tencent cloud

Feedback

Verify Signature Example

Last updated: 2023-10-08 16:01:32
    Tencent Real-Time Communication(TRTC) console supports self-configuration of callback information. After the configuration is completed, you can receive event callback notifications. Before configuring the callback information, you need to prepare a key for signature calculation. You can define a key with a maximum of 32 characters, composed of uppercase and lowercase letters and numbers.
    This document will help you verify signature after calculating it and show you how to perform an example.

    Signature calculation

    Signatures are calculated using the HMAC SHA256 encryption algorithm. Upon receiving a callback message, your server will calculate a signature using the same method, and if the results match, it indicates that the callback is from TRTC and not forged. See below for the calculation method.
    // In the formula below, `key` is the key used to calculate a signature.
    Sign = base64(hmacsha256(key, body))
    Note
    body is the original packet body of the callback request you receive. Do not make any modifications. Below is an example.
    body="{\\n\\t\\"EventGroupId\\":\\t1,\\n\\t\\"EventType\\":\\t103,\\n\\t\\"CallbackTs\\":\\t1615554923704,\\n\\t\\"EventInfo\\":\\t{\\n\\t\\t\\"RoomId\\":\\t12345,\\n\\t\\t\\"EventTs\\":\\t1608441737,\\n\\t\\t\\"UserId\\":\\t\\"test\\",\\n\\t\\t\\"UniqueId\\":\\t1615554922656,\\n\\t\\t\\"Role\\":\\t20,\\n\\t\\t\\"Reason\\":\\t1\\n\\t}\\n}"

    Verify signature example

    Java
    Python
    PHP
    Golang
    import javax.crypto.Mac;
    import javax.crypto.spec.SecretKeySpec;
    import java.util.Base64;
    //# Function: Third-party callback sign verification
    //# Parameters:
    //# key: The key configured in the console
    //# body: The body returned by the Tencent Cloud callback
    //# sign: The sign value returned by the Tencent Cloud callback
    //# Return Value:
    //# Status: OK indicates that the verification has passed, FAIL indicates that the verification has failed, and the specific reason can be found in the Info
    //# Info: Success/Failure information
    
    public class checkSign {
        public static String getResultSign(String key, String body) throws Exception {
            Mac hmacSha256 = Mac.getInstance("HmacSHA256");
            SecretKeySpec secret_key = new SecretKeySpec(key.getBytes(), "HmacSHA256");
            hmacSha256.init(secret_key);
            return Base64.getEncoder().encodeToString(hmacSha256.doFinal(body.getBytes()));
        }
        public static void main(String[] args) throws Exception {
            String key = "123654";
            String body = "{\\n" + "\\t\\"EventGroupId\\":\\t2,\\n" + "\\t\\"EventType\\":\\t204,\\n" + "\\t\\"CallbackTs\\":\\t1664209748188,\\n" + "\\t\\"EventInfo\\":\\t{\\n" + "\\t\\t\\"RoomId\\":\\t8489,\\n" + "\\t\\t\\"EventTs\\":\\t1664209748,\\n" + "\\t\\t\\"EventMsTs\\":\\t1664209748180,\\n" + "\\t\\t\\"UserId\\":\\t\\"user_85034614\\",\\n" + "\\t\\t\\"Reason\\":\\t0\\n" + "\\t}\\n" + "}";
            String Sign = "kkoFeO3Oh2ZHnjtg8tEAQhtXK16/KI05W3BQff8IvGA=";
            String resultSign = getResultSign(key, body);
    
            if (resultSign.equals(Sign)) {
                System.out.println("{'Status': 'OK', 'Info': 'validation passed'}");
            } else {
                System.out.println("{'Status': 'FAIL', 'Info': 'validation failed'}");
            }
        }
    }
    # -*- coding: utf8 -*-
    import hmac
    import base64
    from hashlib import sha256
    
