[GitHub] [apisix] nic-chen commented on a change in pull request #2301: feat: replace timestamp with date and time in GMT format in plugin `hmac-auth`

Thu, 24 Sep 2020 06:56:29 -0700 


nic-chen commented on a change in pull request #2301:
URL: https://github.com/apache/apisix/pull/2301#discussion_r494339821



##########
File path: doc/plugins/hmac-auth.md
##########
@@ -83,12 +83,13 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 
'X-API-KEY: edd1c9f034335f13
 ## Test Plugin
 
 ### generate signature:
-The calculation formula of the signature is `signature = 
HMAC-SHAx-HEX(secret_key, signing_string)`. From the formula, it can be seen 
that in order to obtain the signature, two parameters, `SECRET_KEY` and 
`signing_STRING`, are required. Where secret_key is configured by the 
corresponding consumer, the calculation formula of `signing_STRING` is 
`signing_string = HTTP Method + HTTP URI + canonical_query_string + access_key 
+ timestamp + signed_headers_string`
+The calculation formula of the signature is `signature = 
HMAC-SHAx-HEX(secret_key, signing_string)`. From the formula, it can be seen 
that in order to obtain the signature, two parameters, `SECRET_KEY` and 
`signing_STRING`, are required. Where secret_key is configured by the 
corresponding consumer, the calculation formula of `signing_STRING` is 
`signing_string = HTTP Method + HTTP URI + canonical_query_string + access_key 
+ HTTP Date + signed_headers_string`
 
 1. **HTTP Method** : Refers to the GET, PUT, POST and other request methods 
defined in the HTTP protocol, and must be in all uppercase.
 2. **HTTP URI** : `HTTP URI` requirements must start with "/", those that do 
not start with "/" need to be added, and the empty path is "/".
-3. **canonical_query_string** :`canonical_query_string` is the result of 
encoding the `query` in the URL (`query` is the string "key1 = valve1 & key2 = 
valve2" after the "?" in the URL).
-4. **signed_headers_string** :`signed_headers_string` is the result of 
obtaining the fields specified by the client from the request header and 
concatenating the strings in order.
+3. **HTTP Date** : Date and time string in GMT format.

Review comment:
       fixed.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to