curl -v -X POST https://service-g4ip1f54-1253285064.gz.apigw.tencentcs.com/release/qxt_phone_status/ ?mobile=-H 'Host:service-g4ip1f54-1253285064.gz.apigw.tencentcs.com' -H 'Source:source' -H 'Date:Mon, 19 Mar 2018 12:08:40 GMT' -H 'Authorization:hmac id = "AKIDi6qE41WgJ9w8h4h9zq68Vq24d1beIuN0qIwU", algorithm = "hmac-sha1", headers = "date source", signature = yMCxXNytW5nvVGNZ8aBtRxmiLJ4=' -H 'X-Requested-With:XMLHttpRequest' //请用云市场分配给您的密钥计算签名并放入请求头,Date为当前的GMT时间
package main import ( "crypto/hmac" "crypto/sha1" "encoding/base64" "fmt" "io" "io/ioutil" "net/http" gourl "net/url" "strings" "time" ) func calcAuthorization(source string, secretId string, secretKey string) (auth string, datetime string, err error) { timeLocation, _ := time.LoadLocation("Etc/GMT") datetime = time.Now().In(timeLocation).Format("Mon, 02 Jan 2006 15:04:05 GMT") signStr := fmt.Sprintf("x-date: %s\nx-source: %s", datetime, source) // hmac-sha1 mac := hmac.New(sha1.New, []byte(secretKey)) mac.Write([]byte(signStr)) sign := base64.StdEncoding.EncodeToString(mac.Sum(nil)) auth = fmt.Sprintf("hmac id=\"%s\", algorithm=\"hmac-sha1\", headers=\"x-date x-source\", signature=\"%s\"", secretId, sign) return auth, datetime, nil } func urlencode(params map[string]string) string { var p = gourl.Values{} for k, v := range params { p.Add(k, v) } return p.Encode() } func main() { // 云市场分配的密钥Id secretId := "xxxx" // 云市场分配的密钥Key secretKey := "xxxx" source := "market" // 签名 auth, datetime, _ := calcAuthorization(source, secretId, secretKey) // 请求方法 method := "POST" // 请求头 headers := map[string]string{"X-Source": source, "X-Date": datetime, "Authorization": auth} // 查询参数 queryParams := make(map[string]string) queryParams["mobile"] = "" // body参数 bodyParams := make(map[string]string) // url参数拼接 url := "https://service-g4ip1f54-1253285064.gz.apigw.tencentcs.com/release/qxt_phone_status/" if len(queryParams) > 0 { url = fmt.Sprintf("%s?%s", url, urlencode(queryParams)) } bodyMethods := map[string]bool{"POST": true, "PUT": true, "PATCH": true} var body io.Reader = nil if bodyMethods[method] { body = strings.NewReader(urlencode(bodyParams)) headers["Content-Type"] = "application/x-www-form-urlencoded" } client := &http.Client{ Timeout: 5 * time.Second, } request, err := http.NewRequest(method, url, body) if err != nil { panic(err) } for k, v := range headers { request.Header.Set(k, v) } response, err := client.Do(request) if err != nil { panic(err) } defer response.Body.Close() bodyBytes, err := ioutil.ReadAll(response.Body) if err != nil { panic(err) } fmt.Println(string(bodyBytes)) }
import java.io.BufferedReader; import java.io.DataOutputStream; import java.io.InputStreamReader; import java.io.UnsupportedEncodingException; import java.net.HttpURLConnection; import java.net.URL; import java.net.URLEncoder; import java.security.InvalidKeyException; import java.security.Key; import java.security.NoSuchAlgorithmException; import java.text.SimpleDateFormat; import java.util.Calendar; import java.util.HashMap; import java.util.Locale; import java.util.Map; import java.util.TimeZone; import javax.crypto.Mac; import javax.crypto.spec.SecretKeySpec; import sun.misc.BASE64Encoder; class Demo { public static String calcAuthorization(String source, String secretId, String secretKey, String datetime) throws NoSuchAlgorithmException, UnsupportedEncodingException, InvalidKeyException { String signStr = "x-date: " + datetime + "\n" + "x-source: " + source; Mac mac = Mac.getInstance("HmacSHA1"); Key sKey = new SecretKeySpec(secretKey.getBytes("UTF-8"), mac.getAlgorithm()); mac.init(sKey); byte[] hash = mac.doFinal(signStr.getBytes("UTF-8")); String sig = new BASE64Encoder().encode(hash); String auth = "hmac id=\"" + secretId + "\", algorithm=\"hmac-sha1\", headers=\"x-date x-source\", signature=\"" + sig + "\""; return auth; } public static String urlencode(Map<?, ?> map) throws UnsupportedEncodingException { StringBuilder sb = new StringBuilder(); for (Map.Entry<?, ?