Maison >développement back-end >tutoriel php >上传文件到七牛时,bad token了怎么处理?
想用七牛实现个离线下载的功能。然后把里面的一些加密算法的函数提了出来。
这个是shell脚本运行的,提示bad token了,不知道我下面的脚本哪里写错了?
谢谢~
<code>php download.php https://p.ssl.qhimg.com/t01d1f1a2ae31e3c3e4.png 111.png</code>
download.php,获取encodeURI、encodedEntryURI和accessToken;
<code><?php function urlsafe_base64_encode($data) { $find = array('+', '/'); $replace = array('-', '_'); return str_replace($find, $replace, base64_encode($data)); } function hmac_sha1($str, $key) { return hash_hmac("sha1", $str, $key, true); } define("AccessKey", "AccessKey11111"); define("SecretKey", "SecretKey22222"); $url = $argv[1]; //第二个参数是url $encodeURI = urlsafe_base64_encode($url); //var_dump(base64_encode($url)); echo "url:{$url}, \r\nencodeURI:\r\n{$encodeURI}\r\n\r\n"; $entry = isset($argv[2]) ? 'optest:'.$argv[2] : "optest"; //$entry = "optest"; //buticket $encodedEntryURI = urlsafe_base64_encode($entry); echo "entry:{$entry}, \r\nencodedEntryURI:\r\n{$encodedEntryURI}\r\n\r\n"; $parse = parse_url($url); $path = $parse['path']; $query = @$parse['query']; //$signingStr = "<path>?<query>\n" $signingStr = "{$path}?{$query}\n"; $sign = hmac_sha1($signingStr, SecretKey); $encodedSign = urlsafe_base64_encode($sign); //$encodeAccessKey = urlsafe_base64_encode(AccessKey); //$accessToken = "{$encodeAccessKey}:{$encodedSign}"; $accessToken = AccessKey.":{$encodedSign}"; echo "AccessToken:\r\n{$accessToken}\r\n\r\n"; </query></code>
<code>$data['scope'] = BUCKET; $data['deadline'] = time()+3600;//过期时间 $encoded = urlsafe_base64_encode(json_encode($data)); //$signature=hash_hmac('sha1',$encoded,'KEY',true); $signature = hmac_sha1($encoded, SecretKey); $encode_signed = urlsafe_base64_encode($signature); //$UploadToken=$encode_signed.':'.$encoded; $UploadToken = AccessKey.":".$encode_signed.":".$encoded; echo "AccessToken:\r\n{$UploadToken}\r\n\r\n"; echo "UploadURL:\r\nhttp://iovip.qbox.me/fetch/{$encodeURI}/to/{$encodedEntryURI}\r\n\r\n"; </code>
再通过脚本
<code>sh download.sh encodeURI encodedEntryURI accessToken</code>
传输数据,结果。。。提示:
<code>{"error":"bad token"}</code>
download.sh
<code>curl -i \ -o - \ -H 'Content-Type: application/x-www-form-urlencoded' \ -H "Authorization: QBox $3" \ -X POST \ "http://iovip.qbox.me/fetch/$1/to/$2"</code>
PS:我发现我提问到最后,基本都是靠自己搞定的啊。不知道是不是大牛不屑这些技术含量低的问题还是???
真的和 sg 没法比啊。。。
<code><?php function urlsafe_base64_encode($data) { $find = array('+', '/'); $replace = array('-', '_'); return str_replace($find, $replace, base64_encode($data)); } function hmac_sha1($str, $key) { return hash_hmac("sha1", $str, $key, true); } define("AccessKey", "AccessKey11111"); define("SecretKey", "SecretKey22222"); define("BUCKET", "optest"); $url = $argv[1]; //第二个参数是url $encodeURI = urlsafe_base64_encode($url); echo "url:{$url}, \r\nencodeURI:\r\n{$encodeURI}\r\n\r\n"; $entry = isset($argv[2]) ? BUCKET.':'.$argv[2] : BUCKET; //$entry = "optest"; //buticket $encodedEntryURI = urlsafe_base64_encode($entry); echo "entry:{$entry}, \r\nencodedEntryURI:\r\n{$encodedEntryURI}\r\n\r\n"; //是使用这个 path 来取 signingStr 的,官方文档说得不是很清楚。 $path = '/fetch/' . $encodeURI . '/to/' . $encodedEntryURI; $parse = parse_url($path); $path = $parse['path']; $signingStr = isset($parse['query']) ? $path."?".$parse['query']."\n" : $path."\n"; //$signingStr = "{$path}?{$query}\n"; //如果缺省了$parse['query'],那就不需要再带?号了 //$signingStr = "{$path}?{$query}\n<body>"; var_dump($signingStr); $sign = hmac_sha1($signingStr, SecretKey); $encodedSign = urlsafe_base64_encode($sign); var_dump($sign); $accessToken = AccessKey.":{$encodedSign}"; echo "AccessToken:\r\n{$accessToken}\r\n\r\n"; echo "UploadURL:\r\nhttp://iovip.qbox.me/fetch/{$encodeURI}/to/{$encodedEntryURI}\r\n\r\n"; </code>
想用七牛实现个离线下载的功能。然后把里面的一些加密算法的函数提了出来。
这个是shell脚本运行的,提示bad token了,不知道我下面的脚本哪里写错了?
