10

How to generate valid signature in JavaScript, I do have a business Key and client id but not able to proceed for static maps api valid url signature, as I am calling this API using JavaScript and want to send the signature and client ID to have full utilization of my usage limits.

user2142056
  • 101
  • 1
  • 4

4 Answers4

3

Here's a link to the sample Javascript (node.js) code that Google provides for signing the Static Maps URL in their documentation:

https://github.com/googlemaps/url-signing/blob/gh-pages/urlSigner.js

I've gone ahead and turned this code into a gmaps-url-signer node/npm module. This is how you can use it to sign a static maps URL with the gmaps-url-signer library:

const urlSigner = require('gmaps-url-signer');

const key = 'my_google_api_key';
const secret = 'my_static_maps_secret';
const domain = 'http://maps.googleapis.com';

// Path to your static map
let path = '/maps/api/staticmap?zoom=2&scale=1&size=350x250&maptype=terrain&format=png&visual_refresh=true';
path += `&key=${key}`;

console.log('Full signed URL:');
console.log(domain + urlSigner.sign(path, secret));
ty.
  • 10,924
  • 9
  • 52
  • 71
2

Google's URL Signing Samples

Includes samples for the following languages, including Node/JS:

  • Python
  • Java
  • Node/JS
  • PHP
  • C#
  • Perl
  • Ruby
  • VB.NET
  • Objective-C

For Node/JS it looks like this: 

'use strict'

const crypto = require('crypto');
const url = require('url');

/**
 * Convert from 'web safe' base64 to true base64.
 *
 * @param  {string} safeEncodedString The code you want to translate
 *                                    from a web safe form.
 * @return {string}
 */
function removeWebSafe(safeEncodedString) {
  return safeEncodedString.replace(/-/g, '+').replace(/_/g, '/');
}

/**
 * Convert from true base64 to 'web safe' base64
 *
 * @param  {string} encodedString The code you want to translate to a
 *                                web safe form.
 * @return {string}
 */
function makeWebSafe(encodedString) {
  return encodedString.replace(/\+/g, '-').replace(/\//g, '_');
}

/**
 * Takes a base64 code and decodes it.
 *
 * @param  {string} code The encoded data.
 * @return {string}
 */
function decodeBase64Hash(code) {
  // "new Buffer(...)" is deprecated. Use Buffer.from if it exists.
  return Buffer.from ? Buffer.from(code, 'base64') : new Buffer(code, 'base64');
}

/**
 * Takes a key and signs the data with it.
 *
 * @param  {string} key  Your unique secret key.
 * @param  {string} data The url to sign.
 * @return {string}
 */
function encodeBase64Hash(key, data) {
  return crypto.createHmac('sha1', key).update(data).digest('base64');
}

/**
 * Sign a URL using a secret key.
 *
 * @param  {string} path   The url you want to sign.
 * @param  {string} secret Your unique secret key.
 * @return {string}
 */
function sign(path, secret) {
  const uri = url.parse(path);
  const safeSecret = decodeBase64Hash(removeWebSafe(secret));
  const hashedSignature = makeWebSafe(encodeBase64Hash(safeSecret, uri.path));
  return url.format(uri) + '&signature=' + hashedSignature;
}
Joshua Pinter
  • 45,245
  • 23
  • 243
  • 245
1

Google doesn't recommend signing URLs using JavaScript because it expose cryptographic key to users.

You can see in this link:

https://developers.google.com/maps/documentation/business/faq#signature_jses

Sadiel
  • 1,344
  • 3
  • 18
  • 33
1

If you mean you have a Javascript server (NodeJS/Meteor) and want to get the signed URLs, I use this package.

https://github.com/temsa/qs-google-signature

Turbo
  • 392
  • 4
  • 11