All Products
Search

This Product

    Marketplace:Compute Signature

    Document Center

    Marketplace:Compute Signature

    Last Updated:Mar 25, 2025

    Important

    DISCLAIMER

    Please note that all content presented on this page is provided by Tuya (HK) Limited. Alibaba Cloud makes no representations and warranties, explicit or implied, as to the authenticity or accuracy of any such content, nor makes any guarantee to the condition, quality, durability, performance, reliability, merchantability or fitness for a particular purpose, or non-infringement of any products and/or services made available by Tuya (HK) Limited. 

    IoT platform authenticates the sender of each API access request, so API requests must include Signature information in the request.

    Description The platform provides Java language signature sample code, reference code, quickly generate signatures. Download java signature sample code

    The following is a detailed method of calculating the signature

    1. Get the key ID and key

    Before actually calculating the signature, there are several necessary parameters that need to be prepared. When signing, you need to sign in the console. AccessKey managementpage to view your key ID and key . Among them, key ID used to identify visitors; key is the key used to encrypt the signature string and verify the signature string on the server side, must be strictly confidential .

    2. Signature method

    Sign the request as follows:

    2.1. Construct a Canonicalized Query String using the request parameters.

    a. Sort parameters. In the dictionary order of the parameter names, the request parameters (including Common parametersand interface, but cannot include Signature parameter itself) to sort.

    Description When using the GET method to submit a request, these parameters are the parameters in the request URL, that is, the URL. What? Later & connected parts.

    B. Perform URL encoding on the name and value of each request parameter. Names and values are to be used in accordance with the UTF-8 character set. RFC3986rules for encoding. The encoding rules are as follows: ■Characters A ~ Z, a ~ z, 0~9, and characters - , _ , . , ~ no coding. ■Other characters are encoded %XY format, where XY is the hexadecimal representation of the character corresponding to the ASCII code. For example, double quotation marks in English " the corresponding coding is % 22 . ■Extended UTF-8 characters, encoded %XY%ZA&help; the format of. ■English spaces should be encoded % 20 instead of a plus + . The encoding method and application/x-www-form-urlencoded the MIME format encoding algorithm is similar but different. If you are using the Java Standard Library. java.net.URLEncoder , you can use the standard library first percentEncode encoding, followed by a plus sign in the encoded character + replace % 20 , Asterisk * replace % 2A , % 7E replace with tilde ~ , you can get the encoded string described by the above rule.

    private static final String ENCODING = "UTF-8";
private static String percentEncode(String value) throws UnsupportedEncodingException {
    return value != null ? URLEncoder.encode(value, ENCODING).replace("+", "%20").replace("*", "%2A").replace("%7E", "~") : null;
}

    c. Connect the encoded parameter names and values with an equal sign (=). d. Use the strings obtained by connecting English equal signs in the dictionary order of parameter names & symbolic connection. Once completed, the canonicalized request string (CanonicalizedQueryString) is obtained.

    2.2. Construct a signature string.

    Use percentEncode process the normalized string obtained in step 1 to construct the string used to calculate the signature. The following rules can be referred: 

    StringToSign=
  HTTPMethod + "&" +                      
  percentEncode("/") + "&" +              
  percentEncode(CanonicalizedQueryString)

    Parameter description: ○HTTPMethod: The HTTP method that sends the request, such as GET. ○percentEncode("/"): the value obtained by UTF-8 encoding the character "/", that is, "% 2F". ○percentEncode(CanonicalizedQueryString): Your canonicalized request string.

    2.3. Calculate the HMAC value.

    According RFC2104the definition of, using the string obtained in step 2. StringToSign calculates the signature HMAC value.

    HMAC-SHA1( AccessSecret, UTF-8-Encoding-Of(StringToSign) )

    Important The Key used when calculating the signature is your AccessKeySecret and add a and number & character (ASCII:38), the hash algorithm used is HMAC-SHA1.

    2.4. Calculate the signature value.

    Encode the HMAC value in step 3 into a string according to the Base64 encoding rule to obtain the Signature value. 

    Signature = Base64( HMAC-SHA1( AccessSecret, UTF-8-Encoding-Of(StringToSign) ) )

    1

    Signature=Base64(HMAC-SHA1(AccessSecret,UTF-8-Encoding-Of(StringToSign)))

    2.5. Add a signature.

    The resulting signature value is used as Signature parameters, according RFC3986after encoding the URL of the rule, add it to the request parameters to complete the process of signing the request.