I'm trying to convert the php code below to java. I'm having difficulties comparing the hash. Could someone offer some help. Thanks
Example comes from here https://developers.facebook.com/docs/facebook-login/using-login-with-games/#parsingsr
$secret = "appsecret"; // Use your app secret here
// decode the data
$sig = base64_url_decode($encoded_sig);
$data = json_decode(base64_url_decode($payload), true);
// confirm the signature
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
What I've got thus far.
String secret = "somesecret";
String signedRequest = "some.signedrequest";
String[] encoded = signedRequest.split("\\.");
System.out.println(encoded[0]);
System.out.println(encoded[1]);
String signature = base64UrlDecode(encoded[0]);
String payload = base64UrlDecode(encoded[1]);
public static String base64UrlDecode(String input) {
String result = null;
Base64 decoder = new Base64(true);
byte[] decodedBytes = decoder.decode(input);
result = new String(decodedBytes);
return result;
}
From here I'm at a loss.
I do not know how to set-up the hash to be compared against my signature.
Get some idea from this, this worked for me.