租用帮助
这篇文章主要讲解了“AWS2认证过程怎么实现”,文中的讲解内容简单清晰,易于学习与理解,下面请大家跟着小编的思路慢慢深入,一起来研究和学习“AWS2认证过程怎么实现”吧!
AWS2认证:https://www.hkt4.com/zt/2023-05-06/
很多新手司机看官方文档AWS2认证部分特别是Authorization怎么生成的总是晦涩难懂,其核心就是StringToSign到底怎么构成
Authorization = 'AWS' + ' ' + AWSAccessKeyId + ':' + Signature;
Signature = Base64( HMAC-SHA1( YourSecretAccessKeyID, UTF-8-Encoding-Of( StringToSign ) ) );
StringToSign = HTTP-Verb + '
' +
Content-MD5 + '
' +
Content-Type + '
' +
Date + '
' +
CanonicalizedAmzHeaders +
CanonicalizedResource;
下面以使用bash向S3上传一个Object为例,具体解释一下整个AWS2的签名过程
#!/bin/bash
ACCESS_KEY='' #填access key
SECRET_KEY='' #填secret key
HOST='s3.cephbook.com' #填S3的Endpoint地址
BUCKET='demo' #填bucket名称
CONTENT_TYPE='application/octet-stream' #MIME
FILENAME=/tmp/demo #文件本地路径
ACL='x-amz-acl:public-read' #Object的ACL
META_DATA='x-amz-meta-ukey:value' #自定义medadata
FILESIZE=$(stat -c%s '$FILENAME')
FILEMD5=`cat ${FILENAME}| openssl dgst -md5 -binary | openssl enc -base64`
AUTH_PATH='/${BUCKET}${FILENAME}'
CURRENT_TIME=`TZ=GMT LANG=en_US date '+%a, %d %b %Y %H:%M:%S GMT'`
stringToSign='PUT
${FILEMD5}
${CONTENT_TYPE}
${CURRENT_TIME}
${ACL}
${META_DATA}
${AUTH_PATH}'
echo $stringToSign
signature=`echo -en ${stringToSign} | openssl sha1 -hmac ${SECRET_KEY} -binary | base64`
curl -s -v -X PUT 'http://${HOST}${AUTH_PATH}'
-H 'Authorization: AWS ${ACCESS_KEY}:${signature}'
-H 'Date: ${CURRENT_TIME}'
-H 'Host: ${HOST}'
-H 'Content-Length: ${FILESIZE}'
-H 'Content-MD5: ${FILEMD5} '
-H 'Content-Type: ${CONTENT_TYPE} '
-H '${ACL} '
-H '${META_DATA} '
-T '${FILENAME}'
感谢各位的阅读,以上就是“AWS2认证过程怎么实现”的内容了,经过本文的学习后,相信大家对AWS2认证过程怎么实现这一问题有了更深刻的体会,具体使用情况还需要大家实践验证。