> entry : map.entrySet()) { if (sb.length() > 0) { sb.append("&"); } sb.append(String.format("%s=%s", URLEncoder.encode(entry.getKey().toString(), "UTF-8"), URLEncoder.encode(entry.getValue().toString(), "UTF-8") )); } return sb.toString(); } public static void main(String[] args) throws NoSuchAlgorithmException, UnsupportedEncodingException, InvalidKeyException { //云市场分配的密钥Id String secretId = "xxxx"; //云市场分配的密钥Key String secretKey = "xxxx"; String source = "market"; Calendar cd = Calendar.getInstance(); SimpleDateFormat sdf = new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss 'GMT'", Locale.US); sdf.setTimeZone(TimeZone.getTimeZone("GMT")); String datetime = sdf.format(cd.getTime()); // 签名 String auth = calcAuthorization(source, secretId, secretKey, datetime); // 请求方法 String method = "POST"; // 请求头 Map<String, String> headers = new HashMap<String, String>(); headers.put("X-Source", source); headers.put("X-Date", datetime); headers.put("Authorization", auth); // 查询参数 Map<String, String> queryParams = new HashMap<String, String>(); queryParams.put("mobile",""); // body参数 Map<String, String> bodyParams = new HashMap<String, String>(); // url参数拼接 String url = "https://service-g4ip1f54-1253285064.gz.apigw.tencentcs.com/release/qxt_phone_status/"; if (!queryParams.isEmpty()) { url += "?" + urlencode(queryParams); } BufferedReader in = null; try { URL realUrl = new URL(url); HttpURLConnection conn = (HttpURLConnection) realUrl.openConnection(); conn.setConnectTimeout(5000); conn.setReadTimeout(5000); conn.setRequestMethod(method); // request headers for (Map.Entry<String, String> entry : headers.entrySet()) { conn.setRequestProperty(entry.getKey(), entry.getValue()); } // request body Map<String, Boolean> methods = new HashMap<>(); methods.put("POST", true); methods.put("PUT", true); methods.put("PATCH", true); Boolean hasBody = methods.get(method); if (hasBody != null) { conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded"); conn.setDoOutput(true); DataOutputStream out = new DataOutputStream(conn.getOutputStream()); out.writeBytes(urlencode(bodyParams)); out.flush(); out.close(); } // 定义 BufferedReader输入流来读取URL的响应 in = new BufferedReader(new InputStreamReader(conn.getInputStream())); String line; String result = ""; while ((line = in.readLine()) != null) { result += line; } System.out.println(result); } catch (Exception e) { System.out.println(e); e.printStackTrace(); } finally { try { if (in != null) { in.close(); } } catch (Exception e2) { e2.printStackTrace(); } } } }
/** * npm install crypto-js request */ var CryptoJS = require("crypto-js"); var request = require('request'); var querystring = require('querystring'); // 云市场分配的密钥Id var secretId = "xxx"; // 云市场分配的密钥Key var secretKey = "xxx"; var source = "market"; // 签名 var datetime = (new Date()).toGMTString(); var signStr = "x-date: " + datetime + "\n" + "x-source: " + source; var sign = CryptoJS.enc.Base64.stringify(CryptoJS.HmacSHA1(signStr, secretKey)) var auth = 'hmac id="' + secretId + '", algorithm="hmac-sha1", headers="x-date x-source", signature="' + sign + '"'; // 请求方法 var method = "POST"; // 请求头 var headers = { "X-Source": source, "X-Date": datetime, "Authorization": auth, } // 查询参数 var queryParams = { "mobile": ""} // body参数(POST方法下) var bodyParams = { } // url参数拼接 var url = "https://service-g4ip1f54-1253285064.gz.apigw.tencentcs.com/release/qxt_phone_status/"; if (Object.keys(queryParams).length > 0) { url += '?' + querystring.stringify(queryParams); } var options = { url: url, timeout: 5000, method: method, headers: headers } if (['POST', 'PUT', 'PATCH'].indexOf(method) != -1) { options['body'] = querystring.stringify(bodyParams); options['headers']['Content-Type'] = "application/x-www-form-urlencoded"; } request(options, function (error, response, body) { if (error !== null) { console.log('error:', error); return; } console.log(body); });
<?php // 云市场分配的密钥Id $secretId = 'xxxx'; // 云市场分配的密钥Key $secretKey = 'xxxx'; $source = 'market'; // 签名 $datetime = gmdate('D, d M Y H:i:s T'); $signStr = sprintf("x-date: %s\nx-source: %s", $datetime, $source); $sign = base64_encode(hash_hmac('sha1', $signStr, $secretKey, true)); $auth = sprintf('hmac id="%s", algorithm="hmac-sha1", headers="x-date x-source", signature="%s"', $secretId, $sign); // 请求方法 $method = 'POST'; // 请求头 $headers = array( 'X-Source' => $source, 'X-Date' => $datetime, 'Authorization' => $auth, ); // 查询参数 $queryParams = array ( 'mobile' => '', ); // body参数(POST方法下) $bodyParams = array ( ); // url参数拼接 $url = 'https://service-g4ip1f54-1253285064.gz.apigw.tencentcs.com/release/qxt_phone_status/'; if (count($queryParams) > 0) { $url .= '?' . http_build_query($queryParams); } $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_TIMEOUT, 60); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method); curl_setopt($ch, CURLOPT_HTTPHEADER, array_map(function ($v, $k) { return $k . ': ' . $v; }, array_values($headers), array_keys($headers))); if (in_array($method, array('POST', 'PUT', 'PATCH'), true)) { curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($bodyParams)); } $data = curl_exec($ch); if (curl_errno($ch)) { echo "Error: " . curl_error($ch); } else { print_r($data); } curl_close($ch);
