公開
マニュアル一覧へ

ご契約者向け
マニュアル一覧へ

IIJ GIOコンテンツアクセラレーションサービス APIリファレンス

Signature生成サンプル (bash)

Signature生成サンプル

このサンプルはAPI利用方法で示した署名(Signature)の生成方法を紹介するためのものです。

署名の生成には、bash・OpenSSL、その他UNIX commandを使用しています。

サンプルプログラムでは署名を生成するのみで、APIのリクエストは行いません。

サンプルコード

#!/bin/bash

METHOD="GET"
API="contract"
APIVERSION="20140602"
SERVICECODE="cac12345678"

STRING_TO_SIGN=string2sign.$$
trap "test -f '$STRING_TO_SIGN' && /bin/rm '$STRING_TO_SIGN'" 0 1 2 3 15

echo    $METHOD                                        >  $STRING_TO_SIGN
echo    ""                                             >> $STRING_TO_SIGN
if [ "$METHOD" = "GET" ]; then
  echo ""                                              >> $STRING_TO_SIGN
else
  echo "application/json"                              >> $STRING_TO_SIGN
fi
echo    "x-iijapi-expire:${IIJAPI_EXPIRE}"             >> $STRING_TO_SIGN
echo    "x-iijapi-signaturemethod:HmacSHA256"          >> $STRING_TO_SIGN
echo    "x-iijapi-signatureversion:2"                  >> $STRING_TO_SIGN
echo  -n "/r/${APIVERSION}/${SERVICECODE}/${API}.json" >> $STRING_TO_SIGN

SIGNATURE=`openssl dgst -sha256 -binary -hmac "$IIJAPI_SECRET_KEY" "$STRING_TO_SIGN" | base64`

echo $SIGNATURE

exit 0

Signature生成サンプル 実行例

SecretKey、API有効期限を環境変数で与えます。

AccessKeyはAPIリクエスト実行時に使用します。

※このスクリプトはあくまでサンプルです。環境変数、ShellのhistoryからAccessKey, SecretKeyが漏洩しないように十分に注意して下さい。

$ export IIJAPI_ACCESS_KEY='アクセスキー'
$ export IIJAPI_SECRET_KEY='シークレットキー'
$ export IIJAPI_EXPIRE=`date -u -d '1 hours' +'%Y-%m-%dT%H:%M:%SZ'` 

$ ./sign.sh 
blYqEogt4XNvvtTBvqNqPr96yRI/PxiJ4yZRRIOK76Q=

APIリクエスト 実行例

生成したSignatureを使用してAPIを実行するサンプルです。 

以下の例では curlコマンドを使用してAPIを実行します。

GET contract
$ curl -H "x-iijapi-Expire:$IIJAPI_EXPIRE" \
       -H "x-iijapi-SignatureMethod:HmacSHA256" \
       -H "x-iijapi-SignatureVersion:2" \
       -H "Authorization:IIJAPI $IIJAPI_ACCESS_KEY:blYqEogt4XNvvtTBvqNqPr96yRI/PxiJ4yZRRIOK76Q=" \
https://cac.api.iij.jp/r/20140602/cac12345678/contract.json

HTTP/1.1 200 OK
Date: Tue, 10 Jun 2014 12:55:38 GMT
Server: thin
Content-Type: application/json; charset=utf-8
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
Connection: close
Transfer-Encoding: chunked

{"Result":{"RequestId":"xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx","ServiceCode":"cac12345678","PublicFqdn":"www.cac-example.iijgio.jp","CNAME":"xxxxxxxxxx.cas.iijgio.jp","Https":"off","DdoS":"off","Constructions":"on","OriginAccessType":"host","Origin":["origin.cac-example.iijgio.jp"],"OriginSendPublicFqdn":"off","NextOriginAccessType":"host","NextOrigin":["origin.cac-example.iijgio.jp"],"NextOriginSendPublicFqdn":"off","CreatedAt":"2014/02/18"}}
PUT origin
 curl -H "Content-Type:application/json" \
     -H "x-iijapi-Expire:$IIJAPI_EXPIRE" \
     -H "x-iijapi-SignatureMethod:HmacSHA256" \
     -H "x-iijapi-SignatureVersion:2" \
     -H "Authorization:IIJAPI $IIJAPI_ACCESS_KEY:3vZK2iqoLHCypoSBoWcaGtj6yjMyCIbh5OS4ur7FgUI=" \
     -X PUT \
     -d '{"OriginAccessType":"ip","OriginIPList":["198.51.100.1"]}' \
https://cac.api.iij.jp/r/20140602/cac12345678/origin.json

HTTP/1.1 200 OK
Date: Tue, 10 Jun 2014 13:05:38 GMT
Server: thin
Content-Type: application/json; charset=utf-8
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
Connection: close
Transfer-Encoding: chunked

{"Result":{"RequestId":"xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx","ServiceCode":"cac12345678","OriginAccessType":"ip","Origin":["198.51.100.1"],"OriginSendPublicFqdn": "on","NextOriginAccessType":"ip","NextOrigin": ["198.51.100.1"],"NextOriginSendPublicFqdn":"on"}}
POST accesslog_key
curl -H "Content-Type:application/json" \
     -H "x-iijapi-Expire:$IIJAPI_EXPIRE" \
     -H "x-iijapi-SignatureMethod:HmacSHA256" \
     -H "x-iijapi-SignatureVersion:2" \
     -H "Authorization:IIJAPI $IIJAPI_ACCESS_KEY:RId4JTHPIXRcbVSalAgg2lf7EW7yKlXoh21raR5J62Y=" \
     -X POST \
     -d '{"BasicAuth":"on"}' \
https://cac.api.iij.jp/r/20140602/cac12345678/accesslog_key.json


HTTP/1.1 200 OK
Date: Tue, 10 Jun 2014 13:10:38 GMT
Server: thin
Content-Type: application/json; charset=utf-8
Strict-Transport-Security: max-age=2592000
X-Content-Type-Options: nosniff
Connection: close
Transfer-Encoding: chunked

{"Result":{"RequestId":"xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx","ServiceCode":"cac12345678","DownloadUrl":"https://help.cas.iijgio.jp/downloads/cac12345678/access_logs","DownloadKey":"wv1msg9yexdivicsxnbx0phrnhg","Expire":"2014-06-10 13:41:01","MaxNum":"20","User":"cac12345678","Password":"-McMSAxEjYOnxA"}}

次のURLでアクセスログ(gzip形式)をダウンロードできます。

https://help.cas.iijgio.jp/downloads/cac12345678/access_logs?log_date=2014-06-09&download_key=wv1msg9yexdivicsxnbx0phrnhg&urlscheme=http