前言
使用百度雲產品,文檔中,需要生成認證簽名.
代碼
- 調用百度雲接口,需要在headers中添加簽名(X-Bce-Signature字段)
- 以真人度查詢接口為例 (http://rtbasia.api.bdymkt.com/ipscore/query)
- 百度雲生成認證字符串文檔
const apiUrl = `http://rtbasia.api.bdymkt.com/ipscore/query?ip=${ip}`;
const headers = {
'X-Bce-Signature': getAuthString(accessKeyId, AppSecret,'/ipscore/query', ip, 'rtbasia.api.bdymkt.com'),
'Host': 'rtbasia.api.bdymkt.com',
'ContentType': 'application/json'
};
function getAuthString(ak, sk, path, ip, host) {
// 1
const accessKeyId = ak;
const AppSecret = sk;
const timestamp = new Date().toISOString().replace(/\.\d*/, '');
// const timestamp = '2020-04-10T01:41:45Z';
const expirationPeriodInSeconds = 100;
let authStringPrefix = `bce-auth-v1/${accessKeyId}/${timestamp}/${expirationPeriodInSeconds}`;
// 2
let Method = 'POST';
let CanonicalURI = path;
let CanonicalQueryString = 'ip=' + ip;
let CanonicalHeaders = 'host:'+ host;
let CanonicalRequest = Method + '\n' + CanonicalURI + '\n' + CanonicalQueryString + '\n' + CanonicalHeaders;
CanonicalRequest = decodeURI(CanonicalRequest);
let signedHeaders = 'host'; // 可根據Header部分確定簽名頭域(signedHeaders)。簽名頭域是指簽名算法中涉及到的HTTP頭域列表。
// 3
let SigningKey = crypto
.createHmac('sha256', AppSecret) //你的secret
.update(authStringPrefix)
.digest()
.toString('hex');
// 4
let Signature = crypto
.createHmac('sha256', SigningKey) //你的secret
.update(CanonicalRequest)
.digest()
.toString('hex');
// 5
let authorization = `${authStringPrefix}/${signedHeaders}/${Signature}`;
// 打印變量 可對比 百度雲在線簽名生成 輸出,找到錯誤
console.log('1', authStringPrefix);
console.log('2', CanonicalRequest);
console.log('3', SigningKey);
console.log('4', Signature);
console.log('5', authorization);
return authorization;
}