Hashing
For the API, both redirects and incoming entries need to be hashed. For iFrame, this is optional. Both redirects and incoming entries follow the same SHA-256 hashing protocol detailed below.
Hashing
See an example of hashing below:
import hmac
import hashlib
import base64
key = 'secret_hash_key'
URL = 'https://grabcherries.com/begin?sid=abc&pid=123&mid=456'
encoded_key = key.encode('utf-8')
encoded_URL = URL.encode('utf-8')
digested_hash = hmac.new(encoded_key, msg=encoded_URL, digestmod=hashlib.sha256).digest()
url_hash = base64.urlsafe_b64encode(digested_hash).rstrip(b'=').decode('ascii')
# = 'asd-eDSLSbAGCxnkZtYWtccsmREDr3EZoiHUSr4X5wE' in this example
final_url = f'{URL}&hash={url_hash}'
# = 'https://grabcherries.com/begin?sid=abc&pid=123&mid=456&hash=asd-eDSLSbAGCxnkZtYWtccsmREDr3EZoiHUSr4X5wE'
# in this example
const crypto = require('crypto');
const key = 'secret_hash_key';
const URL = "https://grabcherries.com/begin?sid=abc&pid=123&mid=456";
const encodedKey = Buffer.from(key, 'utf-8');
const encodedURL = Buffer.from(URL, 'utf-8');
const hmac = crypto.createHmac('sha256', encodedKey);
hmac.update(encodedURL);
const digestedHash = hmac.digest();
const urlHash = digestedHash.toString('base64url').replace(/=+$/, ''); // Remove trailing '='
// = 'asd-eDSLSbAGCxnkZtYWtccsmREDr3EZoiHUSr4X5wE' in this example
const finalUrl = `${URL}&hash=${urlHash}`;
// = 'https://grabcherries.com/begin?sid=abc&pid=123&mid=456&hash=asd-eDSLSbAGCxnkZtYWtccsmREDr3EZoiHUSr4X5wE'
// in this example
Updated 9 months ago