Swedish BankID Python 使用 hmac 生成动画二维码
Swedish BankID Python Animated QR code generation with hmac
我正在开发一个将使用 BankID 进行授权和数字签名的 Django 项目。我正在使用 pybankid,关于该项目我只能说些好话。我的问题在于尝试使用 bankIDs 文档提供的代码。
import hashlib
import hmac
import time
qr_start_token = rp_response["qrStartToken"]
# "67df3917-fa0d-44e5-b327-edcc928297f8"
qr_start_secret = rp_response["qrStartSecret"]
# "d28db9a7-4cde-429e-a983-359be676944c"
order_time = time.time()
# (The time in seconds when the response from the BankID service was delivered)
qr_time = str(int(time.time() - order_time))
# ("0" or another string with a higher number depending on order_time and current time)
qr_auth_code = hmac.new(qr_start_secret, qr_time, hashlib.sha256).hexdigest()
# "dc69358e712458a66a7525beef148ae8526b1c71610eff2c16cdffb4cdac9bf8" (qr_time="0")
# "949d559bf23403952a94d103e67743126381eda00f0b3cbddbf7c96b1adcbce2" (qr_time="1")
# "a9e5ec59cb4eee4ef4117150abc58fad7a85439a6a96ccbecc3668b41795b3f3" (qr_time="2")
# (64 chars hex)
qr_data = str.join(".", "bankid", qr_start_token, qr_time, qr_auth_code)
# "bankid.67df3917-fa0d-44e5-b327-edcc928297f8.0.dc69358e712458a66a7525beef148ae8526b1c71610eff2c16cdffb4cdac9bf8" (qr_time="0")
# "bankid.67df3917-fa0d-44e5-b327-edcc928297f8.1.949d559bf23403952a94d103e67743126381eda00f0b3cbddbf7c96b1adcbce2" (qr_time="1")
# "bankid.67df3917-fa0d-44e5-b327-edcc928297f8.2.a9e5ec59cb4eee4ef4117150abc58fad7a85439a6a96ccbecc3668b41795b3f3" (qr_time="2")
我得到 TypeError: key: expected bytes or bytearray,但得到 'str',当我尝试将 qr_start_secret 转换为字节时,我得到 Unicode-objects must be encoded before hashing。我不知所措。有人有什么想法吗?
编辑:这是我当前的代码,它可以工作。目前正在努力研究如何在客户端呈现不断变化的 QR 码值,因为上下文只会传输静态值。
if request.META['HTTP_USER_AGENT']:
ua_string = request.META['HTTP_USER_AGENT']
user_agent = parse(ua_string)
if user_agent.is_pc:
status=client.collect(order_ref=auth["orderRef"])["status"]
order_time = time.time()
while status == "pending":
qr_start_token = auth["qrStartToken"]
qr_start_secret = auth["qrStartSecret"]
qr_time = str(int(time.time() - order_time))
qr_auth_code = hmac.new(qr_start_secret.encode(), qr_time.encode(), hashlib.sha256).hexdigest()
qr_data = ".".join(["bankid", qr_start_token, qr_time, qr_auth_code])
print(f'qr_data: {qr_data}')
status=client.collect(order_ref=auth["orderRef"])["status"]
print(status)
qr = segno.make(qr_data)
qr.save('media/img/temp/' + personal_number + '.svg')
if status == "complete":
print("Logged on")
dj_login(request, user)
return render(request, 'home/auth-login-Success.html')
time.sleep(1)
他们的示例代码存在多个问题
- 看起来
qr_start_token 和 qr_start_secret 是字符串。
str.join 将引发接收 4 个参数的错误
尝试:
import hashlib
import hmac
import time
qr_start_token = "67df3917-fa0d-44e5-b327-edcc928297f8"
qr_start_secret = "d28db9a7-4cde-429e-a983-359be676944c"
order_time = time.time()
# (The time in seconds when the response from the BankID service was delivered)
qr_time = str(int(time.time() - order_time))
