Skip to content

Instantly share code, notes, and snippets.

@bentonporter
Created June 7, 2012 20:51
Show Gist options
  • Save bentonporter/2891463 to your computer and use it in GitHub Desktop.
Save bentonporter/2891463 to your computer and use it in GitHub Desktop.
Ruby - HMAC-SHA256 example
require 'openssl'
require 'Base64'
key = "secret-key"
data = "some data to be signed"
Base64.encode64(OpenSSL::HMAC.digest(OpenSSL::Digest::Digest.new('sha256'), key, data)).strip()
@RicardoZeballos
Copy link

@A1iAshoor's example is what Stripe is using in its libraries. In case anyone else also writing tests for your webhooks.

@pallavsharma
Copy link

If you came here (like me) looking for a quick hint on how to encode hmac sha256 for Facebook's appsecret_proof parameter, this is what you are looking for:

OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), <app_secret>, <user_access_token>)

:)

Thanks, it works like a charm.

@Erickw
Copy link

Erickw commented Nov 26, 2020

OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), <app_secret>, <user_access_token>)

Thanks, it worked well here too!

@activeliang
Copy link

secure_hash = OpenSSL::HMAC.hexdigest('SHA256', <key>, <data>)

thx~

@Mth0158
Copy link

Mth0158 commented Feb 1, 2022

OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), <app_secret>, <user_access_token>)

Worked perfectly for Facebook API, thank you @gr8bit

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment