eTowerOne为每一个API客户提供一个API令牌和对应的密钥。密钥只用作MAC SHA-1签名,密钥不会在请求中进行传输。每一个请求必须包含身份认证信息以证实发送方的身份和权限。
Token和Key的格式:eTowerB2B provides each API client with an API Token and a corresponding Secret Key. The Key is used exclusively for MAC SHA-1 signing and is not transmitted in the request. Every request must include authentication information to verify the sender's identity and permissions.T
Token and Key Format
Token: test5AdbzO5OEeOpvgAVXUFE0A
Key: 79db9e5OEeOpvgAVXUFWSD
l 第一步:获取Token和Key,请联系集成商获取相应生产环境账号后在API令牌模块获取令牌和密钥:
...
Step 1: Obtain Token and Key
Please contact your integrator (the party using eTowerB2B integrator account) to obtain a a production/test environment account, then log in eTowerB2B and acquire the Token and Secret Key in the API Tokens module :
Test Environment::https://cfs-qa.etowertech.com
生产环境地址:Production Environment:https://b2b.etowertech.com
l 第二步:添加请求报文的Headers:
...
Step 2: Add Request Headers
sample:
Host: cfs-qa.etowertech.com
...
Accept: application/json
生成方式:
建议参考附件压缩文件【API Generation Method:
- It is recommended to refer to the attachment file [API Signature Demo.
...
- rar] which contains sample code in multiple languages:
- .netsample.cs
- c#_demo.cs
- java_project_demo.zip
- java_demo.java
- js_demo.js
- php_demo.txt
- python_demo.py
X1. X-WallTech-Date:请求发送时间,时间格式为RFC1123 Format格式:EEE:Request Sent Time
RFC1123 Format
Format: EEE, DD MM YYYY HH:MM:SS ZZZ
...
Example:Thu, 04 Nov 2021 03:39:28 GMT
...
Note: Use Greenwich Mean Time (GMT)
...
. For Beijing Time (GMT+8)
...
当服务器接收时间与发送时间相差15分钟以上,服务端拒绝请求。
Authorization:签名认证
...
, subtract 8 hours.
Important: The server will reject requests if the time difference between server receipt and sending time exceeds 15 minutes.
2. Authorization:Signature Authentication
Format: WallTech <Token>:<Base64 Encoded HMAC SHA-1 Hash>
...
<Token>:API Token
<Base64 Encoded HMAC SHA-1
...
通过将API令牌Key,如Key=79db9e5OEeOpvgAVXUFWSD,使用SecretKeySpec类对Key进行HmacSHA1方式的加密,再初始化一个算法为HmacSHA1的Mac对象,然后使用key初始化这个Mac对象。最后将Mac对象处理为Byte,然后对其进行Base64转换操作。
java代码:
...
Hash> Java code description:
Encrypt the API Token's Secret Key (e.g., Key=79db9e5OEeOpvgAVXUFWSD) using the SecretKeySpec class with the HmacSHA1 algorithm. Initialize a Mac object with the HmacSHA1 algorithm, then initialize this Mac object with the key. Finally, process the Mac object into bytes and perform Base64 encoding.
Example: WallTech testLvs2jdug2qIoRsJyuxs:2THPh5_j4OTYUGdinstTC4nYqDE=
Content-Type:application/json
Accept:application/json