# ("0" or another string with a higher number depending on order_time and current time)
print(f'qr_time: {qr_time}')
qr_auth_code = hmac.new(qr_start_secret.encode(), qr_time.encode(), hashlib.sha256).hexdigest()
# "dc69358e712458a66a7525beef148ae8526b1c71610eff2c16cdffb4cdac9bf8" (qr_time="0")
# "949d559bf23403952a94d103e67743126381eda00f0b3cbddbf7c96b1adcbce2" (qr_time="1")
# "a9e5ec59cb4eee4ef4117150abc58fad7a85439a6a96ccbecc3668b41795b3f3" (qr_time="2")
# (64 chars hex)
print(f'qr_auth_code: {qr_auth_code}')
print(qr_auth_code == "dc69358e712458a66a7525beef148ae8526b1c71610eff2c16cdffb4cdac9bf8")
qr_data = str.join(".", ["bankid", qr_start_token, qr_time, qr_auth_code])
# or better
# qr_data = ".".join(["bankid", qr_start_token, qr_time, qr_auth_code])
# "bankid.67df3917-fa0d-44e5-b327-edcc928297f8.0.dc69358e712458a66a7525beef148ae8526b1c71610eff2c16cdffb4cdac9bf8" (qr_time="0")
# "bankid.67df3917-fa0d-44e5-b327-edcc928297f8.1.949d559bf23403952a94d103e67743126381eda00f0b3cbddbf7c96b1adcbce2" (qr_time="1")
# "bankid.67df3917-fa0d-44e5-b327-edcc928297f8.2.a9e5ec59cb4eee4ef4117150abc58fad7a85439a6a96ccbecc3668b41795b3f3" (qr_time="2")
print(f'qr_data: {qr_data}')
输出:
qr_time: 0
qr_auth_code: dc69358e712458a66a7525beef148ae8526b1c71610eff2c16cdffb4cdac9bf8
True
qr_data: bankid.67df3917-fa0d-44e5-b327-edcc928297f8.0.dc69358e712458a66a7525beef148ae8526b1c71610eff2c16cdffb4cdac9bf8
我正在开发一个将使用 BankID 进行授权和数字签名的 Django 项目。我正在使用 pybankid,关于该项目我只能说些好话。我的问题在于尝试使用 bankIDs 文档提供的代码。
import hashlib
import hmac
import time
qr_start_token = rp_response["qrStartToken"]
# "67df3917-fa0d-44e5-b327-edcc928297f8"
qr_start_secret = rp_response["qrStartSecret"]
# "d28db9a7-4cde-429e-a983-359be676944c"
order_time = time.time()
# (The time in seconds when the response from the BankID service was delivered)
qr_time = str(int(time.time() - order_time))
# ("0" or another string with a higher number depending on order_time and current time)
qr_auth_code = hmac.new(qr_start_secret, qr_time, hashlib.sha256).hexdigest()
# "dc69358e712458a66a7525beef148ae8526b1c71610eff2c16cdffb4cdac9bf8" (qr_time="0")
# "949d559bf23403952a94d103e67743126381eda00f0b3cbddbf7c96b1adcbce2" (qr_time="1")
# "a9e5ec59cb4eee4ef4117150abc58fad7a85439a6a96ccbecc3668b41795b3f3" (qr_time="2")
# (64 chars hex)
qr_data = str.join(".", "bankid", qr_start_token, qr_time, qr_auth_code)
# "bankid.67df3917-fa0d-44e5-b327-edcc928297f8.0.dc69358e712458a66a7525beef148ae8526b1c71610eff2c16cdffb4cdac9bf8" (qr_time="0")
# "bankid.67df3917-fa0d-44e5-b327-edcc928297f8.1.949d559bf23403952a94d103e67743126381eda00f0b3cbddbf7c96b1adcbce2" (qr_time="1")
# "bankid.67df3917-fa0d-44e5-b327-edcc928297f8.2.a9e5ec59cb4eee4ef4117150abc58fad7a85439a6a96ccbecc3668b41795b3f3" (qr_time="2")
我得到 TypeError: key: expected bytes or bytearray,但得到 'str',当我尝试将 qr_start_secret 转换为字节时,我得到 Unicode-objects must be encoded before hashing。我不知所措。有人有什么想法吗?
