ApsaraMQ for RabbitMQ:CreateAccount

Background information

When an open-source client accesses an ApsaraMQ for RabbitMQ server, it must provide a username and password for authentication. The client can access the server after the authentication is successful. ApsaraMQ for RabbitMQ lets you generate a username and password from an AccessKey ID and AccessKey secret provided by RAM.

Notes

• The instance for which you create a static username and password must be in the In Service state.

• An AccessKey and a static username and password have a one-to-one mapping within an instance. This means you can create only one static username and password for each AccessKey in an instance.

• To update a static username and password, delete the existing one and create a new one.

Username calculation sample code

The value of the userName request parameter is a Base64-encoded string. This string is constructed from the instance ID and the AccessKey ID. The following sample code shows how to calculate the value:

import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.Base64;

public class Base64Utils {
    public static final Charset UTF8 = StandardCharsets.UTF_8;

    /**
     * Decode a Base64 string
     *
     * @param str
     * @return
     */
    public static String decode(String str) {
        return new String(Base64.getDecoder().decode(str.getBytes(UTF8)), UTF8);
    }

    public static String encode(String bytes) {
        return new String(Base64.getEncoder().encode(bytes.getBytes(UTF8)), UTF8);
    }

    public static void main(String[] args) {
        // Construct a string from your instance ID and the AccessKey ID of the account that was used to purchase the instance.
        String str = "2:${instanceId}:${ak}";

        // Generate the userName for the API call.
        String userName = encode(str);
        System.out.println("userName=" + userName);

        String decodeStr = decode(userName);
        System.out.println("originStr=" + decodeStr);
    }
}

Signature algorithm sample code

The values of the signature and secretSign request parameters are calculated using an encryption algorithm. The algorithm uses the creation timestamp of the static username and the AccessKey secret. The following sample code shows the algorithm:

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;

public class SignatureUtils {

    public static String hamcsha1(byte[] data, byte[] key) throws NoSuchAlgorithmException, InvalidKeyException {
        SecretKeySpec signingKey = new SecretKeySpec(key, "HmacSHA1");
        Mac mac = Mac.getInstance("HmacSHA1");
        mac.init(signingKey);
        return byte2hex(mac.doFinal(data));
    }

    public static String byte2hex(byte[] b) {
        StringBuilder hs = new StringBuilder();
        String stmp;
        for (int n = 0; b != null && n < b.length; n++) {
            stmp = Integer.toHexString(b[n] & 0XFF);
            if (stmp.length() == 1) {
                hs.append('0');
            }
            hs.append(stmp);
        }
        return hs.toString().toUpperCase();
    }

    public static void main(String[] args) throws InvalidKeyException, NoSuchAlgorithmException {
        // createTimestamp is the createTimestamp parameter of the API.
        String createTimestamp = String.valueOf(System.currentTimeMillis());
        System.out.println("timestamp:" + createTimestamp);

        // The AccessKey secret of your account.
        String sk = "${sk}";

        // Generate the SecretSign for the API call.
        String SecretSign = hamcsha1(sk.getBytes(), createTimestamp.getBytes());
        System.out.println("SecretSign:" + SecretSign);

        // Generate the signature for the API call.
        String signature = hamcsha1(createTimestamp.getBytes(), sk.getBytes());
        System.out.println("signature:" + signature);
    }
}