Using a key with the Drupal Services module

Question

I'm testing the Drupal services module and it's working fine. I now switched from no key to a key authentication, and the system generated this key for me afw92iej83foijofn23.

When I inspect node.get at http://localhost/drupal/admin/build/services/browse/node.get I see that it now needs 4 extra required parameters stringhash, stringdomain_name, stringdomain_time_stamp, stringnonce.

Arguments (6)

• stringhash (required) A valid API key.
• stringdomain_name (required) A valid domain for the API key.
• stringdomain_time_stamp (required) Time stamp used to hash key.
• stringnonce (required) One time use nonce also used hash key.
• intnid (required) A node ID.
• arrayfields (optional) A list of fields to return

It seems the first argument isn't just the API key but a hashed API key, hashed with the other fields. How do I generate this API key? Is there an order or a specific way that drupal expects me to hash the key?

Answer 1

The hash value required is the following fields hashed with the API Key:

Timestamp - Current time in unix timestamp format.

Domain - The value you entered for domain above.

Nonce - A random value.

Method - The services method you want to call e.g. node.load

Some Drupal code as an example:

    $domain = 'my domain';
    $timestamp = (string) time();
    $nonce = user_password();
    $hash = hash_hmac('sha256', $timestamp .';'.$domain .';'. $nonce .';'.'user.get', 'remote_api_key');
    $xmlrpc_result = xmlrpc('http://remoteserver.com/services/xmlrpc', 'user.get', $hash, $domain, $timestamp, $nonce, 0);
    if ($xmlrpc_result === FALSE) {
      print '<pre>' . print_r(xmlrpc_error(), TRUE) . '<pre>';
    }
    else {
      print '<pre>' . print_r($xmlrpc_result, TRUE) . '<pre>';

}

This example is from here http://drupal.org/node/394224