Amp html 更新Google AMP缓存URL签名验证错误
我试图在Google AMP缓存中更新我的Google AMP页面,但是得到了一个URL签名验证错误 我的代码:Amp html 更新Google AMP缓存URL签名验证错误,amp-html,Amp Html,我试图在Google AMP缓存中更新我的Google AMP页面,但是得到了一个URL签名验证错误 我的代码: Dim tStamp As String = GetUnixTimeStampFromDateTime(DateTime.Now).ToString Dim ampBaseUrl As String = "https://www-example-com.cdn.ampproject.org" Dim signatureUrl As String = "/update-cache/c/
Dim tStamp As String = GetUnixTimeStampFromDateTime(DateTime.Now).ToString
Dim ampBaseUrl As String = "https://www-example-com.cdn.ampproject.org"
Dim signatureUrl As String = "/update-cache/c/s/www.example.com/articles/278/myarticle/amp?amp_action=flush&_ts=" + tStamp
Dim rsa As RSA = certificate.GetRSAPrivateKey()
Dim data() As Byte = System.Text.Encoding.Unicode.GetBytes(signatureUrl)
Dim sig() As Byte = rsa.SignData(data, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1)
Dim AMPURLSignature As String = EncodeTo64(sig.ToString)
编码功能:
Public Shared Function EncodeTo64(ByVal toEncode As String) As String
Dim toEncodeAsBytes As Byte() = System.Text.ASCIIEncoding.ASCII.GetBytes(toEncode)
Dim returnValue As String = System.Convert.ToBase64String(toEncodeAsBytes)
Return returnValue
End Function
我试着打电话给谷歌AMP缓存
现在,我得到一个403错误:
您的客户端无权获取URL/update cache/c/s/www.example.com/articles/278/myarticle/amp?amp_action=flush&_ts=1523016476&_URL_signature=U2lzdGVtLkJ5dGVbdQ。URL签名验证错误。我们只知道这些
我发现谷歌示例代码不够清晰:
我的问题围绕签名URL:
amp_action
和amp_ts
?还是在我签署URL后再附加这些signatureUrl
变量前面加上上面的ampBaseUrl
,还是不需要verifiedok
消息。我还完成了第2步:
Verified OK
此URL已生成:
https://www-toptrouwen-nl.cdn.ampproject.org/update-cache/c/s/www.toptrouwen.nl/artikelen/132/het-uitwisselen-van-de-trouwringen-hoe-voorkom-je-bloopers/amp?amp_action=flush&_ts=1523138180&_url_signature=tKPO3k624ybwxoEynqN8oI3/UDxhq1TF8jX9aKeVyL0IWLUODXuMB7ansP0t1+/5Lm2V7RYZbUWxt2Whh7+LFEmfQFGJJE/IPTOBVSQRDB5356QWIRDHOZY+3Z5DASZYOLAWLFZUFDONGYDSh/ULCJJVVNAHFEWZHOPB5JQXJQ1WN0KLQUF1V2U47ABE6CNQBM3YB/0Z1FLfTJLM1oOEOSDh9vQH1SqO/6SoYtUhSQjSrYdl/G5O0QJ7A9PKUxOPFGVJM0L8SGB66CVEWWQ0WIFE24RPXUML9TIFFZ1TY2R+ZPIMPEAPDJCSDGPO7KTWQBOTBINJMTQ=
然后我发现错误所需的查询参数“amp\u url\u signature”丢失。
(与之前的问题相关,amp\u
参数出错
然后我将URL参数重命名为正确的名称:https://www-toptrouwen-nl.cdn.ampproject.org/update-cache/c/s/www.toptrouwen.nl/artikelen/132/het-uitwisselen-van-de-trouwringen-hoe-voorkom-je-bloopers/amp?amp_action=flush&_ts=1523138180&_url_signature=tKPO3k624ybwxoEynqN8oI3/UDxhq1TF8jX9aKeVyL0IWLUODXuMB7ansP0t1+/5Lm2V7RYZbUWxt2Whh7+LFEmfQFGJJE/IPTOBVSQRDB5356QWIIRDHO9VQH1SQO/6SoYtUhSQjSrYdl/G5O0QJ7A9PKUxFGVJM0L8SGB66CVEWW0WIFEZ124RPXUML2U47ABE6CNQBM3YB/0Z1FLfTJLM1oOEOSDh9vQH1SqO/6SoYtUhSQjSrYdl/G5O0QJ7A9PKUxOPFGVJM0L8SGB66CVEWW0WIFEZ124RPXUML9TIFFY2R+Z2RPPIMDJGQ0GPO7QQ2RYB7B7B7W0W=GBTQ>
然后我得到:404未能解码amp\u url\u签名
,我认为这是因为url中有+
和\
字符。当我删除这些字符时,我再次得到错误url签名验证错误
我认为UTC时间戳目前不是一个问题,因为我以前见过,如果时间戳不正确,Google会抛出错误。URL签名验证错误有两个最常见的原因:
签名计算不正确
因此,首先要验证签名是否确实有效。将签名的URL和结果签名保存到某些文件:
Dim signatureUrl As String = "/update-cache/c/s/www.example.com/articles/278/myarticle/amp?amp_action=flush&_ts=" + tStamp
' ...