编辑:这是我当前的代码,它可以工作。目前正在努力研究如何在客户端呈现不断变化的 QR 码值,因为上下文只会传输静态值。
if request.META['HTTP_USER_AGENT']:
ua_string = request.META['HTTP_USER_AGENT']
user_agent = parse(ua_string)
if user_agent.is_pc:
status=client.collect(order_ref=auth["orderRef"])["status"]
order_time = time.time()
while status == "pending":
qr_start_token = auth["qrStartToken"]
qr_start_secret = auth["qrStartSecret"]
qr_time = str(int(time.time() - order_time))
qr_auth_code = hmac.new(qr_start_secret.encode(), qr_time.encode(), hashlib.sha256).hexdigest()
qr_data = ".".join(["bankid", qr_start_token, qr_time, qr_auth_code])
print(f'qr_data: {qr_data}')
status=client.collect(order_ref=auth["orderRef"])["status"]
print(status)
qr = segno.make(qr_data)
qr.save('media/img/temp/' + personal_number + '.svg')
if status == "complete":
print("Logged on")
dj_login(request, user)
return render(request, 'home/auth-login-Success.html')
time.sleep(1)
他们的示例代码存在多个问题
- 看起来
qr_start_token和qr_start_secret是字符串。 str.join将引发接收 4 个参数的错误
尝试:
import hashlib
import hmac
import time
qr_start_token = "67df3917-fa0d-44e5-b327-edcc928297f8"
qr_start_secret = "d28db9a7-4cde-429e-a983-359be676944c"
order_time = time.time()
# (The time in seconds when the response from the BankID service was delivered)
qr_time = str(int(time.time() - order_time))
# ("0" or another string with a higher number depending on order_time and current time)
print(f'qr_time: {qr_time}')
qr_auth_code = hmac.new(qr_start_secret.encode(), qr_time.encode(), hashlib.sha256).hexdigest()
# "dc69358e712458a66a7525beef148ae8526b1c71610eff2c16cdffb4cdac9bf8" (qr_time="0")
# "949d559bf23403952a94d103e67743126381eda00f0b3cbddbf7c96b1adcbce2" (qr_time="1")
# "a9e5ec59cb4eee4ef4117150abc58fad7a85439a6a96ccbecc3668b41795b3f3" (qr_time="2")
# (64 chars hex)
print(f'qr_auth_code: {qr_auth_code}')
print(qr_auth_code == "dc69358e712458a66a7525beef148ae8526b1c71610eff2c16cdffb4cdac9bf8")
qr_data = str.join(".", ["bankid", qr_start_token, qr_time, qr_auth_code])
# or better
# qr_data = ".".join(["bankid", qr_start_token, qr_time, qr_auth_code])
# "bankid.67df3917-fa0d-44e5-b327-edcc928297f8.0.dc69358e712458a66a7525beef148ae8526b1c71610eff2c16cdffb4cdac9bf8" (qr_time="0")
# "bankid.67df3917-fa0d-44e5-b327-edcc928297f8.1.949d559bf23403952a94d103e67743126381eda00f0b3cbddbf7c96b1adcbce2" (qr_time="1")
# "bankid.67df3917-fa0d-44e5-b327-edcc928297f8.2.a9e5ec59cb4eee4ef4117150abc58fad7a85439a6a96ccbecc3668b41795b3f3" (qr_time="2")
print(f'qr_data: {qr_data}')
输出:
qr_time: 0
qr_auth_code: dc69358e712458a66a7525beef148ae8526b1c71610eff2c16cdffb4cdac9bf8
True
qr_data: bankid.67df3917-fa0d-44e5-b327-edcc928297f8.0.dc69358e712458a66a7525beef148ae8526b1c71610eff2c16cdffb4cdac9bf8