Signature生成サンプル (bash)
Signature生成サンプル
このサンプルはAPI利用方法で示した署名(Signature)の生成方法を紹介するためのものです。
署名の生成には、bash・OpenSSL、その他UNIX commandを使用しています。
サンプルプログラムでは署名を生成するのみで、APIのリクエストは行いません。
サンプルコード
1 | #!/bin/bash |
2 | |
3 | METHOD="GET" |
4 | API="contract" |
5 | APIVERSION="20140602" |
6 | SERVICECODE="cac12345678" |
7 | |
8 | STRING_TO_SIGN=string2sign.$$ |
9 | trap "test -f '$STRING_TO_SIGN' && /bin/rm '$STRING_TO_SIGN'" 0 1 2 3 15 |
10 | |
11 | echo $METHOD > $STRING_TO_SIGN |
12 | echo "" >> $STRING_TO_SIGN |
13 | if [ "$METHOD" = "GET" ]; then |
14 | echo "" >> $STRING_TO_SIGN |
15 | else |
16 | echo "application/json" >> $STRING_TO_SIGN |
17 | fi |
18 | echo "x-iijapi-expire:${IIJAPI_EXPIRE}" >> $STRING_TO_SIGN |
19 | echo "x-iijapi-signaturemethod:HmacSHA256" >> $STRING_TO_SIGN |
20 | echo "x-iijapi-signatureversion:2" >> $STRING_TO_SIGN |
21 | echo -n "/r/${APIVERSION}/${SERVICECODE}/${API}.json" >> $STRING_TO_SIGN |
22 | |
23 | SIGNATURE=`openssl dgst -sha256 -binary -hmac "$IIJAPI_SECRET_KEY" "$STRING_TO_SIGN" | base64` |
24 | |
25 | echo $SIGNATURE |
26 | |
27 | exit 0 |
Signature生成サンプル 実行例
SecretKey、API有効期限を環境変数で与えます。
AccessKeyはAPIリクエスト実行時に使用します。
※このスクリプトはあくまでサンプルです。環境変数、ShellのhistoryからAccessKey, SecretKeyが漏洩しないように十分に注意して下さい。
1 | $ export IIJAPI_ACCESS_KEY='アクセスキー' |
2 | $ export IIJAPI_SECRET_KEY='シークレットキー' |
3 | $ export IIJAPI_EXPIRE=`date -u -d '1 hours' +'%Y-%m-%dT%H:%M:%SZ'` |
4 | |
5 | $ ./sign.sh |
6 | blYqEogt4XNvvtTBvqNqPr96yRI/PxiJ4yZRRIOK76Q= |
APIリクエスト 実行例
生成したSignatureを使用してAPIを実行するサンプルです。
以下の例では curlコマンドを使用してAPIを実行します。
GET contract
$ curl -H "x-iijapi-Expire:$IIJAPI_EXPIRE" \ |
-H "x-iijapi-SignatureMethod:HmacSHA256" \ |
-H "x-iijapi-SignatureVersion:2" \ |
-H "Authorization:IIJAPI $IIJAPI_ACCESS_KEY:blYqEogt4XNvvtTBvqNqPr96yRI/PxiJ4yZRRIOK76Q=" \ |
https://cac.api.iij.jp/r/20140602/cac12345678/contract.json |
HTTP/1.1 200 OK |
Date: Tue, 10 Jun 2014 12:55:38 GMT |
Server: thin |
Content-Type: application/json; charset=utf-8 |
Strict-Transport-Security: max-age=2592000 |
X-Content-Type-Options: nosniff |
Connection: close |
Transfer-Encoding: chunked |
{"Result":{"RequestId":"xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx","ServiceCode":"cac12345678","PublicFqdn":"www.cac-example.iijgio.jp","CNAME":"xxxxxxxxxx.cas.iijgio.jp","Https":"off","DdoS":"off","Constructions":"on","OriginAccessType":"host","Origin":["origin.cac-example.iijgio.jp"],"OriginSendPublicFqdn":"off","NextOriginAccessType":"host","NextOrigin":["origin.cac-example.iijgio.jp"],"NextOriginSendPublicFqdn":"off","CreatedAt":"2014/02/18"}} |
PUT origin
curl -H "Content-Type:application/json" \ |
-H "x-iijapi-Expire:$IIJAPI_EXPIRE" \ |
-H "x-iijapi-SignatureMethod:HmacSHA256" \ |
-H "x-iijapi-SignatureVersion:2" \ |
-H "Authorization:IIJAPI $IIJAPI_ACCESS_KEY:3vZK2iqoLHCypoSBoWcaGtj6yjMyCIbh5OS4ur7FgUI=" \ |
-X PUT \ |
-d '{"OriginAccessType":"ip","OriginIPList":["198.51.100.1"]}' \ |
https://cac.api.iij.jp/r/20140602/cac12345678/origin.json |
HTTP/1.1 200 OK |
Date: Tue, 10 Jun 2014 13:05:38 GMT |
Server: thin |
Content-Type: application/json; charset=utf-8 |
Strict-Transport-Security: max-age=2592000 |
X-Content-Type-Options: nosniff |
Connection: close |
Transfer-Encoding: chunked |
{"Result":{"RequestId":"xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx","ServiceCode":"cac12345678","OriginAccessType":"ip","Origin":["198.51.100.1"],"OriginSendPublicFqdn": "on","NextOriginAccessType":"ip","NextOrigin": ["198.51.100.1"],"NextOriginSendPublicFqdn":"on"}} |
POST accesslog_key
curl -H "Content-Type:application/json" \ |
-H "x-iijapi-Expire:$IIJAPI_EXPIRE" \ |
-H "x-iijapi-SignatureMethod:HmacSHA256" \ |
-H "x-iijapi-SignatureVersion:2" \ |
-H "Authorization:IIJAPI $IIJAPI_ACCESS_KEY:RId4JTHPIXRcbVSalAgg2lf7EW7yKlXoh21raR5J62Y=" \ |
-X POST \ |
-d '{"BasicAuth":"on"}' \ |
https://cac.api.iij.jp/r/20140602/cac12345678/accesslog_key.json |
HTTP/1.1 200 OK |
Date: Tue, 10 Jun 2014 13:10:38 GMT |
Server: thin |
Content-Type: application/json; charset=utf-8 |
Strict-Transport-Security: max-age=2592000 |
X-Content-Type-Options: nosniff |
Connection: close |
Transfer-Encoding: chunked |
{"Result":{"RequestId":"xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx-xxxxxxxx","ServiceCode":"cac12345678","DownloadUrl":"https://help.cas.iijgio.jp/downloads/cac12345678/access_logs","DownloadKey":"wv1msg9yexdivicsxnbx0phrnhg","Expire":"2014-06-10 13:41:01","MaxNum":"20","User":"cac12345678","Password":"-McMSAxEjYOnxA"}} |
次のURLでアクセスログ(gzip形式)をダウンロードできます。
https://help.cas.iijgio.jp/downloads/cac12345678/access_logs?log_date=2014-06-09&download_key=wv1msg9yexdivicsxnbx0phrnhg&urlscheme=http |