Dim sig() As Byte = rsa.SignData(data, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1)
File.WriteAllText("url.txt", signatureUrl)
File.WriteAllBytes("signature.bin", sig)
然后使用openssl工具验证签名:
openssl.exe dgst-sha256-signature signature.bin-verify
publickey.pem url.txt
如果输出是
确认正常
然后您的签名就可以了,您应该在其他地方搜索问题(参见第2项)
如果输出是
验证失败
然后您应该重新检查签名计算的例行程序
上面命令中的publickey.pem是pem格式的公钥。它应该从以下行开始:
----开始公钥---
如果您有证书文件(以----begincertificate-----
开头),则可以使用以下命令为其创建证书:
openssl.exe x509-pubkey-noout-in publickey.cer>publickey.pem
如果签名已成功验证,则应检查您的公钥是否可通过Web访问。说明了以下要求:
对于签名验证,您必须在AMP文档域的固定位置提供公钥RSA(要生成密钥,请参阅生成RSA密钥)。例如:
- 公钥不能被机器人操作
- URL必须是HTTPS
- 域必须是要更新的确切域,而不是子域或超级域
- 您必须以PEM格式发布密钥,并提供内容类型为“text/plain”的密钥
因此,如果您的AMP基本URL是https://www.test.com
,检查您的公钥是否可以通过以下URL访问:https://www.test.com/.well-known/amphtml/apikey.pub
以下是您其他问题的答案:
我需要在签名URL中包含查询字符串参数amp_action和amp_ts吗?还是在签名URL后附加这些参数
是的,您应该在计算签名的URL中包含amp_action
和amp_ts
我应该在signatureUrl变量前面加上上面的ampBaseUrl,还是不需要
如第条所述:
AMP缓存主机名(cdn.ampproject.org)被排除在
签名以允许向多个AMP提交相同的已签名请求
缓存操作符
因此,您不应该将ampBaseUrl
包含到计算签名的URL中
Dim AMPURLSignature As String = EncodeTo64(sig.ToString)
Dim AMPURLSignature As String = System.Convert.ToBase64String(sig)
Dim tStamp As String = CInt((DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1))).TotalSeconds).ToString
Dim AMPURLSignature As String = System.Convert.ToBase64String(sig)
Dim AMPURLSignature As String = ToWebSafeBase64(sig)
' ...
Private Function ToWebSafeBase64([data]() As Byte) As String
Dim base64 = System.Convert.ToBase64String(data)
base64 = base64.Replace("+", "-")
base64 = base64.Replace("/", "_")
Return base64
End Function
Module MainModule
Sub Main()
Dim tStamp As String = CInt((DateTime.UtcNow.Subtract(new DateTime(1970, 1, 1))).TotalSeconds).ToString
Dim ampBaseUrl = "https://www-toptrouwen-nl.cdn.ampproject.org"
Dim signatureUrl As String = "/update-cache/c/s/www.toptrouwen.nl/artikelen/132/het-uitwisselen-van-de-trouwringen-hoe-voorkom-je-bloopers?amp_action=flush&_ts=" + tStamp
Dim data() As Byte = System.Text.Encoding.ASCII.GetBytes(signatureUrl)
Dim certificate = New X509Certificate2("d:\temp\keys\keys.pfx", "12345")
Dim rsa As RSA = certificate.GetRSAPrivateKey()
Dim sig() As Byte = rsa.SignData(data, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1)
Dim ampUrlSignature As String = ToWebSafeBase64(sig)
Dim url As String = ampBaseUrl + signatureUrl + "&_url_signature=" + ampUrlSignature
Console.WriteLine(url)
End Sub
Private Function ToWebSafeBase64([data]() As Byte) As String
Dim base64 = System.Convert.ToBase64String(data)
base64 = base64.Replace("+", "-")
base64 = base64.Replace("/", "_")
Return base64
End Function
End Module