谢谢~
<code>php download.php https://p.ssl.qhimg.com/t01d1f1a2ae31e3c3e4.png 111.png</code>
download.php,获取encodeURI、encodedEntryURI和accessToken;
<code><?php function urlsafe_base64_encode($data) { $find = array('+', '/'); $replace = array('-', '_'); return str_replace($find, $replace, base64_encode($data)); } function hmac_sha1($str, $key) { return hash_hmac("sha1", $str, $key, true); } define("AccessKey", "AccessKey11111"); define("SecretKey", "SecretKey22222"); $url = $argv[1]; //第二个参数是url $encodeURI = urlsafe_base64_encode($url); //var_dump(base64_encode($url)); echo "url:{$url}, \r\nencodeURI:\r\n{$encodeURI}\r\n\r\n"; $entry = isset($argv[2]) ? 'optest:'.$argv[2] : "optest"; //$entry = "optest"; //buticket $encodedEntryURI = urlsafe_base64_encode($entry); echo "entry:{$entry}, \r\nencodedEntryURI:\r\n{$encodedEntryURI}\r\n\r\n"; $parse = parse_url($url); $path = $parse['path']; $query = @$parse['query']; //$signingStr = "<path>?<query>\n" $signingStr = "{$path}?{$query}\n"; $sign = hmac_sha1($signingStr, SecretKey); $encodedSign = urlsafe_base64_encode($sign); //$encodeAccessKey = urlsafe_base64_encode(AccessKey); //$accessToken = "{$encodeAccessKey}:{$encodedSign}"; $accessToken = AccessKey.":{$encodedSign}"; echo "AccessToken:\r\n{$accessToken}\r\n\r\n"; </query></code>
<code>$data['scope'] = BUCKET; $data['deadline'] = time()+3600;//过期时间 $encoded = urlsafe_base64_encode(json_encode($data)); //$signature=hash_hmac('sha1',$encoded,'KEY',true); $signature = hmac_sha1($encoded, SecretKey); $encode_signed = urlsafe_base64_encode($signature); //$UploadToken=$encode_signed.':'.$encoded; $UploadToken = AccessKey.":".$encode_signed.":".$encoded; echo "AccessToken:\r\n{$UploadToken}\r\n\r\n"; echo "UploadURL:\r\nhttp://iovip.qbox.me/fetch/{$encodeURI}/to/{$encodedEntryURI}\r\n\r\n"; </code>
再通过脚本
<code>sh download.sh encodeURI encodedEntryURI accessToken</code>
传输数据,结果。。。提示:
<code>{"error":"bad token"}</code>
download.sh
<code>curl -i \ -o - \ -H 'Content-Type: application/x-www-form-urlencoded' \ -H "Authorization: QBox $3" \ -X POST \ "http://iovip.qbox.me/fetch/$1/to/$2"</code>
PS:我发现我提问到最后,基本都是靠自己搞定的啊。不知道是不是大牛不屑这些技术含量低的问题还是???
真的和 sg 没法比啊。。。
<code><?php function urlsafe_base64_encode($data) { $find = array('+', '/'); $replace = array('-', '_'); return str_replace($find, $replace, base64_encode($data)); } function hmac_sha1($str, $key) { return hash_hmac("sha1", $str, $key, true); } define("AccessKey", "AccessKey11111"); define("SecretKey", "SecretKey22222"); define("BUCKET", "optest"); $url = $argv[1]; //第二个参数是url $encodeURI = urlsafe_base64_encode($url); echo "url:{$url}, \r\nencodeURI:\r\n{$encodeURI}\r\n\r\n"; $entry = isset($argv[2]) ? BUCKET.':'.$argv[2] : BUCKET; //$entry = "optest"; //buticket $encodedEntryURI = urlsafe_base64_encode($entry); echo "entry:{$entry}, \r\nencodedEntryURI:\r\n{$encodedEntryURI}\r\n\r\n"; //是使用这个 path 来取 signingStr 的,官方文档说得不是很清楚。 $path = '/fetch/' . $encodeURI . '/to/' . $encodedEntryURI; $parse = parse_url($path); $path = $parse['path']; $signingStr = isset($parse['query']) ? $path."?".$parse['query']."\n" : $path."\n"; //$signingStr = "{$path}?{$query}\n"; //如果缺省了$parse['query'],那就不需要再带?号了 //$signingStr = "{$path}?{$query}\n<body>"; var_dump($signingStr); $sign = hmac_sha1($signingStr, SecretKey); $encodedSign = urlsafe_base64_encode($sign); var_dump($sign); $accessToken = AccessKey.":{$encodedSign}"; echo "AccessToken:\r\n{$accessToken}\r\n\r\n"; echo "UploadURL:\r\nhttp://iovip.qbox.me/fetch/{$encodeURI}/to/{$encodedEntryURI}\r\n\r\n"; </code>
以前写的个:AK
,KEY
和scope
替换成你的
<code>$data['scope']='your bucket'; $data['deadline']=time()+3600;//过期时间 $encoded=urlsafe_base64_encode(json_encode($data)); $signature=hash_hmac('sha1',$encoded,'KEY',true); $encode_signed = urlsafe_base64_encode($signature); $UploadToken='AK:'.$encode_signed.':'.$encoded; echo $UploadToken; function urlsafe_base64_encode($data) { $data = base64_encode($data); $data = str_replace(array('+','/'),array('-','_'),$data); return $data; }</code>
话说为啥不用SDK的?
直接
<code>$token = $auth->uploadToken($bucket);</code>