java—我们计算的请求签名与您提供的签名不匹配,甚至与创建的签名也不匹配

eit6fx6z  于 2021-06-29  发布在  Java
关注(0)|答案(0)|浏览(226)

当作为访问服务的授权传递时,签名创建成功,遇到了一个错误,例如我们计算的请求签名与您提供的签名不匹配。
在用于创建授权的类下面。请帮忙。
公共类规范{

//public static String authorization_header;
  public static String auth() throws Exception  {

      //canonical string creation
      String currentDate  = getDate();
      String xAmzDate = getTimeStamp();
      String region = "eu-west-1";
      String serviceName ="execute-api";

      String canonical_uri = "pathdetailsofservice";

      URL url = new URL("endpointurl");
      String req_query_string = orderQuery(url );
      String canonical_querystring = req_query_string;
      String host ="dataservices.whssng.uk";
      String method ="POST";
      String ContentType ="application/json";
      String canonical_headers = "host:" + host + "\n" + "x-amz-date:" + xAmzDate + "\n";
      String signed_headers = "Content-Type;host;x-amz-date";
      String secret_key ="secretkey";
      String access_key ="accesskey";

      String request_parameters = "";
      String payload_hash = generateHex(request_parameters);
      String canonical_request = method + "\n" + canonical_uri + "\n" + ContentType+ "\n" + canonical_querystring + "\n" + canonical_headers + "\n" + signed_headers + "\n" + payload_hash;
      System.out.println("canonical_request"+"\n"+canonical_request);

      //Create  String to Sign

      String algorithm = "AWS4-HMAC-SHA256";
              String credential_scope = currentDate + "/" + region + "/" + serviceName + "/" + "aws4_request";
              String hash_canonical_request = generateHex(canonical_request);
              String string_to_sign = algorithm + "\n" +  xAmzDate + "\n" +  credential_scope + "\n" +  hash_canonical_request;
      System.out.println("string_to_sign"+"\n"+string_to_sign);

  ////Calculate the String to Sign

  byte[] signing_key = getSignatureKey(secret_key, xAmzDate, region, serviceName);
  byte[] signature =hmac_sha256(signing_key, string_to_sign);
  String strHexSignature = bytesToHex(signature);
   System.out.println("Signature:"+strHexSignature);

  //Add Signing information to Variable

  String authorization_header = algorithm + " " + "Credential=" + access_key + "/" + credential_scope + ", " +  "SignedHeaders=" +

签名头+”,“+”signature=“+strhexsignature;system.out.println(“授权:”+authorization\u header);返回授权单元头;

}

private static String generateHex(String data) {
        MessageDigest messageDigest;
        try {
            messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(data.getBytes("UTF-8"));
            byte[] digest = messageDigest.digest();
            return String.format("%064x", new java.math.BigInteger(1, digest));
        } catch (NoSuchAlgorithmException | UnsupportedEncodingException e) {
            e.printStackTrace();
        }
        return null;
    }

public static String getDate() {
    DateFormat dateFormat = new SimpleDateFormat("yyyyMMdd");
    dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));//server timezone
    return dateFormat.format(new Date());
}

public static String orderQuery(URL url) throws UnsupportedEncodingException {

    String orderQueryString = "";
    Map<String, String> queryPairs = new LinkedHashMap<>();
    String queryParams = url.getQuery();

    if (queryParams != null) {
        String[] pairs = queryParams.split("&");

        for (String pair : pairs) {
            int idx = pair.indexOf("=");
            queryPairs.put(URLDecoder.decode(pair.substring(0, idx), "UTF-8"), URLDecoder.decode(pair.substring(idx + 1), "UTF-8"));
        }
       TreeMap<String, String> orderQueryArray = new TreeMap<String, String>(queryPairs);
        orderQueryString  = urlEncodeUTF8(orderQueryArray);
    }
    return orderQueryString;
}

public static String urlEncodeUTF8(String s) {
    try {
        return URLEncoder.encode(s, "UTF-8");
    } catch (UnsupportedEncodingException e) {
        throw new UnsupportedOperationException(e);
    }
}

public static String urlEncodeUTF8(Map<?,?> map) {
    StringBuilder sb = new StringBuilder();
    for (Map.Entry<?,?> entry : map.entrySet()) {
        if (sb.length() > 0) {
            sb.append("&");
        }
        sb.append(String.format("%s=%s",
            urlEncodeUTF8(entry.getKey().toString()),
            urlEncodeUTF8(entry.getValue().toString())
        ));
    }
    return sb.toString();       
}

public static String getTimeStamp() {
    DateFormat dateFormat = new SimpleDateFormat("yyyyMMdd'T'HHmmss'Z'");
    dateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));//server timezone
    return dateFormat.format(new Date());
}

public static byte[] getSignatureKey(String key, String dateStamp, String regionName, String serviceName) throws Exception {
    byte[] kSecret = ("AWS4" + key).getBytes("UTF-8");
    byte[] kDate = hmac_sha256(kSecret, dateStamp);
    byte[] kRegion = hmac_sha256(kDate, regionName);
    byte[] kService = hmac_sha256(kRegion, serviceName);
    byte[] kSigning = hmac_sha256(kService, "aws4_request");
    return kSigning;
}

public static byte[]  hmac_sha256(byte[] key, String data) throws InvalidKeyException, NoSuchAlgorithmException {
    Mac mac = Mac.getInstance("HmacSHA256");
    SecretKeySpec secretKeySpec = new SecretKeySpec(key, "HmacSHA256");
    mac.init(secretKeySpec);
    byte[] digest = mac.doFinal(data.getBytes());
    return digest;

}
final protected static char[] hexArray = "0123456789ABCDEF".toCharArray();
private static String bytesToHex(byte[] bytes) {
    char[] hexChars = new char[bytes.length * 2];
    for (int j = 0; j < bytes.length; j++) {
        int v = bytes[j] & 0xFF;
        hexChars[j * 2] = hexArray[v >>> 4];
        hexChars[j * 2 + 1] = hexArray[v & 0x0F];
    }
    return new String(hexChars).toLowerCase();
}
}

暂无答案!

目前还没有任何答案,快来回答吧!

相关问题