Python Crossbar.io:HTTP网桥服务调用方:正确发送已签名的请求
我正在使用crossbar HTTP网桥服务调用程序来使用已注册的RPC。但是当我发出HTTPPOST消息时,我得到了“无效的请求签名”作为响应 据报道, 作为以下值的Base64编码计算的签名:HMAC[SHA256]{secret}(key | timestamp | seq | nonce | body) 如何正确地进行连接?我尝试了使用和不使用字符和空格 已签名请求的crossbar config.json文件部分:Python Crossbar.io:HTTP网桥服务调用方:正确发送已签名的请求,python,autobahn,crossbar,wamp-protocol,Python,Autobahn,Crossbar,Wamp Protocol,我正在使用crossbar HTTP网桥服务调用程序来使用已注册的RPC。但是当我发出HTTPPOST消息时,我得到了“无效的请求签名”作为响应 据报道, 作为以下值的Base64编码计算的签名:HMAC[SHA256]{secret}(key | timestamp | seq | nonce | body) 如何正确地进行连接?我尝试了使用和不使用字符和空格 已签名请求的crossbar config.json文件部分: "call-signed": {
"call-signed": {
"type": "caller",
"realm": "realm1",
"role": "anonymous",
"options": {
"key": "foobar",
"secret": "secret",
"post_body_limit": 0,
"timestamp_delta_limit": 0,
"require_ip": [
"127.0.0.1"
],
"require_tls": false,
"debug": true
}
}
import hmac
import hashlib
import base64
import requests
import json
key = "foobar"
timestamp = "2011-10-14T16:59:51.123Z"
seq = "0"
nonce = "22"
# construct body
args = [1, 3, 2]
kwargs = None
options = None
proc = 'com.myapp.func'
payload = {"procedure": proc}
if args:
payload['args'] = list(args)
if kwargs:
payload['kwargs'] = dict(kwargs)
body = payload
body = json.dumps(body)
# construct signature
# (key | timestamp | seq | nonce | body)
message = key + "" + timestamp + "" + seq + "" + nonce + "" + body
print message
secret = "secret"
signature = base64.b64encode(hmac.new(secret, msg=message, digestmod=hashlib.sha256).digest())
print signature
# HTTP POST
url = "http://127.0.0.1:8080/call-signed?" + \
"seq=" + seq + \
"&key=" + key + \
"&nonce=" + nonce + \
"&signature=" + signature + \
"×tamp=" + timestamp
headers = {'content-type': 'application/json'}
s = requests.Session()
r = s.post(url, data=body, headers=headers)
print r.text
发送请求的python代码:
"call-signed": {
"type": "caller",
"realm": "realm1",
"role": "anonymous",
"options": {
"key": "foobar",
"secret": "secret",
"post_body_limit": 0,
"timestamp_delta_limit": 0,
"require_ip": [
"127.0.0.1"
],
"require_tls": false,
"debug": true
}
}
import hmac
import hashlib
import base64
import requests
import json
key = "foobar"
timestamp = "2011-10-14T16:59:51.123Z"
seq = "0"
nonce = "22"
# construct body
args = [1, 3, 2]
kwargs = None
options = None
proc = 'com.myapp.func'
payload = {"procedure": proc}
if args:
payload['args'] = list(args)
if kwargs:
payload['kwargs'] = dict(kwargs)
body = payload
body = json.dumps(body)
# construct signature
# (key | timestamp | seq | nonce | body)
message = key + "" + timestamp + "" + seq + "" + nonce + "" + body
print message
secret = "secret"
signature = base64.b64encode(hmac.new(secret, msg=message, digestmod=hashlib.sha256).digest())
print signature
# HTTP POST
url = "http://127.0.0.1:8080/call-signed?" + \
"seq=" + seq + \
"&key=" + key + \
"&nonce=" + nonce + \
"&signature=" + signature + \
"×tamp=" + timestamp
headers = {'content-type': 'application/json'}
s = requests.Session()
r = s.post(url, data=body, headers=headers)
print r.text
我正在使用CrossbarHTTP来处理HTTP网桥服务,但如果您坚持使用自己的代码,您可以检查此文件中的_compute_signature()方法,这可能会对您有所帮助。此堆栈问题的未来访问者应该访问,而不是发布的不再有效的URL