curl -v -X GET https://service-o4s205fk-1302737941.gz.apigw./release/verify/ccardnoverify4 ?cardno=&certcode=&mobile=&name=-H 'Host:service-o4s205fk-1302737941.gz.apigw.' -H 'Source:source' -H 'Date:Mon, 19 Mar 2018 12:08:40 GMT' -H 'Authorization:hmac id = "AKIDi6qE41WgJ9w8h4h9zq68Vq24d1beIuN0qIwU", algorithm = "hmac-sha1", headers = "date source", signature = yMCxXNytW5nvVGNZ8aBtRxmiLJ4=' -H 'X-Requested-With:XMLHttpRequest'
//请用云市场分配给您的密钥计算签名并放入请求头,Date为当前的GMT时间
package main
import (
"crypto/hmac"
"crypto/sha1"
"encoding/base64"
"fmt"
"io"
"io/ioutil"
"net/http"
gourl "net/url"
"strings"
"time"
)
func calcAuthorization(source string, secretId string, secretKey string) (auth string, datetime string, err error) {
timeLocation, _ := time.LoadLocation("Etc/GMT")
datetime = time.Now().In(timeLocation).Format("Mon, 02 Jan 2006 15:04:05 GMT")
signStr := fmt.Sprintf("x-date: %s\nx-source: %s", datetime, source)
// hmac-sha1
mac := hmac.New(sha1.New, []byte(secretKey))
mac.Write([]byte(signStr))
sign := base64.StdEncoding.EncodeToString(mac.Sum(nil))
auth = fmt.Sprintf("hmac id=\"%s\", algorithm=\"hmac-sha1\", headers=\"x-date x-source\", signature=\"%s\"",
secretId, sign)
return auth, datetime, nil
}
func urlencode(params map[string]string) string {
var p = gourl.Values{}
for k, v := range params {
p.Add(k, v)
}
return p.Encode()
}
func main() {
// 云市场分配的密钥Id
secretId := "xxxx"
// 云市场分配的密钥Key
secretKey := "xxxx"
source := "market"
// 签名
auth, datetime, _ := calcAuthorization(source, secretId, secretKey)
// 请求方法
method := "GET"
// 请求头
headers := map[string]string{"X-Source": source, "X-Date": datetime, "Authorization": auth}
// 查询参数
queryParams := make(map[string]string)
queryParams["cardno"] = ""
queryParams["certcode"] = ""
queryParams["mobile"] = ""
queryParams["name"] = ""
// body参数
bodyParams := make(map[string]string)
// url参数拼接
url := "https://service-o4s205fk-1302737941.gz.apigw./release/verify/ccardnoverify4"
if len(queryParams) > 0 {
url = fmt.Sprintf("%s?%s", url, urlencode(queryParams))
}
bodyMethods := map[string]bool{"POST": true, "PUT": true, "PATCH": true}
var body io.Reader = nil
if bodyMethods[method] {
body = strings.NewReader(urlencode(bodyParams))
headers["Content-Type"] = "application/x-www-form-urlencoded"
}
client := &http.Client{
Timeout: 5 * time.Second,
}
request, err := http.NewRequest(method, url, body)
if err != nil {
panic(err)
}
for k, v := range headers {
request.Header.Set(k, v)
}
response, err := client.Do(request)
if err != nil {
panic(err)
}
defer response.Body.Close()
bodyBytes, err := ioutil.ReadAll(response.Body)
if err != nil {
panic(err)
}
fmt.Println(string(bodyBytes))
}
import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.text.SimpleDateFormat;
import java.util.Calendar;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import java.util.TimeZone;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import sun.misc.BASE64Encoder;
class Demo {
public static String calcAuthorization(String source, String secretId, String secretKey, String datetime)
throws NoSuchAlgorithmException, UnsupportedEncodingException, InvalidKeyException {
String signStr = "x-date: " + datetime + "\n" + "x-source: " + source;
Mac mac = Mac.getInstance("HmacSHA1");
Key sKey = new SecretKeySpec(secretKey.getBytes("UTF-8"), mac.getAlgorithm());
mac.init(sKey);
byte[] hash = mac.doFinal(signStr.getBytes("UTF-8"));
String sig = new BASE64Encoder().encode(hash);
String auth = "hmac id=\"" + secretId + "\", algorithm=\"hmac-sha1\", headers=\"x-date x-source\", signature=\"" + sig + "\"";
return auth;
}
public static String urlencode(Map<?, ?> map) throws UnsupportedEncodingException {
StringBuilder sb = new StringBuilder();
for (Map.Entry<?, ?> entry : map.entrySet()) {
if (sb.length() > 0) {
sb.append("&");
}
sb.append(String.format("%s=%s",
URLEncoder.encode(entry.getKey().toString(), "UTF-8"),
URLEncoder.encode(entry.getValue().toString(), "UTF-8")
));
}
return sb.toString();
}
public static void main(String[] args) throws NoSuchAlgorithmException, UnsupportedEncodingException, InvalidKeyException {
//云市场分配的密钥Id
String secretId = "xxxx";
//云市场分配的密钥Key
String secretKey = "xxxx";
String source = "market";
Calendar cd = Calendar.getInstance();
