京东云

京东云视频处理签名认证

Posted by Liangjf on June 29, 2019

京东云视频处理签名认证

https://docs.jdcloud.com/cn/object-storage-service/user-signature-authentication

用户可以在HTTP请求中增加 Authorization 的Header来包含签名(Signature)信息,表明这个消息已被授权。

Authorization字段计算的方法

Authorization ="jingdong" + " " + AccessKey + ":" + Signature;
Signature =base64(HMAC-SHA1(AccessKeySecret, UTF-8-Encoding-Of( StringToSign ) ) )
StringToSign =HTTP-Verb + "\n"
                       + Content-MD5 + "\n"
                       + Content-Type + "\n"
                       + Date + "\n"
                       + CanonicalizedHeaders
                       + CanonicalizedResource;

计算签名头规则

  • 签名的字符串必须为UTF-8格式
  • 签名的方法用RFC 2104中定义的HMAC-SHA1方法
  • Content-Type 和 Content-MD5 在请求中不是必须的,但是如果请求需要签名验证,空值的话以空字符串代替

代码实现

func CalAuthorization() string {
    GMT_Time := "Thu, 27 Jun 2019 13:14:30 GMT"

    AccessKey := "你的AccessKey"
    AccessKeySecret := "你的AccessKeySecret"
    StringToSign := "PUT\n" +
        ""+"\n" +
        "napplication/json\n" +
        GMT_Time + "\n" +
        "/public-test/test.mp4"

    //mac-sha1
    key := []byte(AccessKeySecret)
    mac := hmac.New(sha1.New, key)
    mac.Write([]byte(StringToSign))

    //base64
    Signature := base64.StdEncoding.EncodeToString(mac.Sum(nil))

    Authorization := "jingdong" + " " + AccessKey + ":" + Signature

    return Authorization
}