# -*- coding: utf-8 -*- from __future__ import print_function import ssl, hmac, base64, hashlib from datetime import datetime as pydatetime try: from urllib import urlencode from urllib2 import Request, urlopen except ImportError: from urllib.parse import urlencode from urllib.request import Request, urlopen # 云市场分配的密钥Id secretId = "xxxx" # 云市场分配的密钥Key secretKey = "xxxx" source = "market" # 签名 datetime = pydatetime.utcnow().strftime('%a, %d %b %Y %H:%M:%S GMT') signStr = "x-date: %s\nx-source: %s" % (datetime, source) sign = base64.b64encode(hmac.new(secretKey.encode('utf-8'), signStr.encode('utf-8'), hashlib.sha1).digest()) auth = 'hmac id="%s", algorithm="hmac-sha1", headers="x-date x-source", signature="%s"' % (secretId, sign.decode('utf-8')) # 请求方法 method = 'POST' # 请求头 headers = { 'X-Source': source, 'X-Date': datetime, 'Authorization': auth, } # 查询参数 queryParams = { "mobile": ""} # body参数(POST方法下存在) bodyParams = { } # url参数拼接 url = 'https://service-g4ip1f54-1253285064.gz.apigw.tencentcs.com/release/qxt_phone_status/' if len(queryParams.keys()) > 0: url = url + '?' + urlencode(queryParams) request = Request(url, headers=headers) request.get_method = lambda: method if method in ('POST', 'PUT', 'PATCH'): request.data = urlencode(bodyParams).encode('utf-8') request.add_header('Content-Type', 'application/x-www-form-urlencoded') ctx = ssl.create_default_context() ctx.check_hostname = False ctx.verify_mode = ssl.CERT_NONE response = urlopen(request, context=ctx) content = response.read() if content: print(content.decode('utf-8'))
using System.IO; using System.Text; using System.Net; using System.Net.Security; using System.Security.Cryptography; using System.Security.Cryptography.X509Certificates; using System; public class CsharpTest { public static String HMACSHA1Text(String EncryptText, String EncryptKey) { HMACSHA1 hmacsha1 = new HMACSHA1(); hmacsha1.Key = System.Text.Encoding.UTF8.GetBytes(EncryptKey); byte[] dataBuffer = System.Text.Encoding.UTF8.GetBytes(EncryptText); byte[] hashBytes = hmacsha1.ComputeHash(dataBuffer); return Convert.ToBase64String(hashBytes); } public static void Main(String[] args) { String url = "https://service-g4ip1f54-1253285064.gz.apigw.tencentcs.com/release/qxt_phone_status/"; String method = "POST"; String querys = "mobile="; String postData = ""; //云市场分配的密钥Id String secretId = "xxxx"; //云市场分配的密钥Key String secretKey = "xxxx"; String source = "market"; String dt = DateTime.UtcNow.GetDateTimeFormats('r')[0]; url = url + "?" + querys; String signStr = "x-date: " + dt + "\n" + "x-source: " + source; String sign = HMACSHA1Text(signStr, secretKey); String auth = "hmac id=\"" + secretId + "\", algorithm=\"hmac-sha1\", headers=\"x-date x-source\", signature=\""; auth = auth + sign + "\""; HttpWebRequest httpRequest = null; HttpWebResponse httpResponse = null; if (url.Contains("https://")) { ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(CheckValidationResult); httpRequest = (HttpWebRequest)WebRequest.CreateDefault(new Uri(url)); } else { httpRequest = (HttpWebRequest)WebRequest.Create(url); } httpRequest.Method = method; httpRequest.ContentLength = postData.Length; httpRequest.ContentType = "application/x-www-form-urlencoded"; httpRequest.Headers.Add("Authorization", auth); httpRequest.Headers.Add("X-Source", source); httpRequest.Headers.Add("X-Date", dt); httpRequest.GetRequestStream().Write(System.Text.Encoding.ASCII.GetBytes(postData), 0, postData.Length); try { httpResponse = (HttpWebResponse)httpRequest.GetResponse(); } catch (WebException ex) { httpResponse = (HttpWebResponse)ex.Response; } Console.WriteLine(httpResponse.StatusCode); Console.WriteLine(httpResponse.Headers); Stream st = httpResponse.GetResponseStream(); StreamReader reader = new StreamReader(st, Encoding.GetEncoding("utf-8")); Console.WriteLine(reader.ReadToEnd()); Console.WriteLine("\n"); } public static bool CheckValidationResult(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors errors) { return true; } }