vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/obs/s3api/en-us_topic_0125560243.html
Jawei, Li 1a4c1a720a OBS s3api 2.0.38.SP5 
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: Jawei, Li <lijiawei5@huawei.com>
Co-committed-by: Jawei, Li <lijiawei5@huawei.com>
2022-11-16 14:51:13 +00:00

171 lines
17 KiB
HTML
Raw Blame History

<a name="EN-US_TOPIC_0125560243"></a><a name="EN-US_TOPIC_0125560243"></a>
<h1 class="topictitle1">V2 Common Request</h1>
<div id="body2784095"><p id="EN-US_TOPIC_0125560243__p1789605">A common HTTP/HTTPS request is authenticated by its <strong id="EN-US_TOPIC_0125560243__b25056856">Authorization</strong> header. The following is the format of the <strong id="EN-US_TOPIC_0125560243__b91131497505">Authorization</strong> header:</p>
<pre class="screen" id="EN-US_TOPIC_0125560243__screen16106447">Authorization: AWS AccessKeyID:signature</pre>
<p id="EN-US_TOPIC_0125560243__p10740297">To generate the signature, perform the following steps:</p>
<ol id="EN-US_TOPIC_0125560243__ol29553812"><li id="EN-US_TOPIC_0125560243__li16339495">Construct <strong id="EN-US_TOPIC_0125560243__b12837735">StringToSign</strong> using request parameters.<pre class="screen" id="EN-US_TOPIC_0125560243__screen48430751">StringToSign = HTTP-Verb + "\n" + Content-MD5 + "\n" + Content-Type + "\n" + Date + "\n" + CanonicalizedOBSHeaders + CanonicalizedResource</pre>
<p class="litext" id="EN-US_TOPIC_0125560243__p33223577"><a href="#EN-US_TOPIC_0125560243__table41134075">Table 1</a> describes the parameters of a request.</p>
<div class="tablenoborder"><a name="EN-US_TOPIC_0125560243__table41134075"></a><a name="table41134075"></a><table cellpadding="4" cellspacing="0" summary="" id="EN-US_TOPIC_0125560243__table41134075" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Request parameters</caption><thead align="left"><tr id="EN-US_TOPIC_0125560243__row19019073"><th align="left" class="cellrowborder" valign="top" width="35.9%" id="mcps1.3.4.1.4.2.3.1.1"><p id="EN-US_TOPIC_0125560243__p64149930">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="64.1%" id="mcps1.3.4.1.4.2.3.1.2"><p id="EN-US_TOPIC_0125560243__p28761840">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="EN-US_TOPIC_0125560243__row48007674"><td class="cellrowborder" valign="top" width="35.9%" headers="mcps1.3.4.1.4.2.3.1.1 "><p id="EN-US_TOPIC_0125560243__p63416368">HTTP-Verb</p>
</td>
<td class="cellrowborder" valign="top" width="64.1%" headers="mcps1.3.4.1.4.2.3.1.2 "><p id="EN-US_TOPIC_0125560243__p36452220">Indicates an HTTP request method supported by OBS REST API. The value can be an HTTP verb such as PUT, GET, or DELETE.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0125560243__row59634524"><td class="cellrowborder" valign="top" width="35.9%" headers="mcps1.3.4.1.4.2.3.1.1 "><p id="EN-US_TOPIC_0125560243__p65667169">Date</p>
</td>
<td class="cellrowborder" valign="top" width="64.1%" headers="mcps1.3.4.1.4.2.3.1.2 "><p id="EN-US_TOPIC_0125560243__p17440495">Indicates the time when the request is initiated. The value must be in RFC 1123 format. This parameter is an empty string when the <strong id="EN-US_TOPIC_0125560243__b22746728">x-amz-date</strong> is specified. For details, see <a href="#EN-US_TOPIC_0125560243__table25172842">Table 3</a>.</p>
<p id="EN-US_TOPIC_0125560243__p30545685">This parameter can be omitted if the request is for a temporarily authorized operation.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0125560243__row6475715"><td class="cellrowborder" valign="top" width="35.9%" headers="mcps1.3.4.1.4.2.3.1.1 "><p id="EN-US_TOPIC_0125560243__p54770906">Content-Type</p>
