perl 生成shopify多遍令牌

laik7k3q  于 2023-03-03  发布在  Perl
关注(0)|答案(1)|浏览(120)

我尝试在Perl中生成shopify多通道令牌,但总是收到无效的请求响应。我的客户数据包括:
{"电子邮件":" www.example.com ","姓氏":randomEmail@gmail.com"名字"} "last_name", "first_name": "first_name"}
我已证明有效的内容:

  • 客户数据格式和信息
  • API密钥
  • 存储URL
  • 加密和签名密钥
  • 时间格式为UTC

下面是我当前的实现

sub generate_multipass_token {
    use JSON qw(encode_json);
    use MIME::Base64 qw(encode_base64);
    use Digest::SHA qw(sha256 hmac_sha256);
    use Crypt::CBC;
    use Crypt::Cipher::AES;
    use POSIX qw(strftime);
    use Encode qw(encode);

    my ($customer_data) = @_;

    my $store_api_key = '';
    my $store_url = '';

        my $hash = sha256($store_api_key);
    my $encryption_key = substr($hash, 0, 16);
    my $signing_key = substr($hash, 16, 16);

    my ($sec, $min, $hour, $day, $mon, $year) = gmtime();
    my $formatted_time = sprintf("%04d-%02d-%02dT%02d:%02d:%02dZ", $year+1900, $mon+1, $day, $hour, $min, $sec);

    # Add the formatted time to the customer data
    $customer_data->{created_at} = $formatted_time;

    # JSON-encode the customer data
    my $json_customer_data = encode_json($customer_data);

    # Encrypt the customer data using AES
    my $iv = Crypt::CBC->random_bytes(16);
    my $cipher = Crypt::CBC->new(
        -key     => $encryption_key,
        -iv      => $iv,
        -cipher  => 'Cipher::AES',
        -header  => 'none',
    );
    my $encrypted_data = $cipher->encrypt($json_customer_data);
    $encrypted_data = $iv . $encrypted_data;

    my $signature = hmac_sha256($encrypted_data, $signing_key);
    my $token = encode_base64url($encrypted_data . $signature);

    return "$store_url/account/login/multipass/" . $token;
}

sub encode_base64url  {
    my $data = shift;
    my $encoded = encode_base64($data, '');
    $encoded =~ tr{+/}{-_};
    $encoded =~ s/=+$//;
    return $encoded;
}

我已经使用python的spylib测试了存储信息,并且能够在那里生成一个有效的标记,当比较变量时,标记长度最终达到相同的长度(注解掉检查这个的时间)。
我不知道我哪里出错了,php中的https://shopify.dev/docs/api/multipass和我的实现非常相似,我想可能是加密的问题,但不知道是什么。

axzmvihb

axzmvihb1#

所需变更为:

my $cipher = Crypt::CBC->new(
    -key     => $encryption_key,
    -iv      => $iv,
    -cipher  => 'OpenSSL::AES',
    -header  => 'none',
    -literal_key => 1,
    -keysize    => 128/8
);

相关问题