This topic uses Python demos to demonstrate how to implement three URL signing types.
Python demos
For more information about the URL signing types, see the following topics:
The following code blocks show the demos.
Note
Python has two major versions, Python 2 and Python 3. Python 3 is not backward compatible with Python 2. Therefore, sample code for Python 2 and Python 3 is provided.
If a URL contains Chinese characters, encode the URL by using the UrlEncode() function before you run the code for URL signing.
Python 2 uses ASCII encoding, and Python 3 uses UTF-8 encoding. You need to use UTF-8 encoding for passing the hash. Therefore, UTF-8 encoding is added to the hashlib.md5() function in the sample code for Python 3.
Python3
import re
import time
import hashlib
import datetime
def md5sum(src):
m = hashlib.md5()
m.update(src.encode(encoding='utf-8')) # Add the UTF-8 encoding operation.
return m.hexdigest()
# Signing type A
def a_auth(uri, key, exp):
p = re.compile("^(http://|https://)?([^/?]+)(/[^?]*)?(\\?.*)?$")
if not p:
return None
m = p.match(uri)
scheme, host, path, args = m.groups()
if not scheme: scheme = "http://"
if not path: path = "/"
if not args: args = ""
rand = "0" # "0" by default, other value is ok
uid = "0" # "0" by default, other value is ok
sstring = "%s-%s-%s-%s-%s" %(path, exp, rand, uid, key)
hashvalue = md5sum(sstring)
auth_key = "%s-%s-%s-%s" %(exp, rand, uid, hashvalue)
if args:
return "%s%s%s%s&auth_key=%s" %(scheme, host, path, args, auth_key)
else:
return "%s%s%s%s?auth_key=%s" %(scheme, host, path, args, auth_key)
# Signing type B
def b_auth(uri, key, exp):
p = re.compile("^(http://|https://)?([^/?]+)(/[^?]*)?(\\?.*)?$")
if not p:
return None
m = p.match(uri)
scheme, host, path, args = m.groups()
if not scheme: scheme = "http://"
if not path: path = "/"
if not args: args = ""
# convert unix timestamp to "YYmmDDHHMM" format
nexp = datetime.datetime.fromtimestamp(exp).strftime('%Y%m%d%H%M')
sstring = key + nexp + path
hashvalue = md5sum(sstring)
return "%s%s/%s/%s%s%s" %(scheme, host, nexp, hashvalue, path, args)
# Signing type C
def c_auth(uri, key, exp):
p = re.compile("^(http://|https://)?([^/?]+)(/[^?]*)?(\\?.*)?$")
if not p:
return None
m = p.match(uri)
scheme, host, path, args = m.groups()
if not scheme: scheme = "http://"
if not path: path = "/"
if not args: args = ""
hexexp = "%x" %exp
sstring = key + path + hexexp
hashvalue = md5sum(sstring)
return "%s%s/%s/%s%s%s" %(scheme, host, hashvalue, hexexp, path, args)
# The following section shows the values of the uri, key, and exp parameters.
def main():
uri = "http://example.aliyundoc.com/ping?foo=bar" # original uri
key = "<input private key>" # private key of authorization
exp = int(time.time()) + 1 * 3600 # expiration time: 1 hour after current itme
# "1 * 3600" specifies the time-to-live (TTL) value that the signing server assigns to signed URLs. You can customize the value as required. Unit: seconds. The TTL value that is assigned by the signing server is irrelevant to the TTL value that is assigned by DCDN.
# Validity period of a signed URL = UNIX timestamp that is generated on the signing server + TTL that is assigned by the signing server + TTL that is assigned by DCDN.
# For signing type A, if the UNIX timestamp that is generated on the signing server is 1444435200, the TTL value that is assigned by the signing server is 3600, and the TTL value that is assigned by DCDN is 1800, then the validity period of the URL is 1444440600 (1444435200 + 3600 + 1800).
# The following section shows how to implement signing type A:
authuri = a_auth(uri, key, exp) # auth type: a_auth / b_auth / c_auth
print("URL : %s\nAUTH: %s" %(uri, authuri))
if __name__ == "__main__":
main()
Python2
import re
import time
import hashlib
import datetime
def md5sum(src):
m = hashlib.md5()
m.update(src)
return m.hexdigest()
# Signing type A
def a_auth(uri, key, exp):
p = re.compile("^(http://|https://)?([^/?]+)(/[^?]*)?(\\?.*)?$")
if not p:
return None
m = p.match(uri)
scheme, host, path, args = m.groups()
if not scheme: scheme = "http://"
if not path: path = "/"
if not args: args = ""
rand = "0" # "0" by default, other value is ok
uid = "0" # "0" by default, other value is ok
sstring = "%s-%s-%s-%s-%s" %(path, exp, rand, uid, key)
hashvalue = md5sum(sstring)
auth_key = "%s-%s-%s-%s" %(exp, rand, uid, hashvalue)
if args:
return "%s%s%s%s&auth_key=%s" %(scheme, host, path, args, auth_key)
else:
return "%s%s%s%s?auth_key=%s" %(scheme, host, path, args, auth_key)
# Signing type B
def b_auth(uri, key, exp):
p = re.compile("^(http://|https://)?([^/?]+)(/[^?]*)?(\\?.*)?$")
if not p:
return None
m = p.match(uri)
scheme, host, path, args = m.groups()
if not scheme: scheme = "http://"
if not path: path = "/"
if not args: args = ""
# convert unix timestamp to "YYmmDDHHMM" format
nexp = datetime.datetime.fromtimestamp(exp).strftime('%Y%m%d%H%M')
sstring = key + nexp + path
hashvalue = md5sum(sstring)
return "%s%s/%s/%s%s%s" %(scheme, host, nexp, hashvalue, path, args)
# Signing type C
def c_auth(uri, key, exp):
p = re.compile("^(http://|https://)?([^/?]+)(/[^?]*)?(\\?.*)?$")
if not p:
return None
m = p.match(uri)
scheme, host, path, args = m.groups()
if not scheme: scheme = "http://"
if not path: path = "/"
if not args: args = ""
hexexp = "%x" %exp
sstring = key + path + hexexp
hashvalue = md5sum(sstring)
return "%s%s/%s/%s%s%s" %(scheme, host, hashvalue, hexexp, path, args)
# The following section shows the values of the uri, key, and exp parameters.
def main():
uri = "http://example.aliyundoc.com/ping?foo=bar" # original uri
key = "<input private key>" # private key of authorization
exp = int(time.time()) + 1 * 3600 # expiration time: 1 hour after current itme
# "1 * 3600" specifies the time-to-live (TTL) value that the signing server assigns to signed URLs. You can customize the value as required. Unit: seconds. The TTL value that is assigned by the signing server is irrelevant to the TTL value that is assigned by DCDN.
# Validity period of a signed URL = UNIX timestamp that is generated on the signing server + TTL that is assigned by the signing server + TTL that is assigned by DCDN.
# For signing type A, if the UNIX timestamp that is generated on the signing server is 1444435200, the TTL value that is assigned by the signing server is 3600, and the TTL value that is assigned by DCDN is 1800, then the validity period of the URL is 1444440600 (1444435200 + 3600 + 1800).
# The following section shows how to implement signing type A:
authuri = a_auth(uri, key, exp) # auth type: a_auth / b_auth / c_auth
print("URL : %s\nAUTH: %s" %(uri, authuri))
if __name__ == "__main__":
main()