Secciones

Signing instagram request

Inicio » Artículos » Signing instagram request
La categoría del artículo es
Escrito el 16 December 2016, 14:19


As Instagram API states in its docs, You can secure your API calls and mitigate impersonation attempts by making server-side calls and passing a per-request signature using your Client Secret, but how to do that in Java/Groovy?


As Instagram API states in its docs, You can secure your API calls and mitigate impersonation attempts by making server-side calls and passing a per-request signature using your Client Secret, but how to do that in Java/Groovy?

groovy:
@Grapes(
    @Grab(group='commons-codec', module='commons-codec', version='1.10')
)
import javax.crypto.Mac
import javax.crypto.spec.SecretKeySpec
import org.apache.commons.codec.binary.Hex

Mac sha256_HMAC = Mac.getInstance("HmacSHA256")
SecretKeySpec secret_key = new SecretKeySpec("my-app-secret".bytes, "HmacSHA256")
sha256_HMAC.init(secret_key)

String stringUrl = "https://api.instagram.com/media/657988443280050001_25025320?access_token=my-access-tokend&count=10"
URL url = new URL(stringUrl)

return Hex.encodeHexString(sha256_HMAC.doFinal("${url.path}|${url.query.replace('&','|')}".toString().getBytes("UTF-8")))
 

This script uses the library Apache Commons Codec


Looking forward your comments

Ayuda Textile