26 lines
1.7 KiB
JavaScript
26 lines
1.7 KiB
JavaScript
|
import { createHash, createHmac } from "node:crypto";
|
||
|
import { getDate, service, signedHeaders } from "./common.js";
|
||
|
const sha256 = (data) => createHash("sha256").update(data).digest("hex");
|
||
|
const hmacSha256 = (data, key) => createHmac("sha256", key).update(data).digest();
|
||
|
const hmacSha256Hex = (data, key) => createHmac("sha256", key).update(data).digest("hex");
|
||
|
/**
|
||
|
* Method that calculate Tencent Cloud API v3 signature
|
||
|
* for making requests to the Tencent Cloud API.
|
||
|
* See https://cloud.tencent.com/document/api/1729/101843.
|
||
|
* @param host Tencent Cloud API host.
|
||
|
* @param payload HTTP request body.
|
||
|
* @param timestamp Sign timestamp in seconds.
|
||
|
* @param secretId Tencent Cloud Secret ID, which can be obtained from https://console.cloud.tencent.com/cam/capi.
|
||
|
* @param secretKey Tencent Cloud Secret Key, which can be obtained from https://console.cloud.tencent.com/cam/capi.
|
||
|
* @param headers HTTP request headers.
|
||
|
* @returns The signature for making requests to the Tencent API.
|
||
|
*/
|
||
|
export const sign = (host, payload, timestamp, secretId, secretKey, headers) => {
|
||
|
const contentType = headers["Content-Type"];
|
||
|
const payloadHash = sha256(JSON.stringify(payload));
|
||
|
const canonicalRequest = `POST\n/\n\ncontent-type:${contentType}\nhost:${host}\n\n${signedHeaders}\n${payloadHash}`;
|
||
|
const date = getDate(timestamp);
|
||
|
const signature = hmacSha256Hex(`TC3-HMAC-SHA256\n${timestamp}\n${date}/${service}/tc3_request\n${sha256(canonicalRequest)}`, hmacSha256("tc3_request", hmacSha256(service, hmacSha256(date, `TC3${secretKey}`))));
|
||
|
return `TC3-HMAC-SHA256 Credential=${secretId}/${date}/${service}/tc3_request, SignedHeaders=${signedHeaders}, Signature=${signature}`;
|
||
|
};
|