SimpleDateFormat sdf = new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss 'GMT'", Locale.US);
sdf.setTimeZone(TimeZone.getTimeZone("GMT"));
String datetime = sdf.format(cd.getTime());
// 签名
String auth = calcAuthorization(source, secretId, secretKey, datetime);
// 请求方法
String method = "GET";
// 请求头
Map<String, String> headers = new HashMap<String, String>();
headers.put("X-Source", source);
headers.put("X-Date", datetime);
headers.put("Authorization", auth);
// 查询参数
Map<String, String> queryParams = new HashMap<String, String>();
queryParams.put("cardno","");
queryParams.put("certcode","");
queryParams.put("mobile","");
queryParams.put("name","");
// body参数
Map<String, String> bodyParams = new HashMap<String, String>();
// url参数拼接
String url = "https://service-o4s205fk-1302737941.gz.apigw./release/verify/ccardnoverify4";
if (!queryParams.isEmpty()) {
url += "?" + urlencode(queryParams);
}
BufferedReader in = null;
try {
URL realUrl = new URL(url);
HttpURLConnection conn = (HttpURLConnection) realUrl.openConnection();
conn.setConnectTimeout(5000);
conn.setReadTimeout(5000);
conn.setRequestMethod(method);
// request headers
for (Map.Entry<String, String> entry : headers.entrySet()) {
conn.setRequestProperty(entry.getKey(), entry.getValue());
}
// request body
Map<String, Boolean> methods = new HashMap<>();
methods.put("POST", true);
methods.put("PUT", true);
methods.put("PATCH", true);
Boolean hasBody = methods.get(method);
if (hasBody != null) {
conn.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
conn.setDoOutput(true);
DataOutputStream out = new DataOutputStream(conn.getOutputStream());
out.writeBytes(urlencode(bodyParams));
out.flush();
out.close();
}
// 定义 BufferedReader输入流来读取URL的响应
in = new BufferedReader(new InputStreamReader(conn.getInputStream()));
String line;
String result = "";
while ((line = in.readLine()) != null) {
result += line;
}
System.out.println(result);
} catch (Exception e) {
System.out.println(e);
e.printStackTrace();
} finally {
try {
if (in != null) {
in.close();
}
} catch (Exception e2) {
e2.printStackTrace();
}
}
}
}
/**
* npm install crypto-js request
*/
var CryptoJS = require("crypto-js");
var request = require('request');
var querystring = require('querystring');
// 云市场分配的密钥Id
var secretId = "xxx";
// 云市场分配的密钥Key
var secretKey = "xxx";
var source = "market";
// 签名
var datetime = (new Date()).toGMTString();
var signStr = "x-date: " + datetime + "\n" + "x-source: " + source;
var sign = CryptoJS.enc.Base64.stringify(CryptoJS.HmacSHA1(signStr, secretKey))
var auth = 'hmac id="' + secretId + '", algorithm="hmac-sha1", headers="x-date x-source", signature="' + sign + '"';
// 请求方法
var method = "GET";
// 请求头
var headers = {
"X-Source": source,
"X-Date": datetime,
"Authorization": auth,
}
// 查询参数
var queryParams = {
"cardno": "",
"certcode": "",
"mobile": "",
"name": ""}
// body参数(POST方法下)
var bodyParams = {
}
// url参数拼接
var url = "https://service-o4s205fk-1302737941.gz.apigw./release/verify/ccardnoverify4";
if (Object.keys(queryParams).length > 0) {
url += '?' + querystring.stringify(queryParams);
}
var options = {
url: url,
timeout: 5000,
method: method,
headers: headers
}
if (['POST', 'PUT', 'PATCH'].indexOf(method) != -1) {
options['body'] = querystring.stringify(bodyParams);
options['headers']['Content-Type'] = "application/x-www-form-urlencoded";
}
request(options, function (error, response, body) {
if (error !== null) {
console.log('error:', error);
return;
}
console.log(body);
});
<?php
// 云市场分配的密钥Id
$secretId = 'xxxx';
// 云市场分配的密钥Key
$secretKey = 'xxxx';
$source = 'market';
// 签名
$datetime = gmdate('D, d M Y H:i:s T');
$signStr = sprintf("x-date: %s\nx-source: %s", $datetime, $source);
$sign = base64_encode(hash_hmac('sha1', $signStr, $secretKey, true));
$auth = sprintf('hmac id="%s", algorithm="hmac-sha1", headers="x-date x-source", signature="%s"', $secretId, $sign);
// 请求方法
$method = 'GET';
// 请求头
$headers = array(
'X-Source' => $source,
'X-Date' => $datetime,
'Authorization' => $auth,
);
// 查询参数
$queryParams = array (
'cardno' => '',
'certcode' => '',
'mobile' => '',
'name' => '',
);
// body参数(POST方法下)
$bodyParams = array (
);
// url参数拼接
$url = 'https://service-o4s205fk-1302737941.gz.apigw./release/verify/ccardnoverify4';
if (count($queryParams) > 0) {
$url .= '?' . http_build_query($queryParams);
