这里就不想吐槽接口调用有多繁琐了,第一次接触云点播的服务端的接口就被卡在签名上,幸好看文档找资料还是把签名给获取到了。作为新人真烧脑。现记录下云点播服务端的API请求过程,以备后面复用。
这里我就用我调用的API接口为例,看是如何实现的:
地址:https://cloud.tencent.com/document/product/266/31763
参数如下,但是要注意的是公共请求参数
打开后可以看到签名方法 v3,这里文档不做过多的讲解,直接查看签名方法 v3
首先,需要在 云API密钥 页面,单击【新建密钥】即可以创建一对密钥获取secretId和secretkey
代码如下:
//密钥ID $secretId = "XXXXXX"; //密钥KEY $secretKey = "XXXXX"; //获取媒体详细信息接口地址 $host = '接口请求域名'; //接口产品名称(可以理解为接口地址的第一段) $service = '产品名,必须与调用的产品域名一致'; //接口开发的版本时间 $version = "参数Version"; //调用接口的接口名称 $action = "在API概览中找相应的产品名称"; //希望调用接口的哪个地域的数据(默认是就近原则) $region = "ap-chongqing"; //当前时间戳 $timestamp = time(); //签名方法,V3固定为 TC3-HMAC-SHA256 $algorithm = "TC3-HMAC-SHA256";
//第一步;生成规范字符串请求 //HTTP 请求方法(GET、POST ) $httpRequestMethod = "POST"; //URI 参数,API 3.0 固定为正斜杠(/) $canonicalUri = "/"; //发起 HTTP 请求 URL 中的查询字符串, //对于 POST 请求,固定为空字符串"" //对于 GET 请求,则为 URL 中问号(?)后面的字符串内容 $canonicalQueryString = ""; //参与签名的头部信息,至少包含content-type 和 host 两个头部 $canonicalHeaders = "content-type:application/json; charset=utf-8\n"."host:".$host."\n"; //参与签名的头部信息,说明此次请求有哪些头部参与了签名(按ASCII 升序进行拼接,用分号隔开) $signedHeaders = "content-type;host"; //POST参数(POST发请求要带的参数,转json后在hash加密) $payload = array( 'FileIds'=> array('媒体ID值'), 'Filters'=>array('basicInfo') );
$post_data = json_encode($payload); //加密官方给的是SHA256加密方式 $hashedRequestPayload = hash("SHA256", $post_data);
//拼接规范请求串 $canonicalRequest = $httpRequestMethod."\n" .$canonicalUri."\n" .$canonicalQueryString."\n" .$canonicalHeaders."\n" .$signedHeaders."\n" .$hashedRequestPayload; //第二步:生成要签名的字符串 $date = gmdate("Y-m-d", $timestamp); $credentialScope = $date."/".$service."/tc3_request"; $hashedCanonicalRequest = hash("SHA256", $canonicalRequest); $stringToSign = $algorithm."\n" .$timestamp."\n" .$credentialScope."\n" .$hashedCanonicalRequest; //第三步:签名字符串 $secretDate = hash_hmac("SHA256", $date, "TC3".$secretKey, true); $secretService = hash_hmac("SHA256", $service, $secretDate, true); $secretSigning = hash_hmac("SHA256", "tc3_request", $secretService, true); //生成签名 $signature = hash_hmac("SHA256", $stringToSign, $secretSigning); //生成授权(该空格的空格) $authorization = $algorithm ." Credential=".$secretId."/".$credentialScope .", SignedHeaders=content-type;host, Signature=".$signature;
//接口调用 $url = "https://vod.tencentcloudapi.com/"; //添加header头信息 $header = array( "Authorization: $authorization", "Content-Type: application/json; charset=utf-8", "Host: $host", "X-TC-Action: $action", "X-TC-Timestamp: $timestamp", "X-TC-Version: $version", "X-TC-Region: $region" );
$curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_TIMEOUT, 300);//超时设置 curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);//1表示不返回bool值 //curl_setopt($curl, CURLOPT_SAFE_UPLOAD, false); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($curl, CURLOPT_POST, 1); curl_setopt($curl, CURLOPT_POSTFIELDS, $post_data); //设置header头 curl_setopt($curl, CURLOPT_HEADER, 0); curl_setopt($curl, CURLOPT_HTTPHEADER, $header); $data = curl_exec($curl); if (curl_errno($curl)) { return curl_error($curl); } curl_close($curl); //打印 print_r($data);
最后,所有的点播的接口签名都遵寻上面的签名方法V3。只要搞清签名和传参的过程,其他接口就很简单了。