灵医智惠CDSS API接口认证指南v1¶
灵医智惠CDSS API采用AK/SK认证方式,需要在HTTP请求Headers中加入Authorization签名信息,具体方法如下。
获取AK和SK¶
Access Key Id(AK)用于标识API访问者,Secret Access Key(SK)用于加密,SK必须保密,只有Client和Server端分别独立存储SK,通信传输的数据不得包含SK,即不能将SK写入HTTP headers和body中。
AK和SK都是一段随机字符串,请联系灵医智惠CDSS技术人员提供。
生成Authorization(伪代码)¶
ak = "ak值请联系灵医智惠CDSS技术人员提供"
sk = "sk值请联系灵医智惠CDSS技术人员提供"
url_path = "/cdss/standard/api/v1"
content = "HTTP POST数据,参考API接口定义"
// md5签名算法,业界通用算法,请根据开发语言选择md5的第三方开源代码实现
contentMD5 = md5(content)
canonicalRequest = "POST\n" + url_path + "\ncontent-md5:" + contentMD5
// timestamp: 签名生效UTC时间,比北京时间早8小时,格式为yyyy-mm-ddThh:mm:ssZ
timestamp = "2019-05-20T08:00:00Z"
authStringPrefix = "cdss-auth-v1/" + ak + "/" + timestamp + "/300"
// HMAC-SHA256加密签名算法,业界通用算法,请根据开发语言选择hmacSHA256的第三方开源代码实现
signingKey = hmacSHA256(sk, authStringPrefix)
signature = hmacSHA256(signingKey, canonicalRequest)
authorization = authStringPrefix + "/" + signature
传输Authorization¶
在Request Headers中加入Authorization: {authorization},其中{authorization}由上文指定的算法生成,示例参考:
Authorization: cdss-auth-v1/0b0f67dfb88244b289b72b142befad0a/2019-05-20T08:00:00Z/300/ef32167230ccf969d480bd6b0973e153d8a50a9d984ea94c40d30965edc14734
示例代码¶
其他语言的签名算法代码建议联系灵医智惠CDSS技术人员,我们提供各类语言的签名算法代码。
Python示例代码¶
请点击箭头查看内容
#!/usr/bin/env python
# -*- coding: UTF-8 -*-
import hashlib
import hmac
import string
import datetime
import requests
import json
def get_canonical_timestamp():
# timestamp format: [year]-[month]-[day]T[hour]:[minute]:[second]Z
utctime = datetime.datetime.utcnow()
return "%04d-%02d-%02dT%02d:%02d:%02dZ" % (
utctime.year, utctime.month, utctime.day,
utctime.hour, utctime.minute, utctime.second)
def gen_authorization(ak, sk, url_path, content):
contentMD5 = hashlib.md5(content).hexdigest()
canonicalRequest = "POST\n" + url_path + "\ncontent-md5:" + contentMD5
authStringPrefix = "cdss-auth-v1/" + ak + "/" + get_canonical_timestamp() + "/300"
signingKey = hmac.new(sk, authStringPrefix, hashlib.sha256).hexdigest()
signature = hmac.new(signingKey, canonicalRequest, hashlib.sha256).hexdigest()
authorization = authStringPrefix + "/" + signature
return authorization
def main():
ak = "xxxx"
sk = "xxxx"
server = "http://01cdss.baidu.com/cdss/standard/api/v1"
# 注意:url_path根据实际调用服务选择
url_path = "/cdss/standard/api/v1"
req_obj = {
"method": "cdss-diagnose",
"emr": {}
}
content = json.dumps(req_obj, ensure_ascii=False)
authorization = gen_authorization(ak, sk, url_path, content)
http_req = requests.post(server, headers={"Authorization": authorization},
data=content)
print http_req.text
if __name__ == "__main__":
main()
Java示例代码¶
请点击箭头查看内容
// Maven dependency:
// <dependency>
// <groupId>commons-codec</groupId>
// <artifactId>commons-codec</artifactId>
// <version>1.11</version>
// </dependency>
// <dependency>
// <groupId>joda-time</groupId>
// <artifactId>joda-time</artifactId>
// <version>2.9.9</version>
// </dependency>
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.codec.digest.DigestUtils;
import org.joda.time.DateTimeZone;
import org.joda.time.DateTime;
import org.joda.time.format.DateTimeFormat;
import org.joda.time.format.DateTimeFormatter;
class ApiAuthorizationExample {
private static String hmacSHA256(String key, String data) {
try {
Mac mac = Mac.getInstance("HmacSHA256");
SecretKeySpec secretKey = new SecretKeySpec(
key.getBytes("UTF-8"), "HmacSHA256");
mac.init(secretKey);
return Hex.encodeHexString(mac.doFinal(data.getBytes("UTF-8")));
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
private static String md5(String data) {
try {
return DigestUtils.md5Hex(data.getBytes("UTF-8"));
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
public static String genCDSSAuthorization(String ak,
String sk, String urlPath, String content) {
String canonicalRequest = "POST\n" + urlPath + "\ncontent-md5:" + md5(content);