</td>
<td class="cellrowborder" valign="top" width="64.1%" headers="mcps1.3.4.1.4.2.3.1.2 "><p id="EN-US_TOPIC_0125560243__p7258393">Indicates the content type and is used for specifying the request content type, for example, <strong id="EN-US_TOPIC_0125560243__b65325544">text/plain</strong>.</p>
<p id="EN-US_TOPIC_0125560243__p55733946154843">This parameter is an empty string when the request does not contain the header. See <a href="#EN-US_TOPIC_0125560243__table54992765">Table 2</a>.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0125560243__row51058985"><td class="cellrowborder" valign="top" width="35.9%" headers="mcps1.3.4.1.4.2.3.1.1 "><p id="EN-US_TOPIC_0125560243__p42137138">Content-MD5</p>
</td>
<td class="cellrowborder" valign="top" width="64.1%" headers="mcps1.3.4.1.4.2.3.1.2 "><p id="EN-US_TOPIC_0125560243__p17853175621510">The MD5 digest string of the message body is calculated according to the RFC 1864 standard. That is, calculate the 128-bit binary array (the message header data encrypted with MD5) first, and then use Base 64 encoding to convert the binary data to a character string.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0125560243__row49222835"><td class="cellrowborder" valign="top" width="35.9%" headers="mcps1.3.4.1.4.2.3.1.1 "><p id="EN-US_TOPIC_0125560243__ole_link13">CanonicalizedOBSHeaders</p>
</td>
<td class="cellrowborder" valign="top" width="64.1%" headers="mcps1.3.4.1.4.2.3.1.2 "><p id="EN-US_TOPIC_0125560243__p23167904">Indicates an OBS-defined header prefixed with <strong id="EN-US_TOPIC_0125560243__b19459151815508">x-amz-</strong>, for example, <strong id="EN-US_TOPIC_0125560243__b64660974">x-amz-date</strong> or <strong id="EN-US_TOPIC_0125560243__b45077859">x-amz-acl</strong>.</p>
<p id="EN-US_TOPIC_0125560243__p3047552">1. All characters in the OBS-defined header must be converted to lower-case letters. If a request contains multiple OBS-defined headers, the headers are organized in a dictionary order.</p>
<p id="EN-US_TOPIC_0125560243__p27427975">2. If multiple OBS-defined headers in a request have the same prefix, combine the headers into one. For example, if headers <strong id="EN-US_TOPIC_0125560243__b45525183">x-amz-meta-name:name1</strong> and <strong id="EN-US_TOPIC_0125560243__b7073466">x-amz-meta-name:name2</strong> are added, combine the headers to <strong id="EN-US_TOPIC_0125560243__b63661202">x-amze-meta-name:name1,name2</strong>.</p>
<p id="EN-US_TOPIC_0125560243__p36079911">3. If an OBS-defined header contains non-ASCII or unrecognizable characters, the header must be Base64 encoded.</p>
<p id="EN-US_TOPIC_0125560243__p56283746">4. An OBS-defined header contains spaces or tabs only when necessary. Unnecessary spaces must be omitted. For example, <strong id="EN-US_TOPIC_0125560243__b734115283504">x-amz-meta-name: name</strong> must be changed to <strong id="EN-US_TOPIC_0125560243__b62689558">x-amz-meta-name:name</strong>. The space between <strong id="EN-US_TOPIC_0125560243__b03131043165011">x-amz-meta-name:</strong> and <strong id="EN-US_TOPIC_0125560243__b1842645516502">name</strong> is omitted.</p>
<p id="EN-US_TOPIC_0125560243__p66660559">5. Each OBS-defined header occupies a separate line. For details, see <a href="#EN-US_TOPIC_0125560243__table25228990">Table 4</a>.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0125560243__row30796205"><td class="cellrowborder" valign="top" width="35.9%" headers="mcps1.3.4.1.4.2.3.1.1 "><p id="EN-US_TOPIC_0125560243__p11464716">CanonicalizedResource</p>
