动态生成签名

一、生成签名

1. 登录腾讯云
2. 点击控制台 --> 云产品
3. 找到中间件，点击API网关
   
4. 点击工具 --> 签名工具
   
5. 点击获取，输入签名水印值、AccessKeyId、AccessKeySecret，点击生成签名
   
6. Source、X-Date、Authorization就是需要的签名内容

二、动态生成签名

1）签名工具类使用

        HashMap<String,String> map = new HashMap<>();
        map.put("secretId",Constants.SECRETID_ORDER);
        map.put("secretKey",Constants.SECRETKEY_ORDER);
        map.put("source",Constants.SOURCE_ORDER);
        Map<String, String> header = AppAuthJavaUtils.getAutograph(map);

2）签名工具类

public class AppAuthJavaUtils {
    private static final String MAC_NAME = "HmacSHA1";
    private static final String ENCODING = "UTF-8";

    private static String getGMTTime(){
        Calendar cd = Calendar.getInstance();
        SimpleDateFormat sdf = new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss 'GMT'", Locale.US);
        sdf.setTimeZone(TimeZone.getTimeZone("GMT"));
        String GMTTime = sdf.format(cd.getTime());
        return GMTTime;
    }

    private static String sortQueryParams(String queryParam){
        // parameters should be in alphabetical order
        if (queryParam == null || queryParam == ""){
            return "";
        }

        String[] queryParams = queryParam.split("&");
        Map<String, String> queryPairs = new TreeMap<>();
        for(String query: queryParams){
            String[] kv = query.split("=");
            queryPairs.put(kv[0], kv[1]);
        }

        StringBuilder sortedParamsBuilder = new StringBuilder();
        Iterator iter = queryPairs.entrySet().iterator();
        while(iter.hasNext()){
            Map.Entry entry = (Map.Entry) iter.next();
            sortedParamsBuilder.append(entry.getKey());
            sortedParamsBuilder.append("=");
            sortedParamsBuilder.append(entry.getValue());
            sortedParamsBuilder.append("&");
        }
        String sortedParams = sortedParamsBuilder.toString();
        sortedParams = sortedParams.substring(0, sortedParams.length() - 1);

        return sortedParams;
    }

    private static byte[] HmacSHA1Encrypt(String encryptText, String encryptKey) throws Exception {
        byte[] data = encryptKey.getBytes(ENCODING);
        SecretKey secretKey = new SecretKeySpec(data, MAC_NAME);
        Mac mac = Mac.getInstance(MAC_NAME);
        mac.init(secretKey);
        byte[] text = encryptText.getBytes(ENCODING);
        return mac.doFinal(text);
    }

    private static String base64Encode(byte[] key) {
        final Base64.Encoder encoder = Base64.getEncoder();
        return encoder.encodeToString(key);
    }

    private static String getMD5(String str) {
        String md5Hex = DigestUtils.md5Hex(str);
        return md5Hex;
    }

    /**
     *   获取签名
     * @param map
     * @return
     * @throws Exception
     */
    public static Map<String,String> getAutograph(Map<String,String> map) throws Exception {
        String secretId = map.get("secretId");
        String secretKey = map.get("secretKey");
        String source = map.get("source");

        // 获取X-date   Authorization  Source
        String xDate = getGMTTime();
        String stringToSign = "x-date: "+xDate+"\n"+"source: "+ source;

        // Encode string with HMAC and base64
        byte[] hmacStr = HmacSHA1Encrypt(stringToSign, secretKey);
        String signature = base64Encode(hmacStr);
        String authHeader = String.format("hmac id=\"%s\", algorithm=\"hmac-sha1\", headers=\"x-date source\", 			                                  signature=\"%s\"", secretId, signature);

        HashMap<String, String> resultMap = new HashMap<>();
        resultMap.put("Source",source);
        resultMap.put("X-Date",xDate);
        resultMap.put("Authorization",authHeader);

        return resultMap;
    }

}