DateTimeFormatter utcFormatter = DateTimeFormat.forPattern("yyyy-MM-dd'T'HH:mm:ss'Z'");
String canonicalTimestamp = utcFormatter.print(DateTime.now(DateTimeZone.UTC));
StringBuilder authStringPrefixBuilder = new StringBuilder("cdss-auth-v1/")
.append(ak).append("/").append(canonicalTimestamp).append("/300");
String signingKey = hmacSHA256(sk, authStringPrefixBuilder.toString());
String signature = hmacSHA256(signingKey, canonicalRequest);
return authStringPrefixBuilder.append("/").append(signature).toString();
}
public static void main(String[] args) {
String ak = "xxxx";
String sk = "xxxx";
// 注意:urlPath根据实际调用服务选择
String urlPath = "/cdss/standard/api/v1";
String content = "{\"method\": \"cdss-diagnose\", \"emr\":{}}";
System.out.println(genCDSSAuthorization(ak, sk, urlPath, content));
}
}
C#示例代码¶
请点击箭头查看内容
using System.Security.Cryptography;
static void Main(string[] args)
{
string ak = "xxxx";
string sk = "xxxx";
// 注意:urlPath根据实际调用服务选择
string urlPath = "/cdss/standard/api/v1";
string content = "{\"method\":\"cdss-diagnose\",\"emr\":{}}";
Console.WriteLine(GenCdssAuthorization(ak, sk, urlPath, content));
Console.ReadKey();
}
public static string GenCdssAuthorization(string ak,
string sk, string urlPath, string content)
{
string canonicalRequest = "POST\n" + urlPath + "\ncontent-md5:" + MD5Encrypt(content);
string canonicalTimestamp = DateTime.Now.ToUniversalTime().ToString("yyyy-MM-dd'T'HH:mm:ss'Z'");
StringBuilder authStringPrefixBuilder = new StringBuilder("cdss-auth-v1/").Append(ak).Append("/").Append(canonicalTimestamp).Append("/300");
string signingKey = HmacSha256(sk, authStringPrefixBuilder.ToString());
string signature = HmacSha256(signingKey, canonicalRequest);
return authStringPrefixBuilder.Append("/").Append(signature).ToString();
}
private static string HmacSha256(string key, string data)
{
key = key ?? "";
byte[] keyByte = Encoding.UTF8.GetBytes(key);
byte[] messageBytes = Encoding.UTF8.GetBytes(data);
using (var hmacsha256 = new HMACSHA256(keyByte))
{
byte[] hashmessage = hmacsha256.ComputeHash(messageBytes);
string sha256Str = string.Empty;
for (int i = 0; i < hashmessage.Length; i++)
{
sha256Str += hashmessage[i].ToString("x2");
}
return sha256Str;
}
}
public static string MD5Encrypt(string content)
{
MD5 md5 = MD5.Create();
Byte[] souceByte = Encoding.UTF8.GetBytes(content);
Byte[] md5Bytes = md5.ComputeHash(souceByte);
StringBuilder sb = new StringBuilder();
foreach (Byte b in md5Bytes)
{
sb.Append(b.ToString("x2"));
}
return sb.ToString();
}
JavaScript示例代码¶
请点击箭头查看内容
formatFunc = str => {
return str > 9 ? str : '0' + str
}
getUTCTime = () => {
const date = new Date();
const y = date.getUTCFullYear();
const m = formatFunc(date.getUTCMonth() + 1);
const d = formatFunc(date.getUTCDate());
const h = formatFunc(date.getUTCHours());
const M = formatFunc(date.getUTCMinutes());
const s = formatFunc(date.getUTCSeconds());
return `${y}-${m}-${d}T${h}:${M}:${s}Z`;
}
gen_authorization = (ak, sk, urlPath, content) => {
// md5签名算法
const contentMD5 = md5(JSON.stringify(content)).toString(CryptoJS.enc.Hex);
const canonicalRequest = "POST\n" + urlPath + "\ncontent-md5:" + contentMD5;
// timestamp: 签名生效UTC时间,比北京时间早8小时,格式为yyyy-mm-ddThh:mm:ssZ
const timestamp = getUTCTime();
const authStringPrefix = "cdss-auth-v1/" + ak + "/" + timestamp + "/300";
// HMAC-SHA256加密签名算法
const signingKey = CryptoJS.HmacSHA256(authStringPrefix, sk).toString(CryptoJS.enc.Hex);
const signature = CryptoJS.HmacSHA256(canonicalRequest, signingKey).toString(CryptoJS.enc.Hex);
const authorization = authStringPrefix + "/" + signature;
return authorization;
}
const ak = "xxxx";
const sk = "xxxx";
// 注意:urlPath根据实际调用服务选择
const urlPath = "/cdss/standard/api/v1";
let content = {
method: 'cdss-diagnose',
emr: {}
};
gen_authorization(ak, sk, urlPath, content);