</td>
<td class="cellrowborder" valign="top" width="64.1%" headers="mcps1.3.4.1.4.2.3.1.2 "><p id="EN-US_TOPIC_0125560243__p56226836">Indicates a requested resource. This parameter is constructed as follows:</p>
<p id="EN-US_TOPIC_0125560243__p36279478">["/" + Bucket ] + &lt;HTTP-Request-URI, ["/" + object name]&gt; + [subresource].</p>
<p id="EN-US_TOPIC_0125560243__p1923153182713">[subresource] is mandatory if any subresource exists.</p>
<p id="EN-US_TOPIC_0125560243__p6847548">In virtual-style requests, the bucket name is required. In other requests, the bucket name is not required. For details, see <a href="#EN-US_TOPIC_0125560243__table54992765">Table 2</a>.</p>
<p id="EN-US_TOPIC_0125560243__p17780525">If a subresource (such as <strong id="EN-US_TOPIC_0125560243__b4074007">?acl</strong> and <strong id="EN-US_TOPIC_0125560243__b36666067">?logging</strong>) exists, the subresource must be added. The subresource includes <strong id="EN-US_TOPIC_0125560243__b165461624143414">acl</strong>, <strong id="EN-US_TOPIC_0125560243__b75122267347">lifecycle</strong>, <strong id="EN-US_TOPIC_0125560243__b13398427143410">location</strong>, <strong id="EN-US_TOPIC_0125560243__b423562820349">logging</strong>, <strong id="EN-US_TOPIC_0125560243__b7540185852219">notification</strong>, <strong id="EN-US_TOPIC_0125560243__b17251431163419">partNumber</strong>, <strong id="EN-US_TOPIC_0125560243__b1433513318346">policy</strong>, <strong id="EN-US_TOPIC_0125560243__b143398347344">uploadId</strong>, <strong id="EN-US_TOPIC_0125560243__b532853523417">uploads</strong>, <strong id="EN-US_TOPIC_0125560243__b5422036143415">versionId</strong>, <strong id="EN-US_TOPIC_0125560243__b938413373342">versioning</strong>, <strong id="EN-US_TOPIC_0125560243__b133931638193412">versions</strong>, <strong id="EN-US_TOPIC_0125560243__b4601183963420">website</strong>, <strong id="EN-US_TOPIC_0125560243__b17441341113415">quota</strong>, <strong id="EN-US_TOPIC_0125560243__b20382442183415">storagePolicy</strong>, <strong id="EN-US_TOPIC_0125560243__b134604317344">storageinfo</strong>, and <strong id="EN-US_TOPIC_0125560243__b12383124413342">deletebucket</strong>. For details, see <a href="#EN-US_TOPIC_0125560243__table4097412592916">Table 5</a>.</p>
</td>
</tr>
</tbody>
</table>
</div>
<p id="EN-US_TOPIC_0125560243__p17161430">Note that the calculation method of Content-MD5 is to first calculate the binary array encrypted by MD5, and then perform Base-64 encoding for the binary array, instead of directly encoding the 32-bit character string. The following is an example of the Java code used to calculate the Content-MD5 value:</p>
<pre class="screen" id="EN-US_TOPIC_0125560243__screen114699311194">MessageDigest md = MessageDigest.getInstance("MD5");
md.update(buffer);
byte[] digests = md.digest();
String md5 = Base64.encode(digests);</pre>
<p id="EN-US_TOPIC_0125560243__p8124195581820">In the code, buffer stands for the byte stream of the message body, and digests stands for the 128-bit binary array calculated from the message body with MD5. Then the binary data is converted to the correct Content-MD5 value by Base-64 encoding.</p>
<p id="EN-US_TOPIC_0125560243__p1520213513196"></p>
<p id="EN-US_TOPIC_0125560243__p20235143"><a href="#EN-US_TOPIC_0125560243__table54992765">Table 2</a> lists example <strong id="EN-US_TOPIC_0125560243__b28433869">StringToSign</strong>.</p>
