Reputation: 7100
Library for generating HMAC-SHA1 OAuth signature on Android?
Using the specifications below I need to create an oauth_signature on Android. I'm looking for a library that handles the boiler plate code in creating a signature for accessing resources via OAuth.
Construct a signature "base string", which consists of a concatenation of three request elements:
- The HTTP request method.
- The base URL the request is being sent to. This URL should not include any query parameters. When signing calls to Google services, refer to the OAuth specification, Section 9.1.2, for relevant instructions.
- A normalized string of the parameters in the request (excluding the oauth_signature parameter). This includes parameters sent in the request header or body, as well as query parameters added to the request URL. To normalize the string, sort the parameters using lexicographical byte value ordering. For more details on normalizing this string, see Section 9.1.1 of the OAuth specification.
Generate an oauth_signature using one of the following sequences:
- If your application is registered and you're using HMAC-SHA1, use the OAuth "consumer secret" value generated during registration; this value is displayed on your domain's registration page.
Upvotes: 11
Views: 13110
Answers (4)
Reputation: 1114
Here is the code i used, just pass the value and key to the hmacSha1().. it returns hmacsha1 string;
private static String hmacSha1(String value, String key)
throws UnsupportedEncodingException, NoSuchAlgorithmException,
InvalidKeyException {
String type = "HmacSHA1";
SecretKeySpec secret = new SecretKeySpec(key.getBytes(), type);
Mac mac = Mac.getInstance(type);
mac.init(secret);
byte[] bytes = mac.doFinal(value.getBytes());
return bytesToHex(bytes);
}
private final static char[] hexArray = "0123456789abcdef".toCharArray();
private static String bytesToHex(byte[] bytes) {
char[] hexChars = new char[bytes.length * 2];
int v;
for (int j = 0; j < bytes.length; j++) {
v = bytes[j] & 0xFF;
hexChars[j * 2] = hexArray[v >>> 4];
hexChars[j * 2 + 1] = hexArray[v & 0x0F];
}
return new String(hexChars);
}
Upvotes: 1
Reputation: 3038
In answer to Will's question on Chris's answer, you could use the built in android javax.crypto.mac to generate the hmacsha1 signature using following code (standard Java JCE provider apis):
Mac mac = Mac.getInstance("HmacSHA1");
SecretKeySpec secret = new SecretKeySpec(key.getBytes(), mac.getAlgorithm());
mac.init(secret);
byte[] digest = mac.doFinal(baseString.getBytes());
byte[] result=Base64.encode(digest, DEFAULT);
Where 'secret' would be you text you wanted to encode and 'result' above would be your hash encoded signature.
Upvotes: 12
Reputation: 1619
I've used this library for an Android OAuth Client: http://code.google.com/p/oauth-signpost/
Upvotes: 0
Reputation: 222973
I don't know anything about OAuth, but you can use javax.crypto.Mac to generate HMAC-SHA1 value (use HmacSHA1 as the algorithm name):
Mac hmac = Mac.getInstance("HmacSHA1");
Upvotes: 1
Related Questions
- How to obtain Signing certificate fingerprint (SHA1) for OAuth 2.0 on Android?
- How make Android Java HMAC SHA256 as in PHP?
- Java library to generate Oauth1.0a signature
- HMACSHA1 oauth_signature in java
- How to generate an HMAC in Java equivalent to a Python example?
- Convert hash_hmac into android java
- How to generate HMAC-SHA1 Signature in android?
- OAuth generate signature
- HMAC SHA1 Signature in Java
- How to Generate HMAC MD5 In Android?