Library for generating HMAC-SHA1 OAuth signature on Android?
12,455
Solution 1
I've used this library for an Android OAuth Client: http://code.google.com/p/oauth-signpost/
Solution 2
In answer to Will's question on Chris's answer, you could use the built in android javax.crypto.mac to generate the hmacsha1 signature using following code (standard Java JCE provider apis):
Mac mac = Mac.getInstance("HmacSHA1");
SecretKeySpec secret = new SecretKeySpec(key.getBytes(), mac.getAlgorithm());
mac.init(secret);
byte[] digest = mac.doFinal(baseString.getBytes());
byte[] result=Base64.encode(digest, DEFAULT);
Where 'secret' would be you text you wanted to encode and 'result' above would be your hash encoded signature.
Solution 3
I don't know anything about OAuth, but you can use javax.crypto.Mac to generate HMAC-SHA1 value (use HmacSHA1 as the algorithm name):
Mac hmac = Mac.getInstance("HmacSHA1");
Solution 4
Here is the code i used, just pass the value and key to the hmacSha1().. it returns hmacsha1 string;
private static String hmacSha1(String value, String key)
throws UnsupportedEncodingException, NoSuchAlgorithmException,
InvalidKeyException {
String type = "HmacSHA1";
SecretKeySpec secret = new SecretKeySpec(key.getBytes(), type);
Mac mac = Mac.getInstance(type);
mac.init(secret);
byte[] bytes = mac.doFinal(value.getBytes());
return bytesToHex(bytes);
}
private final static char[] hexArray = "0123456789abcdef".toCharArray();
private static String bytesToHex(byte[] bytes) {
char[] hexChars = new char[bytes.length * 2];
int v;
for (int j = 0; j < bytes.length; j++) {
v = bytes[j] & 0xFF;
hexChars[j * 2] = hexArray[v >>> 4];
hexChars[j * 2 + 1] = hexArray[v & 0x0F];
}
return new String(hexChars);
}
Related videos on Youtube
02 : 13
How to Generate SHA1 key in Android Studio 2022
![How To Generate SHA1 Key In Latest Android Studio Tutorial | SHA1 Finger Print Certificate [2022]](https://i.ytimg.com/vi/dwmMTsHFkbc/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLAS6ELHV2Y94sPGm8Sq-QBEV4qXsA)
02 : 11
How To Generate SHA1 Key In Latest Android Studio Tutorial | SHA1 Finger Print Certificate [2022]
02 : 28
How to Generate SHA1 Key In Latest Android Studio 2022 | How to get Sha256 Key | Dee Dev Tutorial
02 : 33
Wordpress: How to generate HMAC-SHA1 signature to use with WP REST API and OAuth1?
03 : 55
Generate SHA1 Key In Latest Android Studio 4.2.1 2021| #SigningReport not showing Solved #SHA1
06 : 33
HMAC explained | keyed hash message authentication code
01 : 21
How to generate SHA1 finger print certificate android studio
04 : 18
android studio 4.2 doesn't show #signing report in gradle bar | #SHA1 Not Showing Problem Solved
06 : 46
HMAC sha256 key generator (java) - Rest assured api automation framework
17 : 24
HMAC using python
03 : 50
Android Studio How to Find Apk SHA1 with 4 Different Technique. The Definitive Solution.
02 : 39
How to generate SHA1 and SHA256 Certificate Fingerprints in Android Studio 4.2.1
Author by
Will Curran
Updated on May 31, 2022Comments
-
Will Curran almost 2 years
Using the specifications below I need to create an oauth_signature on Android. I'm looking for a library that handles the boiler plate code in creating a signature for accessing resources via OAuth.
-
Construct a signature "base string", which consists of a concatenation of three request elements:
- The HTTP request method.
- The base URL the request is being sent to. This URL should not include any query parameters. When signing calls to Google services, refer to the OAuth specification, Section 9.1.2, for relevant instructions.
- A normalized string of the parameters in the request (excluding the oauth_signature parameter). This includes parameters sent in the request header or body, as well as query parameters added to the request URL. To normalize the string, sort the parameters using lexicographical byte value ordering. For more details on normalizing this string, see Section 9.1.1 of the OAuth specification.
-
Generate an oauth_signature using one of the following sequences:
- If your application is registered and you're using HMAC-SHA1, use the OAuth "consumer secret" value generated during registration; this value is displayed on your domain's registration page.
-
-
Will Curran almost 13 yearsAnd how is that Object used to create a signature? It doesn't seem clear in the documentation.
-
Will Curran almost 13 yearsJust did some testing and while not ideal for accessing GAE endpoints, it works! Thanks.
-
Mahm00d over 10 yearsBase64.encodeBase64()is from Apache's package which doesn't exist in android. Instead,Base64.encode(string,flag)should be used. -
bisthebis over 10 yearsthanx @Mahm00d, i have updated my answer. I have also set the flag param to DEFAULT to get the default encode settings (developer.android.com/reference/android/util/Base64.html)
-
ManishSB about 9 years@WillMerydith But this can't be used for .net or LinkedIn api -
Subin Babu about 6 yearswhat are the parameters? value and key? -
Muneef M about 6 years@SubinBabu . inorder to create a hmacsha1 you need to provide two params a key and a message, the value of these two will depend on your use case. -
Subin Babu about 6 yearsFor Magento API what we pass in server side it is Consumer Secret and Token Secret
-
Muneef M about 6 yearsFor Oauth i dont think you should be passing CS and TS . You need to concatenate a set of URL-encoded attributes and parameters to construct the signature base string. please refer - devdocs.magento.com/guides/v2.0/get-started/authentication/…
