1. 首頁
  2. 問答
  3. Crossbar.io:HTTP橋接服務調用者:正確發送簽名請求

Crossbar.io:HTTP橋接服務調用者:正確發送簽名請求

2015-10-29 48 views
0

我正在使用crossbar HTTP橋樑服務調用者來使用註冊的RPC。但是當我發出HTTP POST消息時,我得到'無效請求籤名'作爲響應。Crossbar.io:HTTP橋接服務調用者:正確發送簽名請求

根據http://crossbar.io/docs/HTTP-Bridge-Services-Caller/,所述

計算爲以下值的Base64編碼的簽名:HMAC [SHA256] _ {祕密}(鍵|時間戳| SEQ |隨機數|體)

如何正確連接?我嘗試了有和沒有字符|和空間。對於簽署請求橫樑config.json文件的

部分:

 "call-signed": { 
      "type": "caller", 
      "realm": "realm1", 
      "role": "anonymous", 
      "options": { 
      "key": "foobar", 
      "secret": "secret", 
      "post_body_limit": 0, 
      "timestamp_delta_limit": 0, 
      "require_ip": [ 
       "127.0.0.1" 
      ], 
      "require_tls": false, 
      "debug": true 
      } 
     }

Python代碼發送請求:

import hmac 
import hashlib 
import base64 
import requests 
import json 

key = "foobar" 
timestamp = "2011-10-14T16:59:51.123Z" 
seq = "0" 
nonce = "22" 

# construct body 
args = [1, 3, 2] 
kwargs = None 
options = None 

proc = 'com.myapp.func' 
payload = {"procedure": proc} 

if args: 
    payload['args'] = list(args) 

if kwargs: 
    payload['kwargs'] = dict(kwargs) 

body = payload 
body = json.dumps(body) 

# construct signature 
# (key | timestamp | seq | nonce | body) 
message = key + "" + timestamp + "" + seq + "" + nonce + "" + body 

print message 

secret = "secret" 

signature = base64.b64encode(hmac.new(secret, msg=message, digestmod=hashlib.sha256).digest()) 

print signature 

# HTTP POST 

url = "http://127.0.0.1:8080/call-signed?" + \ 
     "seq=" + seq + \ 
     "&key=" + key + \ 
     "&nonce=" + nonce + \ 
     "&signature=" + signature + \ 
     "&timestamp=" + timestamp 

headers = {'content-type': 'application/json'} 

s = requests.Session() 
r = s.post(url, data=body, headers=headers) 

print r.text

來源

2015-10-29 911

+0

未來此堆棧問題的訪問者應該訪問https://crossbar.io/docs/HTTP-Bridge/,而不是發佈的URL不再有效 – FirefighterBlu3

回答

相關問題

 相關問題