Splicing specification request string
Concatenate canonical requests in the following pseudo code format:
Name | Description |
HTTPRequestMethod | HTTP request method(GET/POST ) |
CanonicalURI | URI parameter |
CanonicalQueryString | The query string in the URL of the HTTP request. For the POST request, it is fixed as the empty string "" and for the GET request, it is the question mark (?) in the URL The following string content, for example: limit=10&offset=0. Note: CanonicaQueryString needs reference RFC3986 For URLEncode, character set utf8, it is recommended to use the standard library of programming language, all special characters need to be encoded in uppercase form. |
CanonicalHeaders | The header information participating in the signature, including at least two headers: host and content-type. Splicing rules: The header key and value are unified to lowercase, and the first and last spaces are removed, and the key:value\n format splicing; Multiple heads, spliced in ASCII ascending order of the head key (lowercase). The result of this example calculation is: content- type:application/json; charset=utf-8\nhost:klavi.ai\n。 Note: content-type must be consistent with the actual sent. Some programming language network libraries will automatically add charset value even if they are not specified. If the signature and send time are inconsistent, the server will return the signature verification failure. |
SignedHeaders | The header information involved in the signature indicates which headers of the request are involved in the signature, which is one-to-one corresponding to the header content contained in CanonicalHeaders. Content-type and host are required headers. Splicing rules: The head key is converted to lowercase; Multiple header keys(lowercase) are spliced in ascending ASCII order, and semicolons (;) separate. This example is content-type; host |
HashedRequestPayload | The hash value of the request body, payload, i.e. body, this example is: {"Limit": 1, "Filters": [{"Values": ["\u672a\u547d\u540d"], "Name": "instance-name"}]}, and the pseudo code is calculated as Lowercase(HexEncode(Hash. SHA256(RequestPayLoad))), that is, SHA256 hash is performed on the HTTP request body, then hexadecimal encoding is performed, and finally the encoding string is converted to lowercase letters. For GET requests, the RequestPayLoad is fixed to an empty string. The result of this example is: 35e9c5b0e3ae67532d3c9f17ead6c90222632e5b1ff7f6e89887f1398934f064. |