Skip to main content

Get HMAC Signature

Description

The get_hmac_signature function generates an HMAC SHA256 signature for a given HTTP request using the specified secret key, HTTP method, request path, headers, parameters, and body. This is commonly used for secure authentication in API requests.

Function Signature:

def get_hmac_signature(secret_key: str, method: str, path: str, headers, parameters: dict, body: str = None) -> tuple[str, str] | None:

Parameters

  • secret_key (str): The secret key used to generate the HMAC signature.
  • method (str): The HTTP method (GET, POST, PUT, PATCH, DELETE).
  • path (str): The API path (e.g., /v1/event) to be included in the signature.
  • headers (dict): The headers of the HTTP request (e.g., Content-Type, X-Nonce, etc.).
  • parameters (dict): The query parameters of the HTTP request.
  • body (str, optional): The body of the request, typically used for POST, PUT, or PATCH methods.

Returns

  • tuple[str, str]: A tuple containing the HMAC SHA256 signature and the string that was signed.
    • The first element is the signature.
    • The second element is the string that was signed (used for debugging or logging).
  • None: If an exception occurs during execution, None will be returned.

Example Usage

secret_key = 'your-secret-key'
method = 'POST'
path = '/v1/data'
headers = {'X-Nonce': '123456'}
parameters = {'key': 'value'}
body = '{"key":"value"}'

signature, string_to_sign = get_hmac_signature(secret_key, method, path, headers, parameters, body)
print(f"Signature: {signature}")
print(f"String to Sign: {string_to_sign}")
</pre>

## Notes
- The `string_to_sign` is a combination of the HTTP method, path, headers, parameters, and body (if present). This string is then used to generate the HMAC SHA256 signature.
- The signature is returned in hexadecimal format.
- The function uses `hmac.new()` from Python's `hmac` module and `hashlib.sha256` for the hashing process.
- The `Content-Type` header is removed from the headers before generating the signature to ensure it doesn't interfere with the signing process.

## Error Handling
- If an exception occurs during the signature generation (e.g., incorrect input or issues with encoding), an error message will be printed, and the function will return `None`.