Signature-Bash¶
#!/bin/bash
# origine de la requête (~ identifiant)
orig="foobar"
# clé à utiliser pour la requête (~ mot de passe)
key="XXX"
# cmd arg, example "https://demarches.example.net/api/formdefs/"
url=$1
qs=$(echo $url | cut -d? -f2)
url=$(echo $url | cut -d? -f1)
function rawurlencode() {
local string="${1}"
local strlen=${#string}
local encoded=""
local pos c o
for (( pos=0 ; pos<strlen ; pos++ )); do
c=${string:$pos:1}
case "$c" in
[-_.~a-zA-Z0-9] ) o="${c}" ;;
* ) printf -v o '%%%02x' "'$c"
esac
encoded+="${o}"
done
echo "${encoded}" # You can either set a return variable (FASTER).
REPLY="${encoded}" #+or echo the result (EASIER)... or both... :p
}
d=$(date -u +%FT%TZ);
sig=$(rawurlencode $(echo -n "$qs&algo=sha256×tamp=$d&orig=$orig" | openssl dgst -binary -sha256 -hmac $key | base64))
url="${url}?$qs&algo=sha256×tamp=$d&orig=$orig&signature=$sig"
echo "URL: $url"