Custom connector - HMAC authentication

bender — Tue, 22 Oct 2024 18:27:58 GMT

Hi everyone,

I'm working on trying to integrate the Lexsynergy API with Workato, but I've hit a roadblock. It seems I can't use the standard HTTP connector due to their specific HMAC authentication requirements. I tried building a custom connector, but I could use some guidance.

Here's the key challenge: Lexsynergy requires a unique "Authorization" header for each request, which involves:

Dynamic Timestamp: Including the current Unix timestamp.

Nonce Generation: Generating a unique random string (UUID v4).
Signature Calculation: Computing an HMAC-SHA256 hash of a string constructed from various elements.

https://portal.lexsynergy.com/uploads/lexsynergy-api_latest.html#introduction

A unique URL, method and body need to be signed for each request and it looks like only the URL and method are available as special variables in the apply key's context.
https://docs.workato.com/developing-connectors/sdk/sdk-reference/connection/authorization.html#apply

This is what I have so far. A working connection but that's it. The test block works only because that endpoint doesn't require a body and I could put an empty string.

{ title: 'Lexsynergy', connection: { fields: [ { name: 'api_key', optional: false, hint: 'Your Lexsynergy API key' }, { name: 'api_secret', optional: false, hint: 'Your Lexsynergy secret key', control_type: 'password' } ], authorization: { type: 'custom_auth', acquire: lambda do |connection| end, apply: lambda do |connection| end }, base_uri: lambda do |_connection| 'https://api.lexsynergy.com/1.9/' end }, test: lambda do |connection| url = 'https://api.lexsynergy.com/1.9/tlds.json' api_key = connection['api_key'] api_secret = connection['api_secret'] request = call(:request_signer, api_key, api_secret, 'GET', url, '') get(url).headers('Authorization': request['authorization_header']) end, custom_action: true, actions: {}, triggers: {}, methods: { request_signer: lambda do |api_key, api_secret, method, url, body| # Calculate timestamp and nonce timestamp = now.to_i.to_s nonce = uuid realm = 'api' # Construct the string to sign string_to_sign = "#{realm}\n#{api_key}\n#{nonce}\n#{timestamp}\n#{method.upcase}\n#{url}\n#{body}\n" # Generate HMAC signature signature = string_to_sign.hmac_sha256(api_secret) encoded_signature = signature.encode_base64 # Construct the Authorization header authorization_header = "lexsynergy-http-hmac realm=#{realm}&key=#{api_key}&nonce=#{nonce}&timestamp=#{timestamp}&signature=#{encoded_signature}" { 'authorization_header' => authorization_header } end }, object_definitions: {}, pick_lists: {} }

Appreciate all the help I can get on this one!

Re: Custom connector - HMAC authentication

julie-reyes — Thu, 24 Oct 2024 07:45:45 GMT

Hi,

Good day!

We do have a sample connector that uses HMAC, which you can find in our Community Library. I have included the link for your convenience: https://app.workato.com/custom_adapters/125161/code?community=true.

This should provide you with a good starting point for building your custom connector.

If you require further assistance or have any specific questions, I suggest submitting a ticket to our Support Portal. Our team of experts will be more than happy to assist you with any further queries or concerns you may have.

Thank you

Re: Custom connector - HMAC authentication

bender — Fri, 25 Oct 2024 17:30:50 GMT

Thank you, that was indeed helpful in finding a solution.

topic Custom connector - HMAC authentication in Workato Pros Discussion Board

Custom connector - HMAC authentication

Re: Custom connector - HMAC authentication

Re: Custom connector - HMAC authentication