Build Authentication String with Lucee similar PHP

I try to rebuild this function from PHP with lucee:

<?php $decodedSecret = base64_decode("OWOMg2gnaSx1nukAM6SN2vxedfY1yLPONvcTKbhDv7I"); echo base64_encode(hash_hmac("sha512", "1|2481632|1425387916|GET|/api/transaction/read?spaceId=12&id=1", $decodedSecret, true)); ?>

The result should be:


I coded this with lucee:
#ToBase64(HMAC("1|2481632|1425387916|GET|/api/transaction/read?spaceId=12&id=1", ToBinary("OWOMg2gnaSx1nukAM6SN2vxedfY1yLPONvcTKbhDv7I"), "HMACSHA512", "UTF-8"))#

but the result is not the same.
Any suggestions?

I’m not very familiar with PHP but it seems that if you set the 4th argument of hash_hmac() to true (as is the case in your code) it will return raw binary data.

Lucee’s HMAC() function always returns hex so it needs to be converted to binary.

stringToEncode = "1|2481632|1425387916|GET|/api/transaction/read?spaceId=12&id=1";
secret = ToBinary( "OWOMg2gnaSx1nukAM6SN2vxedfY1yLPONvcTKbhDv7I" );
hmacHex = HMAC( stringToEncode, secret, "HMACSHA512", "UTF-8" );
hmacBinary = BinaryDecode( hmacHex, "hex" );
encodedString = ToBase64( hmacBinary );
dump( encodedString );

Outputs: tz7RqRBH8GEw29tj2/x76opKmlbthgSFJLqiwkKIUQlKiM1HaHeisC/IQzaEgALMgwSI0kvJdPAmbS11oxzz4Q==

perfect! Thank you very much :ok_hand: . I was on the way, but did not get the details :see_no_evil: