我尝试在Perl中生成shopify多通道令牌,但总是收到无效的请求响应。我的客户数据包括:
{"电子邮件":" www.example.com ","姓氏":randomEmail@gmail.com"名字"} "last_name", "first_name": "first_name"}
我已证明有效的内容:
- 客户数据格式和信息
- API密钥
- 存储URL
- 加密和签名密钥
- 时间格式为UTC
下面是我当前的实现
sub generate_multipass_token {
use JSON qw(encode_json);
use MIME::Base64 qw(encode_base64);
use Digest::SHA qw(sha256 hmac_sha256);
use Crypt::CBC;
use Crypt::Cipher::AES;
use POSIX qw(strftime);
use Encode qw(encode);
my ($customer_data) = @_;
my $store_api_key = '';
my $store_url = '';
my $hash = sha256($store_api_key);
my $encryption_key = substr($hash, 0, 16);
my $signing_key = substr($hash, 16, 16);
my ($sec, $min, $hour, $day, $mon, $year) = gmtime();
my $formatted_time = sprintf("%04d-%02d-%02dT%02d:%02d:%02dZ", $year+1900, $mon+1, $day, $hour, $min, $sec);
# Add the formatted time to the customer data
$customer_data->{created_at} = $formatted_time;
# JSON-encode the customer data
my $json_customer_data = encode_json($customer_data);
# Encrypt the customer data using AES
my $iv = Crypt::CBC->random_bytes(16);
my $cipher = Crypt::CBC->new(
-key => $encryption_key,
-iv => $iv,
-cipher => 'Cipher::AES',
-header => 'none',
);
my $encrypted_data = $cipher->encrypt($json_customer_data);
$encrypted_data = $iv . $encrypted_data;
my $signature = hmac_sha256($encrypted_data, $signing_key);
my $token = encode_base64url($encrypted_data . $signature);
return "$store_url/account/login/multipass/" . $token;
}
sub encode_base64url {
my $data = shift;
my $encoded = encode_base64($data, '');
$encoded =~ tr{+/}{-_};
$encoded =~ s/=+$//;
return $encoded;
}
我已经使用python的spylib测试了存储信息,并且能够在那里生成一个有效的标记,当比较变量时,标记长度最终达到相同的长度(注解掉检查这个的时间)。
我不知道我哪里出错了,php中的https://shopify.dev/docs/api/multipass和我的实现非常相似,我想可能是加密的问题,但不知道是什么。
1条答案
按热度按时间axzmvihb1#
所需变更为: