认证 | 大装置帮助中心
跳到主要内容

认证

服务端使用 HMAC 方式进行身份认证,需要在请求Header中额外添加两个字段 X-DateAuthorization

curl https://management.sensecoreapi.cn/network/eip/v1/subscriptions/{subscription_name}/resourceGroups/{resource_group_name}/zones/{zone}/eips \
-H 'X-Date: Wed, 26 Jul 2023 11:36:03 GMT' \
-H 'Authorization: hmac accesskey="xxx", algorithm="hmac-sha256", headers="x-date", signature="m4b9mgep/FTiwTFutiqbwsemCjYxv3SUN9YZO7ZvKFc="' \
...

用户需要先从SenseCore的控制台首页获取AccessKey和SecretKey,然后通过如下方式计算上述两个字段的值。

bash/shell 示例

access_key='YOUR ACCESS KEY'
secret_key='YOUR SECRET KEy'

xdate=$(date -u +"%a, %d %b %Y %H:%M:%S GMT")
data="x-date: ${xdate}"

sign=$(echo -n "$data" | openssl dgst -sha256 -hmac "$secret_key" -binary | base64)
auth="hmac accesskey=\"${access_key}\", algorithm=\"hmac-sha256\", headers=\"x-date\", signature=\"${sign}\""

echo "X-Date: $xdate"
echo "Authorization: $auth"

python 示例

import hmac
import base64
from hashlib import sha256
from datetime import datetime
from time import mktime
from wsgiref.handlers import format_date_time


def gen_auth_header(access_key: str, secret_key: str):
xdate = format_date_time(mktime(datetime.now().timetuple()))
data = f'x-date: {xdate}'

key = secret_key.encode('utf-8')
data = data.encode('utf-8')
sign = base64.b64encode(hmac.new(key, data, digestmod=sha256).digest()).decode('utf-8')

auth = f'hmac accesskey="{access_key}", algorithm="hmac-sha256", headers="x-date", signature="{sign}"'

return {
"X-Date": xdate,
"Authorization": auth,
}