102 lines
3.0 KiB
PHP
102 lines
3.0 KiB
PHP
<?php
|
|
|
|
namespace App\Services;
|
|
|
|
// use PHPUnit\Framework\TestCase;
|
|
|
|
class BcaSignatureService
|
|
{
|
|
|
|
public function generateSignature($method, $relativeUrl, $accessToken, $body, $timestamp, $apiSecret)
|
|
{
|
|
$bodyHash = hash('sha256', $body);
|
|
|
|
$stringToSign = strtoupper($method) . ':' .
|
|
$relativeUrl . ':' .
|
|
$accessToken . ':' .
|
|
strtolower($bodyHash) . ':' .
|
|
$timestamp;
|
|
|
|
return hash_hmac('sha256', $stringToSign, $apiSecret);
|
|
}
|
|
|
|
// public function test_generate_signature_post()
|
|
// {
|
|
// $method = 'POST';
|
|
// $relativeUrl = '/test/api';
|
|
// $accessToken = 'dummy_token';
|
|
// $timestamp = '2026-04-10T10:00:00.000+07:00';
|
|
// $apiSecret = 'secret123';
|
|
|
|
// $body = json_encode([
|
|
// "foo" => "bar"
|
|
// ]);
|
|
|
|
// $signature = $this->generateSignature(
|
|
// $method,
|
|
// $relativeUrl,
|
|
// $accessToken,
|
|
// $body,
|
|
// $timestamp,
|
|
// $apiSecret
|
|
// );
|
|
|
|
// // Expected manual calculation (hardcode hasil dari tool / Postman)
|
|
// $expected = hash_hmac('sha256',
|
|
// 'POST:/test/api:dummy_token:' . hash('sha256', $body) . ':' . $timestamp,
|
|
// $apiSecret
|
|
// );
|
|
|
|
// $this->assertEquals($expected, $signature);
|
|
// }
|
|
|
|
// public function test_generate_signature_get_empty_body()
|
|
// {
|
|
// $method = 'GET';
|
|
// $relativeUrl = '/test/api';
|
|
// $accessToken = 'dummy_token';
|
|
// $timestamp = '2026-04-10T10:00:00.000+07:00';
|
|
// $apiSecret = 'secret123';
|
|
|
|
// $body = '';
|
|
|
|
// $signature = $this->generateSignature(
|
|
// $method,
|
|
// $relativeUrl,
|
|
// $accessToken,
|
|
// $body,
|
|
// $timestamp,
|
|
// $apiSecret
|
|
// );
|
|
|
|
// $expectedBodyHash = hash('sha256', '');
|
|
|
|
// $expected = hash_hmac('sha256',
|
|
// 'GET:/test/api:dummy_token:' . $expectedBodyHash . ':' . $timestamp,
|
|
// $apiSecret
|
|
// );
|
|
|
|
// $this->assertEquals($expected, $signature);
|
|
// }
|
|
|
|
// public function test_string_to_sign_format()
|
|
// {
|
|
// $method = 'post'; // sengaja lowercase
|
|
// $relativeUrl = '/test/api';
|
|
// $accessToken = 'token';
|
|
// $timestamp = '2026-04-10T10:00:00.000+07:00';
|
|
// $body = '{"a":1}';
|
|
|
|
// $bodyHash = hash('sha256', $body);
|
|
|
|
// $stringToSign = strtoupper($method) . ':' .
|
|
// $relativeUrl . ':' .
|
|
// $accessToken . ':' .
|
|
// strtolower($bodyHash) . ':' .
|
|
// $timestamp;
|
|
|
|
// $this->assertStringStartsWith('POST:', $stringToSign);
|
|
// $this->assertStringContainsString($relativeUrl, $stringToSign);
|
|
// $this->assertStringContainsString($accessToken, $stringToSign);
|
|
// }
|
|
} |