topic Re: How to Set Up HMAC SHA256 Authentication in Talend Studio

How to Set Up HMAC SHA256 Authentication

Anonymous — Sat, 16 Nov 2024 09:03:57 GMT

Hi,

Could someone please let me know how to create the hash authentication using Talend components to fetch data from API. Below is the steps to follow.. I am able to decode the key with Base 64 using t Java component.. but stuck with step 2 mentioned below.

Decode the API key’s secret from Base64 to raw bytes. - I am able to do this using tJava component.
Create the hash using HMAC SHA-256 over the canonical request with the decoded API key secret.
Encode the hash with Base64

Re: How to Set Up HMAC SHA256 Authentication

Anonymous — Mon, 13 Nov 2017 11:38:42 GMT

Hi Ramya,

I'd like to help, but this really isn't a Talend question, it is a Java question. I'd have to Google it myself and I am a little snowed at the moment. If I knew the answer off the top of my head, I would happily help.

Regards

Richard

Re: How to Set Up HMAC SHA256 Authentication

venkat5121 — Tue, 27 Mar 2018 02:05:16 GMT

I am not seeing the Solution text here. please explain how you could resolve this? Thx.

Re: How to Set Up HMAC SHA256 Authentication

Anonymous — Tue, 27 Mar 2018 09:30:15 GMT

Sorry the content is missing @venkat5121, I certainly haven't removed it. I've contacted the community manager about the content going missing so hopefully it will reappear very soon. Can you explain your problem and I maybe able to point you to a solution which is specific to your issue

Re: How to Set Up HMAC SHA256 Authentication

venkat5121 — Tue, 27 Mar 2018 20:19:27 GMT

I am trying to bring data from an API call.

I have below details

URL
authorization details (it is not straight forward, it is using some coding to derive this HMAC SHA256 signature digest)

I don't know if I can use tRESTClient or tJava or any other component to establish this call and retrieve those data files.

And even if there is one, is there any specific syntax, order or parameters to follow to enter those java codes in configuring such components?

Re: How to Set Up HMAC SHA256 Authentication

Anonymous — Tue, 27 Mar 2018 21:45:06 GMT

OK, hopefully my original post can be found because I think I went into a bit of detail with it. But what you are going to need to do is create a Routine to do this. You can find an example of how to do this in code here (https://www.jokecamp.com/blog/examples-of-creating-base64-hashes-using-hmac-sha256-in-different-languages/#java). You will be able to submit your call using the tRestClient, but the REST service specification will need to be followed closely in order to do this. There is seldom a generic way of working with web services, so I can't tell you how to do this from the brief description you have given. This sort of thing usually takes me a while reading the spec and then a few attempts at different solutions before I get it right.

Re: How to Set Up HMAC SHA256 Authentication

venkat5121 — Tue, 27 Mar 2018 22:40:47 GMT

Thanks for quick reply.

if you don't overwhelm, here is the complete knowledge about it.

I am not a java person and this information is going very very slow to me.

with whatever I understood, I configured the tRestClient as below:

Basic Settings

URL: "https://portal.inshosteddata.com"
Relative Path: "/api/account/self/dump"
HTTP Method: GET
Accept Type: JSON
Rest all defaults

Now wondering what should I configure within Advanced Settings -> HTTP Headers

how should i give those 8 parameters and make this component understand to convert it to HMAC_SHA256 hash message.

Re: How to Set Up HMAC SHA256 Authentication

Anonymous — Thu, 29 Mar 2018 21:55:47 GMT

Sorry for the inconvenience @rhall and @venkat5121, we're looking into the issue, but so far I couldn't figure out where your message is gone @rhall. Not in the spam quarantine. I'm reporting this to Lithium support.

Elisa

Re: How to Set Up HMAC SHA256 Authentication

Anonymous — Tue, 21 Aug 2018 23:32:57 GMT

I don't suppose your original post ever surfaced, did it? I'm trying to connect to a RESTful API using what looks like a similar authentication process, but the API documentation provides the following Java code to generate the signature from a combination of the query parameters portion of the URL and my private key:

private static string GetSignature(string args, string privatekey) {
    var encoding = new System.Text.ASCIIEncoding();
    byte[ ] key = encoding.GetBytes(privatekey);
    var myhmacsha256 = new HMACSHA256(key);
    byte[ ] hashValue = myhmacsha256.ComputeHash(encoding.GetBytes(args)); 
    string hmac64 = Convert.ToBase64String(hashValue); 
    myhmacsha256.Clear();
    return hmac64; 
    }

The trouble I'm having is that I don't know how to set up this function in OpenStudio, or how to call it when specifying the "api-auth-signature" parameter for my tRestClient component.

What am I missing?

I'm new here, obviously. I don't know if it shows...

David