.SignatureException
import java.security.spec.EncodedKeySpec;
import com.eviware.soapui.support.types.StringToStringMap 
import javax.crypto.Mac
import javax.crypto.spec.SecretKeySpec
import java.sql.Date.*;

  def now = new Date()
  def timestamp = ""+Math.round(now.getTime()/1000);
        //Parameters used to generate the signature
		String username = "username";
		String secret = "secret"
		String parameter2 = "param2"
		log.info "Timestamp Genereated : "+timestamp
		String signature=""
		try {
		
			// get an hmac_sha1 key from the raw key bytes
			
			SecretKeySpec signingKey = new SecretKeySpec(secret.getBytes(), "HmacSHA256");
			
			// get an hmac_sha1 Mac instance and initialize with the signing key
			Mac mac = Mac.getInstance("HmacSHA256");
			mac.init(signingKey);
			
			// compute the hmac on input data bytes
			
		String message = new StringBuilder().append (username).append (parameter2).append (timestamp).toString ();
			
		   byte [] signatureBytes = mac.doFinal (message.getBytes(StandardCharsets.UTF_8));
		   log.info signatureBytes
		   signature = signatureBytes.encodeHex()
	   
		
		} catch (Exception e) {
			throw new SignatureException("Failed to generate HMAC : " + e.getMessage());
		}
	 
		def headers = new StringToStringMap()
          headers.put("X-E2-HMAC-Signature",signature)
          headers.put("X-E2-HMAC-Timestamp",timestamp)
          headers.put("X-E2-Username",username)
          headers.put("X-E2-Parameter2",parameter2)
          //Set the headers for that the teststep 
		testRunner.testCase.getTestStepByName("Step1").testRequest.setRequestHeaders(headers)

*****************************

 

Thanks,

VT

Subscribe
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: