Sample authentication code - Domain Management| Alibaba Cloud Documentation Center

Sample authentication code

Edit in GitHub

Last Updated: Jan 10, 2020 Edit in GitHub

Using this demo, you can perform URL authentication based on your business needs. For URL authentication rules, see Configure URL signing.

Python version

The following Python Demo contains three authentication methods: Authentication type A, Authentication Type B, and Authentication type C. Each method describes the composition of requested URLs and hash strings.

Note If the URL contains Chinese characters, you must perform URL encoding.

import re
import time
import hashlib
import datetime
def md5sum(src):
    m = hashlib.md5()
    m.update(src)
    return m.hexdigest()
# Authentication method A
def a_auth(uri, key, exp):
    p = re.compile("^(http://|https://)?([ ^/?] +) (/[^?] *)? ( \\?. *)? $ ")
    if not p:
        return None
    m = p.match(uri)
    scheme, host, path, args = m.groups()
    if not scheme: scheme = "http://"
    if not path: path = "/"
    if not args: args = ""
    rand = "0"      # "0" by default, other value is ok
    uid = "0"       # "0" by default, other value is ok
    sstring = "%s-%s-%s-%s-%s" %(path, exp, rand, uid, key)
    hashvalue = md5sum(sstring)
    auth_key = "%s-%s-%s-%s" %(exp, rand, uid, hashvalue)
    if args:
        return "%s%s%s%s&auth_key=%s" %(scheme, host, path, args, auth_key)
    else:
        return "%s%s%s%s? auth_key=%s" %(scheme, host, path, args, auth_key)
# Authentication method B
def b_auth(uri, key, exp):
    p = re.compile("^(http://|https://)?([ ^/?] +) (/[^?] *)? ( \\?. *)? $ ")
    if not p:
        return None
    m = p.match(uri)
    scheme, host, path, args = m.groups()
    if not scheme: scheme = "http://"
    if not path: path = "/"
    if not args: args = ""
    # convert unix timestamp to "YYmmDDHHMM" format
    nexp = datetime.datetime.fromtimestamp(exp).strftime('%Y%m%d%H%M')
    sstring = key + nexp + path
    hashvalue = md5sum(sstring)
    return "%s%s/%s/%s%s%s" %(scheme, host, nexp, hashvalue, path, args)
# Authentication method C
def c_auth(uri, key, exp):
    p = re.compile("^(http://|https://)?([ ^/?] +) (/[^?] *)? ( \\?. *)? $ ")
    if not p:
        return None
    m = p.match(uri)
    scheme, host, path, args = m.groups()
    if not scheme: scheme = "http://"
    if not path: path = "/"
    if not args: args = ""
    hexexp = "%x" %exp
    sstring = key + path + hexexp
    hashvalue = md5sum(sstring)
    return "%s%s/%s/%s%s%s" %(scheme, host, hashvalue, hexexp, path, args)
def main(_):
    uri = "http://xc.cdnpe.com/ping?foo=bar" # original uri
    key = "<input private key>"                         # private key of authorization
    exp = int(time.time()) + 1 * 3600                   # expiration time: 1 hour after current itme
    authuri = a_auth(uri, key, exp)                     # auth type: a_auth / b_auth / c_auth
    print("URL : %s\nAUTH: %s" %(uri, authuri))
if __name__ == '__main__':
    main()