i am trying to do a generic - hmac verification with an iOS app and an express node.js app.
generating the hmac using given samples at: http://ift.tt/1P42qG1
having the following problem: subclassed AFHTTPRequestOperationManager to gain access to POST: i want to hmac the nsdictionary parameters.
so convert the nsdicionary to json - hmac it - and set hmac header in request. on the receiver side, i use crypto-js and express to access the req.body - and hmac the json object.
problem is! - thos keys are not in same oder, even if i force the sort on the keys in nsdictionary, the transoformed json does not come in the order way.
after hours of googling i accepted that json objects cannot be orderd, in an reliable way.
so what is the best-practice to hmac an nsdictionary, by ignoring the order? (i could hmac on only a few keys, but that would be way to less generic, mean adding a dictionary key would require code change in ios and express)
generating the hmac only based on the URI - works fine, but its a way to open :)
regards helmut
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire