String stringToSign = "GET" + "\n" +
"webservices.amazon.com" + "\n" +
"/onca/xml" + "\n" +
"AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&ItemId=0679722769&Operation=ItemLookup&ResponeGroup=ItemAttributes%2COffers%2CImages%2CReviews&Service=AWSECommerceService&Timestamp=2009-01-01T12%3A00%3A00Z&Version=2009-01-06";
SecretKeySpec keySpec = new SecretKeySpec(
"1234567890".getBytes(),
"HmacSHA256");
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(keySpec);
byte[] result = mac.doFinal(stringToSign.getBytes());
String encodedResult = Base64.encodeBase64String(result);
System.out.println("encodedResult: "+encodedResult);
String urlEncodedResult = URLEncoder.encode(encodedResult, "UTF-8").replace("+", "%2B").replace("*", "%2A").replace("%7E", "~");
System.out.println("ulrEncodedResult: "+urlEncodedResult);
这适用于AWS的REST身份验证。我得到的结果是: ulrEncodedResult:k1T%2FqvVoXgEvmdFhTEh71vLDznqEVCyKcslA5RRSB6s%3D
预期结果是: ulrEncodedResult:M%2Fy0%2BEAFFGaUAp4bWv%2FWEuXYah99pVsxvqtAuC8YN7I%3D
此处显示了身份验证的所有确切步骤:http://docs.aws.amazon.com/AWSECommerceService/2011-08-01/DG/rest-signature.html
有人能发现我犯的错误吗?
答案 0 :(得分:0)
一个问题是:
"1234567890".getBytes()
和这个
stringToSign.getBytes()
不指定使用的字符编码(例如UTF8)。它将取决于您的平台或JVM设置,这可能与您想要的不同(我怀疑,UTF8)。我更愿意使用getBytes(CharSet)变体。