curl "http://xtbs.ljsyy.net/xtbs/app/monitor/audit/record/push" \
-H 'X-API-Key: leapfrog-derogate-vanquish' \
-H 'X-TimeStamp: 1719282800000' \
-H 'Content-Type: application/json' \
-H 'X-Signature: abcdedg' \
-H 'Accept-Encoding: gzip, zlib, deflate, zstd, br' \
-d $'{
"hello": "world",
"do": "something"
}'
2.
记录请求url路径部分:/monitor/audit/record/push
3.
记录请求的query string部分,并对按照参数名大小写对参数键值对进行重新排序,比如test=true&articleId=10080&name=zhangsan重新排列后为articleId=10080&name=zhangsan&test=true
4.
依次将Content-Type,X-API-Key,X-TimeStamp三个请求头转为大写,并使用=与他们的值进行连接,最后使用回车\n对这三个键值字符串连接,生成CONTENT-TYPE=Application/Json\nX-API-KEY=leapfrog-derogate-vanquish\nX-TIMESTAMP=1719282800000
5.
请求类型如果是application/json和application/x-www-form-urlencoded的,需要记录body字符串,比如{\n"hello": "world",\n"do": "something"\n}。如果body为null,那么body记为空字符串""
6.
将上述1~5的字符串使用回车\n进行连接,生成GET\n/backend/external/standalone/getArticle\narticleId=10080&name=zhangsan&test=true\nCONTENT-TYPE=Application/Json\nX-API-KEY=leapfrog-derogate-vanquish\nX-TIMESTAMP=1719282800000\n\n{\n"hello": "world",\n"do": "something"\n}
7.
使用HMac Sha256算法对上述的字符串进行签名计算,并将结果转换为Base64字符串,密钥为api key对应的secret key
8.
将上述签名计算结果加入到X-Signature请求头中
