<?php
$key = '<MINGLE_USERNAME>';
$secret = '<USER_HMAC_KEY>';
// prepare for requests
$ch = curl_init(); // create curl instance
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // we want the response contents
$url = 'https://<INSTANCE_NAME>.mingle.thoughtworks.com/api/v2/projects/<PROJECT_IDENTIFIER>/cards/<CARD_NUMBER>.xml';
date_default_timezone_set('GMT');
$ContentType = 'application/xml';
$Contentmd5 = '';
$ResourceURI = '/api/v2/projects/<PROJECT_IDENTIFIER>/cards/<CARD_NUMBER>.xml';
$RequestDate = date(DateTime::RFC1123);
$canonicalString = $ContentType.',,'.$ResourceURI.','.$RequestDate;
$sig = base64_encode(hash_hmac('sha1', $canonicalString, $secret, true)); // calculate signature
$authHeader = 'APIAuth '.$key.':'.$sig;
// specify request headers
$headers = array(
'Authorization: '.$authHeader,
'Date: '.$RequestDate,
'Content-MD5: '.$Contentmd5,
'Content-Type: '.$ContentType
);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); // set the headers
curl_setopt($ch, CURLOPT_URL, $url);
echo curl_exec($ch); // run request
Comments
1 comment
Many Thanks for this implementation !
However, this implementation doesn't fit Mingle Documentation
The documentation states that MD5-Content for a GET request should be 1B2M2Y8AsgTpgAmY7PhCfg==
Here, the MD5-Content is empty.
As well, the link in documentation sends to https://github.com/mgomes/api_auth for HMAC implementation. Their computation of the canonical string is not exactly the same as the one used here : They concat the HTTP method (GET) at the beginning of the canonical string
Please sign in to leave a comment.