提问人:Enamul Haque 提问时间:9/27/2023 更新时间:9/27/2023 访问量:56
/admin/v1/users 在 DUO 安全管理 API 中提供 40103
/admin/v1/users giving a 40103 in DUO Security Admin API
问:
我正在尝试使用它显示的/admin/v1/users进行创建
{
"code":40103,
"message":"Invalid signature in request credentials",
"stat":"FAIL"
}
这是我的 Java 代码:
public class DuoCreateUsers {
private static SortedMap<String, Object> params = new TreeMap<String, Object>();
public static void main(String[] args) throws IOException {
String ikey = "x";
String skey = "x";
String host = "api-d221a358.duosecurity.com";
String httpMethod = "POST";
String requestPath = "/admin/v1/users";
String timestamp = OffsetDateTime.now().format(DateTimeFormatter.RFC_1123_DATE_TIME);
String username = "newuser";
String email = "[email protected]";
params.put("username",username);
params.put("email",email);
String queryString = canonQueryString();
String canonicalRequest = timestamp + "\n" + httpMethod + "\n" + requestPath + "\n" + queryString;
System.out.println("canonicalRequest = " + canonicalRequest);
String signature = sign1(canonicalRequest, skey);
// System.out.println("signature = " + signature);
String url = "https://" + host + requestPath+"?"+queryString;
System.out.println("url = " + url);
HttpClient httpClient = HttpClients.createDefault();
HttpPost httpPost = new HttpPost(url);
httpPost.setHeader("Date", timestamp);
httpPost.setHeader("Authorization", "Basic " + Base64.getEncoder().encodeToString((ikey + ":" + signature).getBytes()));
httpPost.setHeader("Content-Type", "application/x-www-form-urlencoded");
httpPost.setEntity(new StringEntity(params.toString()));
// Make the request
HttpResponse response = httpClient.execute(httpPost);
HttpEntity entity = response.getEntity();
String responseContent = entity != null ? EntityUtils.toString(entity) : "";
String rs = "Response Status Code: " + response.getStatusLine().getStatusCode() + "\nResponse Content:\n" + responseContent;
System.out.println("rs = " + rs);
}
public static String canonQueryString()
throws UnsupportedEncodingException {
ArrayList<String> args = new ArrayList<String>();
for (String key : params.keySet()) {
String name = URLEncoder
.encode(key, "UTF-8")
.replace("+", "%20")
.replace("*", "%2A")
.replace("%7E", "~");
String value = URLEncoder
.encode(params.get(key).toString(), "UTF-8")
.replace("+", "%20")
.replace("*", "%2A")
.replace("%7E", "~");
args.add(name + "=" + value);
}
return com.duosecurity.client.Util.join(args.toArray(), "&");
}
private static String sign1(String data, String secretKey) {
try {
// Create an HMAC-SHA1 key from the secret key
SecretKeySpec secretKeySpec = new SecretKeySpec(secretKey.getBytes(StandardCharsets.UTF_8), "HmacSHA1");
// Initialize the HMAC-SHA1 algorithm
Mac mac = Mac.getInstance("HmacSHA1");
mac.init(secretKeySpec);
// Calculate the HMAC-SHA1 hash
byte[] hmacSha1Bytes = mac.doFinal(data.getBytes(StandardCharsets.UTF_8));
// Convert the result to a hexadecimal string
String hmacSha1Hex = bytesToHex(hmacSha1Bytes);
// Print the HMAC-SHA1 hash
System.out.println("HMAC-SHA1: " + hmacSha1Hex);
return hmacSha1Hex;
} catch (NoSuchAlgorithmException | InvalidKeyException e) {
e.printStackTrace();
}
return null;
}
// Helper method to convert bytes to a hexadecimal string
private static String bytesToHex(byte[] bytes) {
StringBuilder hexStringBuilder = new StringBuilder();
for (byte b : bytes) {
hexStringBuilder.append(String.format("%02x", b));
}
return hexStringBuilder.toString();
}
}
我的代码有什么问题?
请帮帮我...
答: 暂无答案
评论