I made two ways of requesting a POST. Method 1 is submitting the form to the server. Method 2 is using Jquery $.post.
<!--METHOD 1-->
<form method="POST" action="postmanTest.php" id="#myform">
<input type="hidden" id ="bodyv" name="bodyv" value="aaab">
<input type="hidden" id ="time" name="time">
<input type="submit" value="Submit Now" id="btn2" name="submit" onclick="stringify()">
</form>
<button id = "btn3">Set TIme</button>
<script>
//---METHOD 2---
$("#btn2").click(function(){
stringify();
$bodyv=$("#bodyv").val();
$.post("postmanTest.php",
{bodyv:$bodyv},
function(data,status){
alert(data);
}
)
})
//---SET TIME---
$("#btn3").click(function(){
document.getElementsByName('time')[0].value = new Date().getTime();
})
</script>
The stringify function
<script type="text/javascript">
function stringify(){
let time = document.getElementsByName('time')[0].value;
let body = {
"data": {
// "scheduleAt": "2022-04-01T14:30:00.00Z", // optional
"serviceType": "MOTORCYCLE",
//"specialRequests": ["TOLL_FEE_10"], // optional
"specialRequests": ["CASH_ON_DELIVERY"], // optional
"language": "en_PH",
"stops": [
{
"coordinates": {
"lat": "0",
"lng": "0"
},
"address": "Innocentre, 72 Tat Chee Ave, Kowloon Tong"
},
{
"coordinates": {
"lat": "0",
"lng": "0"
},
"address": "Canton Rd, Tsim Sha Tsui"
}
],
"isRouteOptimized": false, // optional only for quotations
"item":{
"quantity":"12",
"weight":"LESS_THAN_3_KG",
"categories":[
"FOOD_DELIVERY",
"OFFICE_ITEM"
],
"handlingInstructions":[
"KEEP_UPRIGHT"
]
},
}
};
body = JSON.stringify(body);
document.getElementsByName('bodyv')[0].value = `${time.toString()}\r\nPOST\r\n/v3/quotations\r\n\r\n${body}`;
}
The server side PHP code accepts the variables and applies hash_hmac sha256 to the bodyv variable
<?php
$bodyVar = $_POST['bodyv'];
$secret = "mysecretkey";
$sig = hash_hmac('sha256', $bodyVar, $secret);
echo $sig;
Method 1 and method 2 produce different values for $sig = hash_hmac('sha256', $bodyVar, $secret). Why is this happening? Method 1 is the correct hash value.
After researching, I saw you are using \r\n
to set $bodyv
data. And when you get that data with $bodyv = $("#bodyv").val()
the \r
is stripped. That´s because val()
strips carriage return chars as explained here. You could change to $bodyv = $("#bodyv")[0].value;` and it will work as expected
Edited to match the correct answer