FROM CACHE - en_header
Promotion image

How to generate an HMAC-SHA256 hash in base64?

How to generate an HMAC-SHA256 hash in base64?

JamalT
Shopify Partner
2 0 1
‎01-14-2022 12:14 AM

I'm trying to generate an HMAC-SHA256 hash in base64 to use with a 3rd party integration. The hash needs to be appended to the end of the URL in an iFrame on the page, and is created from the URL query parameters and values.

 

I'm pretty sure I'm clashing with data types, where a hexadecimal value is being converted to UTF-8 and therefore affecting the base64 conversion. I'm reaching the end of my experience, so looking for some suggestions.

 

Example code:

{% assign queryString = "ShopifyID" | append: customer.id %}
{% assign secretKey = "[Shared secret]" %}

{% assign hashSignature = {{queryString | hmac_sha256: secretKey | base64_encode | url_encode}} %}

<iframe src="https://[Resource URL]?ShopifyID={{customer.id}}&signature={{hashSignature}}"></iframe>

 

The issue I have is that the signature generated in liquid does not match with the 3rd party, where the result should be 44 characters in length, however, the result I get from the liquid code above is 88.

I've run the same parameters through an external site as well as in javascript and these produce the same result as the third party. Jscript runs client-side, and I haven't been able to find a way to use this either due to iFrame load timing, or having the pass through the secret key to the browser.

 

Using some random number generators for the customer.id and secret key, I can get the following:

queryString = ShopifyID5184202623769

Secret Key = 9b98935d8fe6a6aa907046efdd070449

Expected output = Rjn1Ub1Mw2GGiCwclOqBzs4+LaB76dhPvsKqD0xda4I=

Liquid output = NDYzOWY1NTFiZDRjYzM2MTg2ODgyYzFjOTRlYTgxY2VjZTNlMmRhMDdiZTlkODRmYmVjMmFhMGY0YzVkNmI4Mg==

4,007 Views
0 Likes
Report
Replies 5 (5)

Schmidtc63
Shopify Partner
101 14 29
‎09-05-2022 01:12 PM

Did you ever figure this out? I'm running into the same issue.

3,786 Views
1 Like
Report
In response to Schmidtc63

JamalT
Shopify Partner
2 0 1
‎09-07-2022 02:59 AM

Sadly, no.

 

As best I can tell, these particular Liquid encryption libraries are not included in Shopify's Liquid.

 

Similarly, if you do find something, I would be happy to hear!

3,729 Views
1 Like
Report
In response to JamalT

Schmidtc63
Shopify Partner
101 14 29
‎09-07-2022 08:08 AM

So, the hash is working fine. It's the conversion to base64. hmac generates a hex string. But, the liquid to Base64 is strictly text to Base64, not hex to base64. So, I did this:

 

{% liquid
   assign gcHash="some thing I want to hash" | hmac_sha256: "my secret code"
%} 

<script>
    gcHash=btoa(String.fromCharCode.apply(null, '{{ gcHash }}'.match(/\w{2}/g).map(function(a) { return parseInt(a, 16) })));
    customerEmail = '{{ customer.email }}';
</script>

 

That took care of it. I got the correct 44-byte hash I was looking for.

3,677 Views
0 Likes
Report
In response to Schmidtc63

Christian52
Shopify Partner
2 0 0
‎11-22-2023 03:02 PM

I'm having the same issue but can't figure out where I need to paste this code to fix it 

 

2,638 Views
0 Likes
Report
In response to Christian52

Schmidtc63
Shopify Partner
101 14 29
‎01-10-2024 11:09 AM

In any theme liquid file where you need this.

2,471 Views
0 Likes
Report

Community Blog Articles

shopp-e-1741972742895593780274096851.png
Canadian merchants: Update account details by March 24, 2025 to continue us...

Shopify and our financial partners regularly review and update verification requiremen...

By Jacqui Mar 14, 2025
Shopify_0-1741780029041.png
New learning path from Shopify Academy: How to create a digital marketing s...

Unlock the potential of marketing on your business growth with Shopify Academy's late...

By Shopify Mar 12, 2025
CRO-Community-Promo.jpg
Expert insights on conversion rate optimization (CRO) from Shopify Academy ...

Learn how to increase conversion rates in every stage of the customer journey by enroll...

By Shopify Mar 5, 2025
Terms of Service Privacy Policy