Google Static Maps API: URL Signature in JavaScript

Asked 6/3, 2013 at 23:1 Answered 16/12, 2018 at 23:14

How to generate valid signature in JavaScript, I do have a business Key and client id but not able to proceed for static maps api valid url signature, as I am calling this API using JavaScript and want to send the signature and client ID to have full utilization of my usage limits.

Galacto answered 6/3, 2013 at 23:1 Comment(1)

Did you ever resolve this? – Spencerspencerian 20/5, 2013 at 12:58

Here's a link to the sample Javascript (node.js) code that Google provides for signing the Static Maps URL in their documentation:

https://github.com/googlemaps/url-signing/blob/gh-pages/urlSigner.js

I've gone ahead and turned this code into a gmaps-url-signer node/npm module. This is how you can use it to sign a static maps URL with the gmaps-url-signer library:

const urlSigner = require('gmaps-url-signer');

const key = 'my_google_api_key';
const secret = 'my_static_maps_secret';
const domain = 'http://maps.googleapis.com';

// Path to your static map
let path = '/maps/api/staticmap?zoom=2&scale=1&size=350x250&maptype=terrain&format=png&visual_refresh=true';
path += `&key=${key}`;

console.log('Full signed URL:');
console.log(domain + urlSigner.sign(path, secret));

Monicamonie answered 11/10, 2018 at 13:45 Comment(0)

Google's URL Signing Samples

Includes samples for the following languages, including Node/JS:

Python
Java
Node/JS
PHP
C#
Perl
Ruby
VB.NET
Objective-C

For Node/JS it looks like this:

'use strict'

const crypto = require('crypto');
const url = require('url');

/**
 * Convert from 'web safe' base64 to true base64.
 *
 * @param  {string} safeEncodedString The code you want to translate
 *                                    from a web safe form.
 * @return {string}
 */
function removeWebSafe(safeEncodedString) {
  return safeEncodedString.replace(/-/g, '+').replace(/_/g, '/');
}

/**
 * Convert from true base64 to 'web safe' base64
 *
 * @param  {string} encodedString The code you want to translate to a
 *                                web safe form.
 * @return {string}
 */
function makeWebSafe(encodedString) {
  return encodedString.replace(/\+/g, '-').replace(/\//g, '_');
}

/**
 * Takes a base64 code and decodes it.
 *
 * @param  {string} code The encoded data.
 * @return {string}
 */
function decodeBase64Hash(code) {
  // "new Buffer(...)" is deprecated. Use Buffer.from if it exists.
  return Buffer.from ? Buffer.from(code, 'base64') : new Buffer(code, 'base64');
}

/**
 * Takes a key and signs the data with it.
 *
 * @param  {string} key  Your unique secret key.
 * @param  {string} data The url to sign.
 * @return {string}
 */
function encodeBase64Hash(key, data) {
  return crypto.createHmac('sha1', key).update(data).digest('base64');
}

/**
 * Sign a URL using a secret key.
 *
 * @param  {string} path   The url you want to sign.
 * @param  {string} secret Your unique secret key.
 * @return {string}
 */
function sign(path, secret) {
  const uri = url.parse(path);
  const safeSecret = decodeBase64Hash(removeWebSafe(secret));
  const hashedSignature = makeWebSafe(encodeBase64Hash(safeSecret, uri.path));
  return url.format(uri) + '&signature=' + hashedSignature;
}

Geraud answered 16/12, 2018 at 23:14 Comment(1)

is it avaiable for other algorithm as sha256? – Slowdown 15/12, 2022 at 5:4

Google doesn't recommend signing URLs using JavaScript because it expose cryptographic key to users.

You can see in this link:

https://developers.google.com/maps/documentation/business/faq#signature_jses

Lighten answered 9/12, 2013 at 17:11 Comment(0)

If you mean you have a Javascript server (NodeJS/Meteor) and want to get the signed URLs, I use this package.

https://github.com/temsa/qs-google-signature

Gilford answered 26/1, 2017 at 4:0 Comment(0)

Google's URL Signing Samples

Recommended topics

Hot tags