<div class="tablenoborder"><a name="EN-US_TOPIC_0125560243__table54992765"></a><a name="table54992765"></a><table cellpadding="4" cellspacing="0" summary="" id="EN-US_TOPIC_0125560243__table54992765" frame="border" border="1" rules="all"><caption><b>Table 2 </b>StringToSign generated for GET Object ACL</caption><thead align="left"><tr id="EN-US_TOPIC_0125560243__row58090788"><th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.4.1.10.2.3.1.1"><p id="EN-US_TOPIC_0125560243__p7733362">Request Header</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.4.1.10.2.3.1.2"><p id="EN-US_TOPIC_0125560243__p22422552">StringToSign</p>
</th>
</tr>
</thead>
<tbody><tr id="EN-US_TOPIC_0125560243__row4287423"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.1.10.2.3.1.1 "><p id="EN-US_TOPIC_0125560243__p47194909212511">GET /object.txt HTTP/1.1</p>
<p id="EN-US_TOPIC_0125560243__p15880148162927">Host: bucketname.obs.example.com</p>
<p id="EN-US_TOPIC_0125560243__p64691321212511">Date: Sat, 12 Oct 2015 08:12:38 GMT</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.1.10.2.3.1.2 "><p id="EN-US_TOPIC_0125560243__p5505616212511">GET \n</p>
<p id="EN-US_TOPIC_0125560243__p43301772212511">\n</p>
<p id="EN-US_TOPIC_0125560243__p54171636212511">Sat, 12 Oct 2015 08:12:38 GMT\n</p>
<p id="EN-US_TOPIC_0125560243__p17782677212511">/bucket/object.txt</p>
</td>
</tr>
</tbody>
</table>
</div>
<p id="EN-US_TOPIC_0125560243__p27097356"></p>
<div class="tablenoborder"><a name="EN-US_TOPIC_0125560243__table25172842"></a><a name="table25172842"></a><table cellpadding="4" cellspacing="0" summary="" id="EN-US_TOPIC_0125560243__table25172842" frame="border" border="1" rules="all"><caption><b>Table 3 </b>StringToSign generated for a PUT Object request containing OBS-defined headers (1)</caption><thead align="left"><tr id="EN-US_TOPIC_0125560243__row12086140"><th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.4.1.12.2.3.1.1"><p id="EN-US_TOPIC_0125560243__p39453247">Request Header</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.4.1.12.2.3.1.2"><p id="EN-US_TOPIC_0125560243__p41596476">StringToSign</p>
</th>
</tr>
</thead>
<tbody><tr id="EN-US_TOPIC_0125560243__row13871385"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.1.12.2.3.1.1 "><p id="EN-US_TOPIC_0125560243__p45738961212511">PUT /object.txt HTTP/1.1</p>
<p id="EN-US_TOPIC_0125560243__p8997468212511">User-Agent: curl/7.15.5</p>
<p id="EN-US_TOPIC_0125560243__p41479500162750">Host: bucketname.obs.example.com</p>
<p id="EN-US_TOPIC_0125560243__p57706333212511">x-amz-date:Tue, 15 Oct 2015 07:20:09 GMT</p>
<p id="EN-US_TOPIC_0125560243__p49594957212511">content-type: text/plain</p>
<p id="EN-US_TOPIC_0125560243__p43701435212511">Content-Length: 5913339</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.1.12.2.3.1.2 "><p id="EN-US_TOPIC_0125560243__p50155357212511">PUT\n</p>
<p id="EN-US_TOPIC_0125560243__p48745036212511">\n</p>
<p id="EN-US_TOPIC_0125560243__p56033807212511">\n</p>
<p id="EN-US_TOPIC_0125560243__p34542223212511">x-amz-date:Tue, 15 Oct 2015 07:20:09 GMT\n</p>
<p id="EN-US_TOPIC_0125560243__p42444556212511">/bucket/object.txt</p>
</td>
</tr>
</tbody>
</table>
</div>
<p id="EN-US_TOPIC_0125560243__p30840926"></p>
<div class="tablenoborder"><a name="EN-US_TOPIC_0125560243__table25228990"></a><a name="table25228990"></a><table cellpadding="4" cellspacing="0" summary="" id="EN-US_TOPIC_0125560243__table25228990" frame="border" border="1" rules="all"><caption><b>Table 4 </b>StringToSign generated for a PUT Object request containing OBS-defined headers (2)</caption><thead align="left"><tr id="EN-US_TOPIC_0125560243__row6738088"><th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.4.1.14.2.3.1.1"><p id="EN-US_TOPIC_0125560243__p8914235">Request Header</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.4.1.14.2.3.1.2"><p id="EN-US_TOPIC_0125560243__p50964406">StringToSign</p>
