Signature Generation
Every request and callback contains the signature field. Its value is based on the secret token that is set on the Okay website on the Tenant Settings page, and the data within the transferring object. As this token is known by you and Okay server only both servers can be sure that the request is received from trusted sender.
You can use com.protectoria.gateway.tenant.signature.SignatureService that is shipped with multi-tenant-gateway-client artifact to generate signatures. Use an example from OkayRestClient.
To create a signature, concatenate all the fields from the request, response, or callback, and secret token. Then get its binary hash using the SHA-256 algorithm. After that, encode the binary data with Base64 encoding.
BASE64[SHA256(tenantId | userExternalId | secret)]
For example, if your tenantId is 10000, userExternalId is U12, and secret is hollywood, you will need to calculate the value of BASE64[SHA256('10000U12hollywood')]. This would be 2ZCK7nx/Gz2qvFlo/vPLk1H37H6g/IobIOgEJAOvQks=
BASE64[SHA256(tenantId | userExternalId | guiHeader | guiText | type | secret)]
For example, if tenantId is 12000, userExternalId is AATFR7851, type is 101, guiText is Have you requested authorization request?, guiHeader is Secure Service Request, and secret is password, you need to calculate the value of BASE64[SHA256('12000AATFR7851Secure Service RequestHave you requested authorization request?101password')]. This would be BBtE0ixMwgVZ2U0XZCBGpGffwfQgu4S0ler0Ia2kwHQ=.
BASE64[SHA256(tenantId | sessionExternalId | secret)]
BASE64[SHA256(userExternalId | status | type | secret)]
For example, if userExternalId is 169U, status is ERROR, type is always 101, and secret is madonna, you need to calculate the value of BASE64[SHA256('169UERROR101madonna')]. This would be 7KqaxVN8vdS3VcJ4q83kQVP2wnzqoN+peI4ORXj7QP8=
BASE64[SHA256(userExternalId | sessionExternalId | status | type | data | dataType | secret)]
BASE64[SHA256(userExternalId | status | type | secret)]
