具体过程参考官网开发者指南
转载请注明出处
[我的博客]http://www.lostbug.cn
只记录几个要点
- 书写上传策略
public class ImagePutPolicy implements Serializable {
private String scope;
private long deadline;
private ReturnBody returnBody;
public ImagePutPolicy( String fileName) {
scope = QiNiuConstant.SAVESPACE+":"+fileName;
}
public long getDeadline() {
return deadline;
}
public void setDeadline(long deadline) {
this.deadline = System.currentTimeMillis()/1000+deadline;
}
public ReturnBody getReturnBody() {
return returnBody;
}
public void setReturnBody(ReturnBody returnBody) {
this.returnBody = returnBody;
}
- 将上传策略Object 转Json样式字符串:
引用Google官方[Gson包]https://github.com/google/gson
Gson gson=new Gson();
String jsonObject= gson.toJson(mImagePutPolicy);
- 对JSON编码的上传策略进行URL安全的Base64编码,得到待签名字符数组
String encodedPutPolicy=Base64.encodeToString(jsonObject.getBytes(),Base64.URL_SAFE);
- 使用SecretKey对上一步生成的待签名字符数组计算HMAC-SHA1签名并进行URL安全的Base64编码:
这是Android方法,然而用后是 bad token,原来android太智能,自动在后面加了”\n”,
encodedSign=hmacSha1(encodedPutPolicy,secretKey)
public static String hmacSha1(String base, String key)
throws NoSuchAlgorithmException, InvalidKeyException {
String type = "HmacSHA1";
SecretKeySpec secret = new SecretKeySpec(key.getBytes(), type);
Mac mac = Mac.getInstance(type);
mac.init(secret);
byte[] digest = mac.doFinal(base.getBytes());
return Base64.encodeToString(digest, Base64.URL_SAFE).replaceAll("\n","");
}
好像android方法与Java方法产生不同结果,用JAVA方法,一切OK:
Mac mac = javax.crypto.Mac.getInstance("HmacSHA1");
mac.init(new SecretKeySpec(StringUtils.utf8Bytes(QiNiuConstant.SECRETKEY), "HmacSHA1"));
String encodedSign = UrlSafeBase64.encodeToString(mac.doFinal(StringUtils.utf8Bytes(encodedPutPolicy)));
- 将AccessKey、encodedSign和encodedPutPolicy用:连接起来
String uploadToken = QiNiuConstant.ACCESSKEY + ":" + encodedSign + ":" + encodedPutPolicy;