最終更新日:2022-03-01 18:00:49
The management credential accessToken
is used by cloud storage to verify the validity of the resource management interface request. This type of credential is recommended for use only at the business server side to avoid abuse due to accidental authorization.
SecretKey
)AccessKey
)Extract < path >
or < path > ? < query >
portion and ==< body > ==(i.e. HTTP Body) from the request URL, and join them using \n
to obtain signingStr
The 4 kinds of situations are as follows:
signingStr = "<path>?<query>\n"
Or signingStr = "<path>?<query>\n<body>"
Or signingStr = "<path>\n"
Or signingStr = "<path>\n<body>"
For example:
List Resources interface
<path>:/list
<query>:bucket=<Bucket>&marker=<Marker>&limit=<Limit>&prefix=<Urlsafe_Base64_Encoded_Prefix>&mode=<Mode>
<body>: None
Then signingStr = "/list?bucket=<Bucket>&marker=<Marker>&limit=<Limit>&prefix=<Urlsafe_Base64_Encoded_Prefix>&mode=<Mode>\n"
Audio/video processing (avthumb/vframe) interface
<path>:/fops
<body>:<RequestParams>, i.e. the corresponding request content
Then signingStr ="/fops\n<RequestParams>"
Use SecretKey
to provide HMAC-SHA1
signature for signingStr
to obtain Sign
Sign = hmac_sha1(signingStr,"<SecretKey>")
External resource: HMAC-SHA1 Signature
Sample code: HMAC-SHA1 Signature
Perform URL-Safe Base64 Encoding for the signature data Sign
to obtain encodeSign
encodeSign = urlsafe_base64_encode(Sign)
Join AccessKey
and encodeSign
using : to obtain the management credential accessToken
accessToken = < AccessKey >:< encodeSign >