文档简介:
生成签名的示例
通过创建预签名URL的方式,与其他人共享examplebucket中test.txt对象,过期时间设置为7天(604800秒)。以GET请求为例:
|
GET /examplebucket/test.txt ?X-Amz-Algorithm=AWS4-HMAC-SHA256 &X-Amz-Credential=2a948fd3f00ba0925806/20190220/cn/s3/aws4_request &X-Amz-Date=20190220T095256Z &X-Amz-Expires=604800 &X-Amz-SignedHeaders=host &X-Amz-Signature=<signature-value> |
以下步骤首先说明如何计算签名和构建预签名URL。示例中使用的访问密钥如下:
|
参数 |
值 |
|
AWSAccessKeyId |
2a948fd3f00ba0925806 |
|
AWSSecretAccessKey |
ef2017c2e5ffa0b1761717ecbca021da16501384 |
1) StringToSign
a. 创建规范请求(以GET请求为例)
|
GET /examplebucket/test.txt X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=2a948fd3f00ba0925806%2F20190220%2Fcn%2Fs3%2Faws4_request&X-Amz-Date=20190220T095256Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host host:oos-cn.ctyunapi.cn
host UNSIGNED-PAYLOAD |
b. 待签名字符串
|
AWS4-HMAC-SHA256 20190220T095256Z 20190220/cn/s3/aws4_request 023d2e0e5fba779afb9fe621e9413622e7f1aff9ffc7348e55d0805d97cb1571 |
2) 生成签名密钥
|
signing key = HMAC-SHA256(HMAC-SHA256(HMAC-SHA256(HMAC-SHA256("AWS4" + "<YourSecretAccessKey>","20190220"),"cn"),"s3"),"aws4_request") |
3) 计算后的签名
|
f566134de06fb3daa22b9649baf82d15d6aa575e146b6ba9aff13a2bde63a1ec |
4) 预签名URL
|
/examplebucket/test.txt?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=2a948fd3f00ba0925806/20190220/cn/s3/aws4_request&X-Amz-Date=20190220T095256Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=f566134de06fb3daa22b9649baf82d15d6aa575e146b6ba9aff13a2bde63a1ec |
