【发布时间】:2021-10-31 15:44:32
【问题描述】:
我正在为 API 创建一个 ruby 包装器,但他们似乎使用了 Faraday 不支持的某种奇怪的授权,所以看来我必须创建自己的函数来生成它.他们的网站上有这个
您的 API 凭证包含一个公共客户端标识符 (UUIDv4) 和一个密钥(32 字节,交付 base64 编码)。组织级别的请求身份验证使用 Amazon 样式的 HMAC 完成
还有这个
Content-MD5: base64(md5(body)), RFC 1864 (binary md5)
Content-Type: 'application/json'
Date: 'Mon, 07 Dec 2015 22:57:52 +0200' (RFC 2822)
Authorization: 'Success ' + client_identifier + ':' +
base64(
sha512_hmac( // returned as binary
join(
'\n', // unix newline, not the 2 character string
[
http_verb, // 'POST' / 'GET' / etc.
Content-MD5, // Same as header above. Include even for empty string body.
Content-Type, // Same as header above. Can be empty.
Date, // Same as header above.
http_path // '/api/v1/document/?foo=bar'
]
),
key // in binary, remember to decode base64
)
)
现在我已经设法构建了一个非常混乱的函数,如下所示
def create_authorization_header(path, payload)
date = Date.today.rfc2822
md5_file = Digest::MD5.hexdigest(payload)
content_md5 = Base64.strict_encode64(md5_file)
digest = OpenSSL::Digest.new('sha512')
autorization_header = "GET " + content_md5 + " application/json " + date + path
autorization_header_enc = 'Success '+ identifier + ':' + Base64.strict_encode64(OpenSSL::HMAC.digest(digest, api_key, autorization_header))
connection.headers['Authorization'] = autorization_header_enc
connection.headers['Content-MD5'] = content_md5
connection.headers['Content-type'] = "application/json"
connection.headers['Date'] = date
end
但这似乎不起作用,我找不到我缺少的东西。关于这里可能有什么问题的任何建议?
【问题讨论】: