HTTP Signature Authentication

Table 3 Required Information from the Business Center
Information	Description
Serial number/ key ID	The serial number of the signing certificate/key pair. Obtain this in the Business Center’s Key Management area. For more information, see Creating a Shared Secret Key for HTTP Signature.
Shared Secret Key	Obtain this in the Business Center’s Key Management area. For more information, see Creating a Shared Secret Key for HTTP Signature.
Merchant ID	This is the ID of the merchant account that generated the shared secret key in the Business Center.

POST https://api.cybersource.com/pts/v2/payments
HTTP/1.1
Content-Type: application/json

v-c-merchant-id: merchant123
Host: api.cybersource.com
Date: Wed, 25 Dec 2017 00:23:05 GMT
Digest: SHA-256=bena9bhB3Jy4uPvfu1tAC0uN8AuzzM+xjqmDwR5//EA=

Signature: keyid="4853015631630181645627", algorithm="SHA256withRSA", headers="host date (request-target) digest v-c-merchant-id", signature="q+j2M0fIQ1lIJJnjVtSISR0IZMTnury5m+XqZDNvCsHeF4WxhdOotqIIqqzEUoXMDcwPXVOUNJYXBBn1TaWLSisCO9ZIvVZghuJV3VwW1xqg9Rtyu6rxDZ1fLv+GMo4gUEV9y3sJq7cfJ0HZRN05ud/FRZYTeMlVWC5hXE2WRqhbtPg="


HashMap map = new HashMap(); map.put("keyid", merchantConfig.getKeyId()); map.put("host", merchantConfig.getRequestHost()); map.put("v-c-merchant-id", merchantId); map.put("(request-target)", merchantConfig.getRequestTarget()); String hdrRequestDigest = " digest"; map.put("headers", "host date (request-target)" + hdrRequestDigest + " " + "v-c-merchant-id"); SecretKeySpec secretKey = new SecretKeySpec(Base64.getDecoder().decode(merchantConfig.getSecretKey()), "HmacSHA256"); HttpSignatureHeader httpSignatureHeader = HttpSignature.createHttpSignatureHeaders(requestBody, map, secretKey); Connection connection = Connection.getInstance(merchantConfig, logger); connection.setHeader("Content-Type", "application/json"); connection.setHeader("date", (String)httpSignatureHeader.getHeaders().get("date")); connection.setHeader("digest", (String)httpSignatureHeader.getHeaders().get("digest"));
connection.setHeader("host", (String)httpSignatureHeader.getHeaders().get("host")); connection.setHeader("v-c-merchant-id", (String)httpSignatureHeader.getHeaders().get("v-c-merchant-id")); connection.setHeader("signature", httpSignatureHeader.getSignatureHeader()); logger.log("REQUEST ", "Signed headers... " + connection.getHeaderMap().toString()); return connection.post(requestBody);


public static HttpSignatureHeader createHttpSignatureHeaders(String messageBody, Map<String, String> headers, SecretKey secretKey) { HashMap parsed = new HashMap(); headers.forEach((k, v) -> { parsed.put(k.toLowerCase().trim(), v); }); String signatureString = prepareSignatureCreationString(messageBody, parsed); Mac aKeyId = Mac.getInstance("HmacSHA256"); aKeyId.init(secretKey); aKeyId.update(signatureString.getBytes()); byte[] aHeaders = aKeyId.doFinal(); String base64EncodedSignature = Base64.getEncoder().encodeToString(aHeaders); parsed.put("algorithm", "HmacSHA256"); String aKeyId1 = (String)parsed.get("keyid"); String aHeaders1 = (String)parsed.get("headers"); StringBuilder signatureHeaderValue = new StringBuilder(); signatureHeaderValue.append("keyid=\"" + aKeyId1 + "\""); signatureHeaderValue.append(", algorithm=\"HmacSHA256\""); signatureHeaderValue.append(", headers=\"" + aHeaders1 + "\""); signatureHeaderValue.append(", signature=\"" + base64EncodedSignature + "\""); return new HttpSignatureHeader(parsed, signatureHeaderValue.toString()); } else { LOGGER.error("Null or empty signature String value"); return null; } private static String prepareSignatureCreationString(String messageBody, Map<String, String> parsed) { String keyid = (String)parsed.get("keyid"); String headers = (String)parsed.get("headers"); String host = (String)parsed.get("host"); if(keyid != null && !keyid.isEmpty() && headers != null && !headers.isEmpty() && host != null && !host.isEmpty()) { gmtDateTime = DateTimeFormatter.RFC_1123_DATE_TIME.format(ZonedDateTime.now(ZoneId.of("GMT"))); parsed.put("date", gmtDateTime);
if(isNotEmpty(messageBody)) { String bluePrint; try { MessageDigest signatureString = MessageDigest.getInstance("SHA-256"); byte[] digestBytes = signatureString.digest(messageBody.getBytes()); bluePrint = Base64.getEncoder().encodeToString(digestBytes); } catch (NoSuchAlgorithmException var12) { LOGGER.error("HttpSignature:createHttpSignatureHeaders - Cannot create digest"); return null; } parsed.put("digest", "SHA-256=" + bluePrint); } } String[] splitHeader = headers.split(" "); signatureStringer signatureString = new signatureStringer(); String[] splitHeader2 = splitHeader; for(int headerLoop = 0; headerLoop < splitHeader.length; ++headerLoop) { String s = splitHeader2[headerLoop]; if(!parsed.containsKey(s)) { LOGGER.error("HttpSignature:createHttpSignatureHeaders - Missing passed or calculated headers"); return null; } signatureString.append('\n'); signatureString.append(s); signatureString.append(": "); signatureString.append((String)parsed.get(s)); } signatureString.delete(0, 1); return signatureString.toString(); }