This is on Oracle 12c.
I have worked with other REST calls in the past for pulling data, but this auth method is new to me, and not sure how do-able it is in oracle. I have the first few requirements done when it needs to take the key, and add epoch times, add randoms, etc.. However I am now at the point that I need to hash the secret with the key.
The secret is a base64, and these are the instructions of what to do with it:
Hash the Message Signature
•Convert your API secret from a base64 string to a byte array (secretBytes).
•Convert the signature into a byte array using UTF8 encoding (signatureBytes).
•Compute the hash ofsignatureBytesusing a HMAC SHA256 algorithm withsecretBytesas the key (hashBytes).
•ConverthashBytesto a base64 string (hashBase64)
They provided two examples in c# and javascript, but I am having trouble translating that into SQL.
c#:
// Get byte arrays for the signature and secret
var signature = Encoding.UTF8.GetBytes(signatureData);
var secretBytes = Convert.FromBase64String(_secret);
// Compute the hash of the signature using HMAC SHA256
using(var hmac = newHMACSHA256(secretBytes))
{
var signatureBytes = hmac.ComputeHash(signature);
var signatureBase64 = Convert.ToBase64String(signatureBytes);
...
}
js:
encryptString: function(string, encryptionString)
{
var sjcl = window.sjcl;
return sjcl.codec.base64.fromBits( new sjcl.misc.hmac(sjcl.codec.base64.toBits(encryptionString),sjcl.hash.sha256).mac(string));
}
I have looked at the UTL_encodes and newer hmac stuff in 12c but i'm still really confused -- Not even sure if it's possible?
Thank you for any direction