Skip to content

Instantly share code, notes, and snippets.

@tstachl tstachl/Multipass.cls
Last active Apr 5, 2017

What would you like to do?
Apex version to generate a multipass token for
public class Multipass
private static String SITE_KEY = 'site_key';
private static String API_KEY = 'api_key';
public static void generate()
System.debug('== Generating ==');
System.debug(' Create the encryption key using a 16 byte SHA1 digest of your api key and subdomain');
Blob key = Crypto.generateDigest('SHA1', Blob.valueOf(API_KEY + SITE_KEY));
System.debug(' Cut to correct length');
key = EncodingUtil.base64Decode(EncodingUtil.base64Encode(key).left(22));
System.debug(' Build json data');
String data = JSON.serialize(new Map<String, String>{
'uid' => '1',
'expires' =>'yyyy-MM-dd\'T\'HH:mm:ss.SSS\'Z\''),
'customer_email' => '',
'customer_name' => 'John'
System.debug(' Data: ' + data);
System.debug(' Encrypt data using AES128-cbc');
Blob multipass = Crypto.encryptWithManagedIV('AES128', key, Blob.valueOf(data));
System.debug(' Base64 encode the encrypted data');
String multipass_string = EncodingUtil.base64Encode(multipass);
System.debug(' Build an HMAC-SHA1 signature using the encoded string and your api key');
Blob signature = Crypto.generateMac('hmacSHA1', Blob.valueOf(multipass_string), Blob.valueOf(API_KEY));
String signature_string = EncodingUtil.base64Encode(signature);
System.debug(' Finally, URL encode the multipass and signature');
multipass_string = EncodingUtil.urlEncode(multipass_string, 'UTF-8');
signature_string = EncodingUtil.urlEncode(signature_string, 'UTF-8');
System.debug('== Finished ==');
System.debug('https://' + SITE_KEY + '' + multipass_string + '&signature=' + signature_string);

This comment has been minimized.

Copy link

imranqurehi commented Nov 27, 2015

This is not working, getting error "Invalid private key. Must be 16 bytes." and when I changed to get first 16 bytes from key then It gave me multipass and signature but that are not valid as its not allowing me to login into with multipass and signature.


This comment has been minimized.

Copy link
Owner Author

tstachl commented Nov 30, 2015

@imranqurehi you'll have to generate the KEY_BASE64 string in a different environment. A ruby example is commented out in the code on the lines 9-11 but you can use PHP, .net or any other programming language that allows you to generate a SHA1 digest and cut out the first 16 bytes of that digest.


This comment has been minimized.

Copy link

Devarshi87 commented Aug 23, 2016

Got it working in apex . Made some changes to the code to fetch out the first 16 bytes .

blob blobToGenerateSHA = blob.valueof(API_KEY + SITE_KEY);
           system.debug('*****'+string.valueof(Crypto.generateDigest('SHA1', blobToGenerateSHA)));
           blob codeSHA = Crypto.generateDigest('SHA1', blobToGenerateSHA);
           string  b64= EncodingUtil.base64Encode(codeSHA);
           KEY_BASE64 = b64.left(22);
           System.debug('String b64: [' + KEY_BASE64 );   
           System.debug('== Generating ==');

           Blob key = EncodingUtil.base64Decode(KEY_BASE64);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.