I'm having some issues with tokens.
I'm following this guide: https://www.fastly.com/blog/patterns-for-authentication-at-the-edge
Specifically where it talks about Single-use, time-limited tokens
I'm generating my token like this:
$tokenLifetime = 60;
$url = '/my/url.m3u8';
$expiryTime = time() + $tokenLifetime;
$userAgent = $request->userAgent();
$ip = $request->getClientIp();
$key = env('FASTLY_SECRET');
$hmactoken = base64_encode(hash_hmac('sha256', $payload, $key));
$fastlyToken = $expiryTime.'_'.$hmactoken;
The token I get does not match the fastly token ever.
The payloads match cause I'm logging them from fastly but my token always ends with a = but theirs does not.
I'm not sure how to resolve this.
Please sign in to leave a comment.