java - 我们计算的请求签名与您提供的签名不匹配,甚至创建的签名
问题描述
签名作为访问服务的授权传递时创建成功,面临类似我们计算的请求签名与您提供的签名不匹配的错误。
下面的类用于创建授权。请协助。
公共类规范{
//public static String authorization_header; public static String auth() throws Exception { //canonical string creation String currentDate = getDate(); String xAmzDate = getTimeStamp(); String region = "eu-west-1"; String serviceName ="execute-api"; String canonical_uri = "pathdetailsofservice"; URL url = new URL("endpointurl"); String req_query_string = orderQuery(url ); String canonical_querystring = req_query_string; String host ="dataservices.whssng.uk"; String method ="POST"; String ContentType ="application/json"; String canonical_headers = "host:" + host + "\n" + "x-amz-date:" + xAmzDate + "\n"; String signed_headers = "Content-Type;host;x-amz-date"; String secret_key ="secretkey"; String access_key ="accesskey"; String request_parameters = ""; String payload_hash = generateHex(request_parameters); String canonical_request = method + "\n" + canonical_uri + "\n" + ContentType+ "\n" + canonical_querystring + "\n" + canonical_headers + "\n" + signed_headers + "\n" + payload_hash; System.out.println("canonical_request"+"\n"+canonical_request); //Create String to Sign String algorithm = "AWS4-HMAC-SHA256"; String credential_scope = currentDate + "/" + region + "/" + serviceName + "/" + "aws4_request"; String hash_canonical_request = generateHex(canonical_request); String string_to_sign = algorithm + "\n" + xAmzDate + "\n" + credential_scope + "\n" + hash_canonical_request; System.out.println("string_to_sign"+"\n"+string_to_sign); ////Calculate the String to Sign byte[] signing_key = getSignatureKey(secret_key, xAmzDate, region, serviceName); byte[] signature =hmac_sha256(signing_key, string_to_sign); String strHexSignature = bytesToHex(signature); System.out.println("Signature:"+strHexSignature); //Add Signing information to Variable String authorization_header = algorithm + " " + "Credential=" + access_key + "/" + credential_scope + ", " + "SignedHeaders=" +
signed_headers + ", " + "Signature=" + strHexSignature; System.out.println("授权:"+authorization_header); 返回授权头;
} private static String generateHex(String data) { MessageDigest messageDigest; try { messageDigest = MessageDigest.getInstance("SHA-256"); messageDigest.update(data.getBytes("UTF-8")); byte[] digest = messageDigest.digest(); return String.format("%064x", new java.math.BigInteger(1, digest)); } catch (NoSuchAlgorithmException | UnsupportedEncodingException e) { e.printStackTrace(); } return null; } public static String getDate() { DateFormat dateFormat = new SimpleDateFormat("yyyyMMdd"); dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));//server timezone return dateFormat.format(new Date()); } public static String orderQuery(URL url) throws UnsupportedEncodingException { String orderQueryString = ""; Map<String, String> queryPairs = new LinkedHashMap<>(); String queryParams = url.getQuery(); if (queryParams != null) { String[] pairs = queryParams.split("&"); for (String pair : pairs) { int idx = pair.indexOf("="); queryPairs.put(URLDecoder.decode(pair.substring(0, idx), "UTF-8"), URLDecoder.decode(pair.substring(idx + 1), "UTF-8")); } TreeMap<String, String> orderQueryArray = new TreeMap<String, String>(queryPairs); orderQueryString = urlEncodeUTF8(orderQueryArray); } return orderQueryString; } public static String urlEncodeUTF8(String s) { try { return URLEncoder.encode(s, "UTF-8"); } catch (UnsupportedEncodingException e) { throw new UnsupportedOperationException(e); } } public static String urlEncodeUTF8(Map<?,?> map) { StringBuilder sb = new StringBuilder(); for (Map.Entry<?,?> entry : map.entrySet()) { if (sb.length() > 0) { sb.append("&"); } sb.append(String.format("%s=%s", urlEncodeUTF8(entry.getKey().toString()), urlEncodeUTF8(entry.getValue().toString()) )); } return sb.toString(); } public static String getTimeStamp() { DateFormat dateFormat = new SimpleDateFormat("yyyyMMdd'T'HHmmss'Z'"); dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));//server timezone return dateFormat.format(new Date()); } public static byte[] getSignatureKey(String key, String dateStamp, String regionName, String serviceName) throws Exception { byte[] kSecret = ("AWS4" + key).getBytes("UTF-8"); byte[] kDate = hmac_sha256(kSecret, dateStamp); byte[] kRegion = hmac_sha256(kDate, regionName); byte[] kService = hmac_sha256(kRegion, serviceName); byte[] kSigning = hmac_sha256(kService, "aws4_request"); return kSigning; } public static byte[] hmac_sha256(byte[] key, String data) throws InvalidKeyException, NoSuchAlgorithmException { Mac mac = Mac.getInstance("HmacSHA256"); SecretKeySpec secretKeySpec = new SecretKeySpec(key, "HmacSHA256"); mac.init(secretKeySpec); byte[] digest = mac.doFinal(data.getBytes()); return digest; } final protected static char[] hexArray = "0123456789ABCDEF".toCharArray(); private static String bytesToHex(byte[] bytes) { char[] hexChars = new char[bytes.length * 2]; for (int j = 0; j < bytes.length; j++) { int v = bytes[j] & 0xFF; hexChars[j * 2] = hexArray[v >>> 4]; hexChars[j * 2 + 1] = hexArray[v & 0x0F]; } return new String(hexChars).toLowerCase(); } }
解决方案
推荐阅读
- powerbi - PowerBI 可以用来从多个 SAP-BW 多维数据集生成报告吗?
- kubernetes - 我是否需要在客户端使用 istio sidecar 代理才能应用路由规则?
- java - EmbeddedActiveMQBroker 的依赖关系是什么?
- json - 使用身份验证为 Domino 数据创建自定义 JSON API
- google-chrome - 如何下载存储在我的 Chrome 扩展程序中的信息?
- python - 将数据框减少为唯一值和计数
- java - 设计代码以区别对待空集合和空值是好是坏?
- keras - 可能知道在 keras 模型中使用了哪些特征作为输入?
- javascript - 如何在 Google Chrome Cast V2 中更改音轨
- c# - ASP.Net Core Cookie 身份验证不是持久的