Management Credential
최신 업데이트:2022-03-01 18:00:49
Description
The management credential accessToken is used by cloud storage to verify the validity of the resource management interface request. This type of credential is recommended for use only at the business server side to avoid abuse due to accidental authorization.
- Security Key (
SecretKey)
Please obtain the SK from the cloud storage platform key administrator. - Access Key (
AccessKey)
Please obtain the AK from the cloud storage platform key administrator.
Management Credential Algorithm
Data To Be Signed
Extract < path > or < path > ? < query > portion and ==< body > ==(i.e. HTTP Body) from the request URL, and join them using \n to obtain signingStr
The 4 kinds of situations are as follows:
signingStr = "<path>?<query>\n"
Or signingStr = "<path>?<query>\n<body>"
Or signingStr = "<path>\n"
Or signingStr = "<path>\n<body>"
For example:
List Resources interface
<path>:/list
<query>:bucket=<Bucket>&marker=<Marker>&limit=<Limit>&prefix=<Urlsafe_Base64_Encoded_Prefix>&mode=<Mode>
<body>: None
Then signingStr = "/list?bucket=<Bucket>&marker=<Marker>&limit=<Limit>&prefix=<Urlsafe_Base64_Encoded_Prefix>&mode=<Mode>\n"
Audio/video processing (avthumb/vframe) interface
<path>:/fops
<body>:<RequestParams>, i.e. the corresponding request content
Then signingStr ="/fops\n<RequestParams>"
HMAC-SHA1 Signature Data
Use SecretKey to provide HMAC-SHA1 signature for signingStr to obtain Sign
Sign = hmac_sha1(signingStr,"<SecretKey>")
External resource: HMAC-SHA1 Signature
Sample code: HMAC-SHA1 Signature
URL-Safe Base64 Encoded Signature Data
Perform URL-Safe Base64 Encoding for the signature data Sign to obtain encodeSign
encodeSign = urlsafe_base64_encode(Sign)
Generate Management Credential
Join AccessKey and encodeSign using : to obtain the management credential accessToken
accessToken = < AccessKey >:< encodeSign >