Skip to content

Instantly share code, notes, and snippets.

@brandonhilkert

brandonhilkert/partner.md

Last active June 16, 2017 18:05
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save brandonhilkert/ec5696288302cbc0c262b491ee0eb466 to your computer and use it in GitHub Desktop.
Save brandonhilkert/ec5696288302cbc0c262b491ee0eb466 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
partner.md

Signup

  • GET /partners/signup will create the requested user in Bark

This endpoint requires request signing authentication

Required parameters:

  • pk - the primary key of the user in your data store
  • email - email address of the user
  • token - partner integration token we supply you
  • signature - HMAC signature of request parameters (endpoint for signature generation is /signup)
Response

This endpoint will return redirect the user to the appropriate page inside Bark upon signup.

Request Signing

string to sign: endpoint|key1=value1|key2=value2|...

Parameter name: signature
Parameter value: signed token with your Secret using the SHA256 hash algorithm

string to sign: API endpoint appended with a concatenation of all key/value pairs of your request parameters, sorted by key in ascending order. Each key/value pair is separated by the pipe character.

The signature describes the hex representation of a RFC 2104-compliant HMAC with the SHA256 hash algorithm, using the API endpoint, your request parameters and your secret. Most programming languages provide the tools to create such a signature. Here are some examples to get you started.

Python

# -*- coding: UTF-8 -*-
import hmac
from hashlib import sha256

def generate_signature(endpoint, params, secret):
    sig = endpoint
    for key in sorted(params.keys()):
        sig += '|%s=%s' % (key, params[key])
    return hmac.new(secret, sig, sha256).hexdigest()

Ruby

require 'openssl'
require 'base64'

def generate_signature(endpoint, params, secret)
  string_to_sign = endpoint

  Hash[params.sort_by { |k, v| k }].each do |k, v|
    string_to_sign += "|%s=%s" % [k, v]
  end

  digest = OpenSSL::Digest::Digest.new('sha256')
  OpenSSL::HMAC.hexdigest(digest, secret, string_to_sign)
end

PHP

<?php
function generate_signature($endpoint, $params, $secret) {
  $sig = $endpoint;
  ksort($params);
  foreach ($params as $key => $val) {
    $sig .= "|$key=$val";
  }
  return hash_hmac('sha256', $sig, $secret, false);
}
?>

Request Example

Partner Token: XdJihWNXYbaLzK4n

Partner Secret: M6Atnz1rEAARBJ8G

Endpoint: /signup

Parameters:

  • pk: a4afed11-06cb-4f59-9522-82932e16c5d5
  • email: me@example.com
  • token: XdJihWNXYbaLzK4n

With the endpoint and parameters above, the signature would be:

signature : 6f469b342bf6dca4213ab3093d885199ded0d7eca162823c5c2e76487eb38931

The final request with the params above would be:

GET https://www.bark.us/api/v1/partners/signup?pk=a4afed11-06cb-4f59-9522-82932e16c5d5&email=me%40example.com&token=XdJihWNXYbaLzK4n&signature=6f469b342bf6dca4213ab3093d885199ded0d7eca162823c5c2e76487eb38931

Note: The email parameter needs to be encoded in the request URL. The email address should NOT be encoded when generating the signature.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment