认证
服务端使用 HMAC 方式进行身份认证,需要在请求Header中额外添加两个字段 X-Date 和 Authorization。
curl https://management.sensecoreapi.cn/network/vpc/v1/subscriptions/{subscription_name}/resourceGroups/{resource_group_name}/zones/{zone}/vpcs \
-H 'X-Date: Wed, 26 Jul 2023 11:36:03 GMT' \
-H 'Authorization: hmac accesskey="xxx", algorithm="hmac-sha256", headers="x-date", signature="m4b9mgep/FTiwTFutiqbwsemCjYxv3SUN9YZO7ZvKFc="' \
...
用户需要先从SenseCore的控制台首页获取AccessKey和SecretKey,然后通过如下方式计算上述两个字段的值。
bash/shell 示例
access_key='YOUR ACCESS KEY'
secret_key='YOUR SECRET KEy'
xdate=$(date -u +"%a, %d %b %Y %H:%M:%S GMT")
data="x-date: ${xdate}"
sign=$(echo -n "$data" | openssl dgst -sha256 -hmac "$secret_key" -binary | base64)
auth="hmac accesskey=\"${access_key}\", algorithm=\"hmac-sha256\", headers=\"x-date\", signature=\"${sign}\""
echo "X-Date: $xdate"
echo "Authorization: $auth"
python 示例
import hmac
import base64
from hashlib import sha256
from datetime import datetime
from time import mktime
from wsgiref.handlers import format_date_time
def gen_auth_header(access_key: str, secret_key: str):
xdate = format_date_time(mktime(datetime.now().timetuple()))
data = f'x-date: {xdate}'
key = secret_key.encode('utf-8')
data = data.encode('utf-8')
sign = base64.b64encode(hmac.new(key, data, digestmod=sha256).digest()).decode('utf-8')
auth = f'hmac accesskey="{access_key}", algorithm="hmac-sha256", headers="x-date", signature="{sign}"'
return {
"X-Date": xdate,
"Authorization": auth,
}