Last update:2020-07-06 14:13:30
The management credential accessToken is used by cloud storage to verify the validity of the resource management interface request. This type of credential is recommended for use only at the business server side to avoid abuse due to accidental authorization.
Extract < path > or < path > ? < query > portion and ==< body > ==(i.e. HTTP Body) from the request URL, and join them using \n to obtain signingStr
The 4 kinds of situations are as follows:
signingStr = "<path>?<query>\n"
Or signingStr = "<path>?<query>\n<body>"
Or signingStr = "<path>\n"
Or signingStr = "<path>\n<body>"
For example:
List Resources interface
<path>:/list
<query>:bucket=<Bucket>&marker=<Marker>&limit=<Limit>&prefix=<Urlsafe_Base64_Encoded_Prefix>&mode=<Mode>
<body>: None
Then signingStr = "/list?bucket=<Bucket>&marker=<Marker>&limit=<Limit>&prefix=<Urlsafe_Base64_Encoded_Prefix>&mode=<Mode>\n"
Audio/video processing (avthumb/vframe) interface
<path>:/fops
<body>:<RequestParams>, i.e. the corresponding request content
Then signingStr ="/fops\n<RequestParams>"
Use SecretKey to provide HMAC-SHA1 signature for signingStr to obtain Sign
Sign = hmac_sha1(signingStr,"<SecretKey>")
External resource: HMAC-SHA1 Signature
Sample code: HMAC-SHA1 Signature
Perform URL-Safe Base64 Encoding for the signature data Sign to obtain encodeSign
encodeSign = urlsafe_base64_encode(Sign)
Join AccessKey and encodeSign using : to obtain the management credential accessToken
accessToken = < AccessKey >:< encodeSign >