    # Function: Third-party callback sign verification
    # Parameters:
    # key: The key configured in the console
    # body: The body returned by the Tencent Cloud callback
    # sign: The sign value returned by the Tencent Cloud callback
    # Return Value:
    # Status: OK indicates that the verification has passed, FAIL indicates that the verification has failed, and the specific reason can be found in the Info
    # Info: Success/Failure information
    
    def checkSign(key, body, sign):
        temp_dict = {}
        computSign = base64.b64encode(hmac.new(key.encode('utf-8'), body.encode('utf-8'), digestmod=sha256).digest()).decode('utf-8')
        print(computSign)
        if computSign == sign:
            temp_dict['Status'] = 'OK'
            temp_dict['Info'] = 'validation passed'
            return temp_dict
        else:
            temp_dict['Status'] = 'FAIL'
            temp_dict['Info'] = 'validation failed'
            return temp_dict
    
    if __name__ == '__main__':
        key = '123654'
        body = "{\\n" + "\\t\\"EventGroupId\\":\\t2,\\n" + "\\t\\"EventType\\":\\t204,\\n" + "\\t\\"CallbackTs\\":\\t1664209748188,\\n" + "\\t\\"EventInfo\\":\\t{\\n" + "\\t\\t\\"RoomId\\":\\t8489,\\n" + "\\t\\t\\"EventTs\\":\\t1664209748,\\n" + "\\t\\t\\"EventMsTs\\":\\t1664209748180,\\n" + "\\t\\t\\"UserId\\":\\t\\"user_85034614\\",\\n" + "\\t\\t\\"Reason\\":\\t0\\n" + "\\t}\\n" + "}"
        sign = 'kkoFeO3Oh2ZHnjtg8tEAQhtXK16/KI05W3BQff8IvGA='
        result = checkSign(key, body, sign)
        print(result)
    <?php
    
    class TlsEventSig {
    private $key = false;
    private $body = false;
    public function __construct( $key, $body ) {
    $this->key = $key;
    $this->body = $body;
    }
    
    private function __hmacsha256() {
    $hash = hash_hmac( 'sha256', $this->body, $this->key, true );
    return base64_encode( $hash);
    }
    public function genEventSig() {
    return $this->__hmacsha256();
    }
    }
    
    $key="789";
    $data="{\\n\\t\\"EventGroupId\\":\\t1,\\n\\t\\"EventType\\":\\t101,\\n\\t\\"CallbackTs\\":\\t1608086882372,\\n\\t\\"EventInfo\\":\\t{\\n\\t\\t\\"RoomId\\":\\t20222,\\n\\t\\t\\"EventTs\\":\\t1608086882,\\n\\t\\t\\"UserId\\":\\t\\"222222_phone\\"\\n\\t}\\n}";
    
    $api = new TlsEventSig($key, $data);
    echo $api->genEventSig();
    package main
    import "fmt"
    import (
    "crypto/hmac"
    "crypto/sha256"
    "encoding/base64"
    )
    
    func main () {
    var data = "{\\n\\t\\"EventGroupId\\":\\t1,\\n\\t\\"EventType\\":\\t101,\\n\\t\\"CallbackTs\\":\\t1608086882372,\\n\\t\\"EventInfo\\":\\t{\\n\\t\\t\\"RoomId\\":\\t20222,\\n\\t\\t\\"EventTs\\":\\t1608086882,\\n\\t\\t\\"UserId\\":\\t\\"222222_phone\\"\\n\\t}\\n}"
    var key = "789"
    
    //JSRUN engine 2.0, supporting up to 30 types of languages for online running, with full simulation of online interaction for input and output.
    fmt.Println(hmacsha256(data,key))
    }
    
    func hmacsha256(data string, key string) string {
    h := hmac.New(sha256.New, []byte(key))
    h.Write([]byte(data))
    return base64.StdEncoding.EncodeToString(h.Sum(nil))
    }
    
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support