Signature
Signature - a string in hexadecimal format formed by one-way coding. You cannot decode or generate this string without knowing all the necessary components. The signature is based on the potential importance of each query parameter.
SHA-1 hash algorithm is used for signature generating.
import hashlib
request_params = {
"site_id": 24,
"site_login": "443122443122",
"customer_ip": "185.56.232.170",
"currency": "usd",
"signature": "1234566443"
}
params = {}
for key, value in request_params.items(): #
if isinstance(v, list):
new_v = ';'.join(sorted(map(str, v)))
params[str(k)] = str(new_v)
else:
params[str(k)] = str(v)
sign_str = ';'.join(
['%s:%s' % (k.lower(), params[k]) for k in
sorted(params.keys()) if params[k].strip() != '']) + ';'
signature = hashlib.sha1(sign_str.encode('utf-8') +
salt.encode('utf-8')).hexdigest()Signature generating algorithm
A signature string is generated:
all query parameters are sorted alphabetically;
sorted not empty parameters are connected in series to one line (concatenation) using the symbol-separator between them;
the end of the line is appended with the site salt using the symbol-separator
SHA-1 hash is taken from the received string.
Signature generating rules
Signed string coding – UTF-8;
Query parameter names are presented in lower case. The string can be composed of Latin letters from a to z, numbers from 0 to 9, underlining sign "_";
A semicolon is used as the delimiter between parameters ”;”;
Each parameter is attached as a substring ”param_name:param_value”, where param name – a parameter name, param_value – parameter value, a colon - internal delimiter;
Parameters which value is an empty string ”” – are skipped;
If the parameter value is an array, then its elements are also sorted according to the growth of their keys and connected in series by a delimiter. In this case, the array elements (nested arrays) are skipped, and the delimiter character is not added;
To avoid double signing, the "signature" parameter is always excluded from the signature.
Last updated