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 60);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method);
curl_setopt($ch, CURLOPT_HTTPHEADER, array_map(function ($v, $k) {
return $k . ': ' . $v;
}, array_values($headers), array_keys($headers)));
if (in_array($method, array('POST', 'PUT', 'PATCH'), true)) {
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($bodyParams));
}
$data = curl_exec($ch);
if (curl_errno($ch)) {
echo "Error: " . curl_error($ch);
} else {
print_r($data);
}
curl_close($ch);
# -*- coding: utf-8 -*-
from __future__ import print_function
import ssl, hmac, base64, hashlib
from datetime import datetime as pydatetime
try:
from urllib import urlencode
from urllib2 import Request, urlopen
except ImportError:
from urllib.parse import urlencode
from urllib.request import Request, urlopen
# 云市场分配的密钥Id
secretId = "xxxx"
# 云市场分配的密钥Key
secretKey = "xxxx"
source = "market"
# 签名
datetime = pydatetime.utcnow().strftime('%a, %d %b %Y %H:%M:%S GMT')
signStr = "x-date: %s\nx-source: %s" % (datetime, source)
sign = base64.b64encode(hmac.new(secretKey.encode('utf-8'), signStr.encode('utf-8'), hashlib.sha1).digest())
auth = 'hmac id="%s", algorithm="hmac-sha1", headers="x-date x-source", signature="%s"' % (secretId, sign.decode('utf-8'))
# 请求方法
method = 'GET'
# 请求头
headers = {
'X-Source': source,
'X-Date': datetime,
'Authorization': auth,
}
# 查询参数
queryParams = {
"cardno": "",
"certcode": "",
"mobile": "",
"name": ""}
# body参数(POST方法下存在)
bodyParams = {
}
# url参数拼接
url = 'https://service-o4s205fk-1302737941.gz.apigw./release/verify/ccardnoverify4'
if len(queryParams.keys()) > 0:
url = url + '?' + urlencode(queryParams)
request = Request(url, headers=headers)
request.get_method = lambda: method
if method in ('POST', 'PUT', 'PATCH'):
request.data = urlencode(bodyParams).encode('utf-8')
request.add_header('Content-Type', 'application/x-www-form-urlencoded')
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
response = urlopen(request, context=ctx)
content = response.read()
if content:
print(content.decode('utf-8'))
using System.IO;
using System.Text;
using System.Net;
using System.Net.Security;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System;
public class CsharpTest
{
public static String HMACSHA1Text(String EncryptText, String EncryptKey)
{
HMACSHA1 hmacsha1 = new HMACSHA1();
hmacsha1.Key = System.Text.Encoding.UTF8.GetBytes(EncryptKey);
byte[] dataBuffer = System.Text.Encoding.UTF8.GetBytes(EncryptText);
byte[] hashBytes = hmacsha1.ComputeHash(dataBuffer);
return Convert.ToBase64String(hashBytes);
}
public static void Main(String[] args)
{
String url = "https://service-o4s205fk-1302737941.gz.apigw./release/verify/ccardnoverify4";
String method = "GET";
String querys = "cardno=&certcode=&mobile=&name=";
String source = "market";
//云市场分配的密钥Id
String secretId = "xxx";
//云市场分配的密钥Key
String secretKey = "xxx";
String dt = DateTime.UtcNow.GetDateTimeFormats('r')[0];
url = url + "?" + querys;
String signStr = "x-date: " + dt + "\n" + "x-source: " + source;
String sign = HMACSHA1Text(signStr, secretKey);
String auth = "hmac id=\"" + secretId + "\", algorithm=\"hmac-sha1\", headers=\"x-date x-source\", signature=\"";
auth = auth + sign + "\"";
Console.WriteLine(auth + "\n");
HttpWebRequest httpRequest = null;
HttpWebResponse httpResponse = null;
if (url.Contains("https://"))
{
ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(CheckValidationResult);
httpRequest = (HttpWebRequest)WebRequest.CreateDefault(new Uri(url));
}
else
{
httpRequest = (HttpWebRequest)WebRequest.Create(url);
}
httpRequest.Method = method;
httpRequest.Headers.Add("Authorization", auth);
httpRequest.Headers.Add("X-Source", source);
httpRequest.Headers.Add("X-Date", dt);
try
{
httpResponse = (HttpWebResponse)httpRequest.GetResponse();
}
catch (WebException ex)
{
httpResponse = (HttpWebResponse)ex.Response;
}
Console.WriteLine(httpResponse.StatusCode);
Console.WriteLine(httpResponse.Headers);
Stream st = httpResponse.GetResponseStream();
StreamReader reader = new StreamReader(st, Encoding.GetEncoding("utf-8"));
Console.WriteLine(reader.ReadToEnd());
Console.WriteLine("\n");
}
public static bool CheckValidationResult(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors errors)
{
return true;
}
}
|