</th>
</tr>
</thead>
<tbody><tr id="EN-US_TOPIC_0125560243__row34476226"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.1.14.2.3.1.1 "><p id="EN-US_TOPIC_0125560243__p17563722212511">PUT /object.txt HTTP/1.1</p>
<p id="EN-US_TOPIC_0125560243__p23855777212511">User-Agent: curl/7.15.5</p>
<p id="EN-US_TOPIC_0125560243__p59920569162952">Host: bucketname.obs.example.com</p>
<p id="EN-US_TOPIC_0125560243__p53269794212511">Date: Mon, 14 Oct 2015 12:08:34 GMT</p>
<p id="EN-US_TOPIC_0125560243__p9666102212511">x-amz-acl: public-read</p>
<p id="EN-US_TOPIC_0125560243__p19886059212511">content-type: text/plain</p>
<p id="EN-US_TOPIC_0125560243__p44756811212511">Content-Length: 5913339</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.1.14.2.3.1.2 "><p id="EN-US_TOPIC_0125560243__p1423060212511">PUT\n</p>
<p id="EN-US_TOPIC_0125560243__p12807544212511">\n</p>
<p id="EN-US_TOPIC_0125560243__p48159034212511">text/plain\n</p>
<p id="EN-US_TOPIC_0125560243__p1271843311328">\n</p>
<p id="EN-US_TOPIC_0125560243__p30778123212511">Mon, 14 Oct 2015 12:08:34 GMT\n</p>
<p id="EN-US_TOPIC_0125560243__p8567652212511">x-amz-acl:public-read\n</p>
<p id="EN-US_TOPIC_0125560243__p10000006212511">/bucket/object.txt</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="tablenoborder"><a name="EN-US_TOPIC_0125560243__table4097412592916"></a><a name="table4097412592916"></a><table cellpadding="4" cellspacing="0" summary="" id="EN-US_TOPIC_0125560243__table4097412592916" frame="border" border="1" rules="all"><caption><b>Table 5 </b>StringToSign generated for GET Object ACL</caption><thead align="left"><tr id="EN-US_TOPIC_0125560243__row8146160"><th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.4.1.15.2.3.1.1"><p id="EN-US_TOPIC_0125560243__p55859239">Request Header</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.4.1.15.2.3.1.2"><p id="EN-US_TOPIC_0125560243__p28304539">StringToSign</p>
</th>
</tr>
</thead>
<tbody><tr id="EN-US_TOPIC_0125560243__row10966323"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.1.15.2.3.1.1 "><p id="EN-US_TOPIC_0125560243__p12968078212511">GET /object.txt?acl HTTP/1.1</p>
<p id="EN-US_TOPIC_0125560243__p5976225163058">Host: bucketname.obs.example.com</p>
<p id="EN-US_TOPIC_0125560243__p43781379212511">Date: Sat, 12 Oct 2015 08:12:38 GMT</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.4.1.15.2.3.1.2 "><p id="EN-US_TOPIC_0125560243__p56630825212511">GET \n</p>
<p id="EN-US_TOPIC_0125560243__p23694119212511">\n</p>
<p id="EN-US_TOPIC_0125560243__p11920487212511">Sat, 12 Oct 2015 08:12:38 GMT\n</p>
<p id="EN-US_TOPIC_0125560243__p40175526212511">/bucket/object.txt?acl</p>
</td>
</tr>
</tbody>
</table>
</div>
</li><li id="EN-US_TOPIC_0125560243__li2519427">Generate the signature using <strong id="EN-US_TOPIC_0125560243__b22674843">StringToSign</strong> and the SK.<p id="EN-US_TOPIC_0125560243__p2747002">Use the hash-based message authentication code (HMAC) algorithm to calculate the signature.</p>
<pre class="screen" id="EN-US_TOPIC_0125560243__screen4154486114236">Signature = Base64( HMAC-SHA1( UTF-8-Encoding-Of(YourSecretAccessKeyID, StringToSign ) ) )</pre>
</li></ol>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="en-us_topic_0125560435.html">Authenticating a Request</a></div>
</div>
</div>
View Git Blame Copy Permalink