Yes, Cloud Monitor supports the HMAC-SHA1 signature algorithm. It is the only signature algorithm that Cloud Monitor supports. To use the HMAC-SHA1 signature algorithm, perform the steps described in this topic.
Procedure
Prepare an Alibaba Cloud AccessKey pair.
A pair of AccessKey ID and AccessKey secret is required to generate a signature for an HTTP request.
NoteYou can use an existing AccessKey pair or create one. The AccessKey pair must be active.
Generate a signature string for an HTTP request.
The signature string of an HTTP request is generated based on the Method, Header, and Body fields of the HTTP request.
SignString = VERB + "\n" + CONTENT-MD5 + "\n" + CONTENT-TYPE + "\n" + DATE + "\n" + CanonicalizedHeaders + "\n" + CanonicalizedResourceIn the preceding formula,
\nindicates the escaped newline character and the plus sign (+) indicates the string concatenation operator. The following table describes the definitions of other fields.Parameter
Description
Example
VERB
The HTTP method used to make the request.
PUT, GET, or POST
CONTENT-MD5
The MD5 value of the Body field in the HTTP request.
NoteThe MD5 value must be a string consisting of uppercase letters and digits.
0B9BE351E56C90FED853B32524253E8B
CONTENT-TYPE
The type of the HTTP request body.
application/json
DATE
The standard timestamp header of the HTTP request.
NoteThis timestamp header follows the RFC 1123 time format and uses the GMT standard time.
Mon, 3 Jan 2010 08:33:47 GMT
CanonicalizedHeaders
The string constructed from the custom headers that are prefixed with
x-cmsandx-acsin the HTTP request.x-cms-api-version:0.1.0
x-cms-signature
CanonicalizedResource
The string constructed from the resources requested by the HTTP request.
/event/custom/upload
The CanonicalizedHeaders and CanonicalizedResource strings in the preceding table are constructed based on the following rules:
CanonicalizedHeaders
Convert the names of all headers that are prefixed with
x-cmsandx-acsto lowercase letters.Sort the case-converted headers generated in the preceding step in lexicographic order.
Delete all spaces on each side of the delimiter between each header and value.
Separate all the preceding headers with delimiters (
\n) to form the final CanonicalizedHeaders string.
CanonicalizedResource
Set the CanonicalizedResource string to an empty string ("").
Place the URI that you want to access, such as
/event/custom/upload, between the quotation marks.If the request contains a query string, add a question mark (
?) and the query string to the end of the CanonicalizedResource string.The sort string is the lexicographically sorted string of the request parameters included in the URI. Equal signs (
=) are used between the names and values of parameters to form a string. The parameter name-parameter value pairs are then sorted in lexicographic order and connected with ampersands (&) to form a string. The following formula is used to construct the query string:QUERY_STRING = "KEY1=VALUE1" + "&" + "KEY2=VALUE2"
Generate a digital signature for the HTTP request.
Formula for generating a digital signature:
Signature=base16(hmac-sha1(UTF8-Encoding-Of(SignString),AccessKeySecret))Sample signature string of an HTTP request:
SignString="POST" + "\n" +"0B9BE351E56C90FED853B32524253E8B" + "\n" +"application/json" + "\n" +"Tue, 11 Dec 2018 21:05:51 +0800" + "\n" +"x-cms-api-version:1.0" + "\n" +"x-cms-ip:127.0.0.1" + "\n" +"x-cms-signature:hmac-sha1" + "\n" +"/metric/custom/upload" accesskey="testkey" accessSecret="testsecret" // The AccessKey secret used to sign the HTTP request.Signature generated based on the preceding signature string:
1DC19ED63F755ACDE203614C8A1157EB1097E922