I'm following steps outlined by Twitter to create a signature as part of the authorisation process when using the Twitter API v1.1. The steps are online here:
I've got to the last bit where I have a signature base string and a signing key. I'm struggling to generate the final signature.
I need to pass the sig base string and the signing key to the HMAC-SHA1 hashing algorithm then use base64 encoding. I'm not sure which order this goes in or exactly what the code would be. Here's what I've tried, which doesn't give me the same result as Twitter's example:
$sigBaseString = '
$signingKey = 'kAcSOqF21Fu85e7zjz7ZN2U4ZRhfV3WpwPAoE3Z7kBw&LswwdoUaIvS8ltyTt5jkRh4J50vUPVVHtR2YPi5kE';
$sig = hash_hmac('sha1',$sigBaseString,$signingKey);
Am I using hash_hmac wrong? Have I done the base64 encoding at the wrong part? I can't seem to get the same result as Twitter.
Found an answer to my own question:
$sig = base64_encode(hash_hmac('sha1',$sigBaseString,$signingKey,TRUE));