Signature生成サンプル (bash)
Signature生成サンプル
このサンプルはAPI利用方法で示した署名(Signature)の生成方法を紹介するためのものです。
署名の生成には、bash・OpenSSL、その他UNIX commandを使用しています。
サンプルプログラムでは署名を生成するのみで、APIのリクエストは行いません。
サンプルコード
| 1 | #!/bin/bash |
| 2 | |
| 3 | METHOD="GET" |
| 4 | API="contract" |
| 5 | APIVERSION="20140602" |
| 6 | SERVICECODE="cac12345678" |
| 7 | |
| 8 | STRING_TO_SIGN=string2sign.$$ |
| 9 | trap "test -f '$STRING_TO_SIGN' && /bin/rm '$STRING_TO_SIGN'" 0 1 2 3 15 |
| 10 | |
| 11 | echo $METHOD > $STRING_TO_SIGN |
| 12 | echo "" >> $STRING_TO_SIGN |
| 13 | if [ "$METHOD" = "GET" ]; then |
| 14 | echo "" >> $STRING_TO_SIGN |
| 15 | else |
| 16 | echo "application/json" >> $STRING_TO_SIGN |
| 17 | fi |
| 18 | echo "x-iijapi-expire:${IIJAPI_EXPIRE}" >> $STRING_TO_SIGN |
| 19 | echo "x-iijapi-signaturemethod:HmacSHA256" >> $STRING_TO_SIGN |
| 20 | echo "x-iijapi-signatureversion:2" >> $STRING_TO_SIGN |
| 21 | echo -n "/r/${APIVERSION}/${SERVICECODE}/${API}.json" >> $STRING_TO_SIGN |
| 22 | |
| 23 | SIGNATURE=`openssl dgst -sha256 -binary -hmac "$IIJAPI_SECRET_KEY" "$STRING_TO_SIGN" | base64` |
| 24 | |
| 25 | echo $SIGNATURE |
| 26 | |
| 27 | exit 0 |
Signature生成サンプル 実行例
SecretKey、API有効期限を環境変数で与えます。
AccessKeyはAPIリクエスト実行時に使用します。
※このスクリプトはあくまでサンプルです。環境変数、ShellのhistoryからAccessKey, SecretKeyが漏洩しないように十分に注意して下さい。
| 1 | $ export IIJAPI_ACCESS_KEY='アクセスキー' |
| 2 | $ export IIJAPI_SECRET_KEY='シークレットキー' |
| 3 | $ export IIJAPI_EXPIRE=`date -u -d '1 hours' +'%Y-%m-%dT%H:%M:%SZ'` |
| 4 | |
| 5 | $ ./sign.sh |
| 6 | blYqEogt4XNvvtTBvqNqPr96yRI/PxiJ4yZRRIOK76Q= |
APIリクエスト 実行例
生成したSignatureを使用してAPIを実行するサンプルです。
以下の例では curlコマンドを使用してAPIを実行します。
GET contract
$ curl -H "x-iijapi-Expire:$IIJAPI_EXPIRE" \ |
-H "x-iijapi-SignatureMethod:HmacSHA256" \ |
-H "x-iijapi-SignatureVersion:2" \ |
-H "Authorization:IIJAPI $IIJAPI_ACCESS_KEY:blYqEogt4XNvvtTBvqNqPr96yRI/PxiJ4yZRRIOK76Q=" \ |
https://cac.api.iij.jp/r/20140602/cac12345678/contract.json |
HTTP/1.1 200 OK |
Date: Tue, 10 Jun 2014 12:55:38 GMT |
Server: thin |
Content-Type: application/json; charset=utf-8 |
Strict-Transport-Security: max-age=2592000 |
X-Content-Type-Options: nosniff |
Connection: close |
Transfer-Encoding: chunked |
{"Result":{"RequestId":"xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx","ServiceCode":"cac12345678","PublicFqdn":"www.cac-example.iijgio.jp","CNAME":"xxxxxxxxxx.cas.iijgio.jp","Https":"off","DdoS":"off","Constructions":"on","OriginAccessType":"host","Origin":["origin.cac-example.iijgio.jp"],"OriginSendPublicFqdn":"off","NextOriginAccessType":"host","NextOrigin":["origin.cac-example.iijgio.jp"],"NextOriginSendPublicFqdn":"off","CreatedAt":"2014/02/18"}} |
PUT origin
curl -H "Content-Type:application/json" \ |
-H "x-iijapi-Expire:$IIJAPI_EXPIRE" \ |
-H "x-iijapi-SignatureMethod:HmacSHA256" \ |
-H "x-iijapi-SignatureVersion:2" \ |
-H "Authorization:IIJAPI $IIJAPI_ACCESS_KEY:3vZK2iqoLHCypoSBoWcaGtj6yjMyCIbh5OS4ur7FgUI=" \ |
-X PUT \ |
-d '{"OriginAccessType":"ip","OriginIPList":["198.51.100.1"]}' \ |
https://cac.api.iij.jp/r/20140602/cac12345678/origin.json |
HTTP/1.1 200 OK |
Date: Tue, 10 Jun 2014 13:05:38 GMT |
Server: thin |
Content-Type: application/json; charset=utf-8 |
Strict-Transport-Security: max-age=2592000 |
X-Content-Type-Options: nosniff |
Connection: close |
Transfer-Encoding: chunked |
{"Result":{"RequestId":"xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx","ServiceCode":"cac12345678","OriginAccessType":"ip","Origin":["198.51.100.1"],"OriginSendPublicFqdn": "on","NextOriginAccessType":"ip","NextOrigin": ["198.51.100.1"],"NextOriginSendPublicFqdn":"on"}} |
POST accesslog_key
curl -H "Content-Type:application/json" \ |
-H "x-iijapi-Expire:$IIJAPI_EXPIRE" \ |
-H "x-iijapi-SignatureMethod:HmacSHA256" \ |
-H "x-iijapi-SignatureVersion:2" \ |
-H "Authorization:IIJAPI $IIJAPI_ACCESS_KEY:RId4JTHPIXRcbVSalAgg2lf7EW7yKlXoh21raR5J62Y=" \ |
-X POST \ |
-d '{"BasicAuth":"on"}' \ |
https://cac.api.iij.jp/r/20140602/cac12345678/accesslog_key.json |
HTTP/1.1 200 OK |
Date: Tue, 10 Jun 2014 13:10:38 GMT |
Server: thin |
Content-Type: application/json; charset=utf-8 |
Strict-Transport-Security: max-age=2592000 |
X-Content-Type-Options: nosniff |
Connection: close |
Transfer-Encoding: chunked |
{"Result":{"RequestId":"xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx","ServiceCode":"cac12345678","DownloadUrl":"https://help.cas.iijgio.jp/downloads/cac12345678/access_logs","DownloadKey":"wv1msg9yexdivicsxnbx0phrnhg","Expire":"2014-06-10 13:41:01","MaxNum":"20","User":"cac12345678","Password":"-McMSAxEjYOnxA"}} |
次のURLでアクセスログ(gzip形式)をダウンロードできます。
https://help.cas.iijgio.jp/downloads/cac12345678/access_logs?log_date=2014-06-09&download_key=wv1msg9yexdivicsxnbx0phrnhg&urlscheme=http |