I need to validate a signature for a callback from ankoder.com who provide the following description:
It is the URL-escaped string of Base64-encoded HMAC-SHA1 digest of your private key and the URL-unescaped message.
$passkey = urlencode(base64_encode(hash_hmac('sha1', urldecode($str), $private_key, true)));
They provide the following Ruby example
encoded_signature = CGI.escape Base64.encode64(HMAC::SHA1::digest(private_key, CGI.unescape(message))).strip
I run this on sample data I have returned from a callback but am not getting the same signature. How do I replicate the Ruby code in PHP?
Edit
The issue was trailing whitespace being sent through.
Your PHP code matches the Ruby code. The problem must be somewhere else.
Check if the key is correct and the message is parsed correctly (urldecode, then json_decode).