I wrote a simple python script to compute the signature of an API command,
but kept getting
"unable to verify user credentials and/or request signature"
Where in the cloudstack does the validation? Is there a handy script
already?
Here is my python script that use hmac python library.
#!/usr/bin/env python
from hashlib import sha1
import hmac
import base64
import sys
def parse_sort_cmd(apiCmd):
apiCmd = apiCmd.lower()
cmds = apiCmd.split('&')
parsedCmds = dict()
retCmd = ""
if not cmds or len(cmds)==0:
return None
for cmd in cmds:
key, value = cmd.split('=')
if key != None and value != None:
parsedCmds[key] = value
for key in sorted(parsedCmds.iterkeys()):
if retCmd == '':
retCmd = "%s=%s"%(key, parsedCmds[key])
else:
retCmd = "%s&%s=%s"%(retCmd, key, parsedCmds[key])
return retCmd
def sign_request(apiCmd, secretKey):
hashed = hmac.new(secretKey, apiCmd, sha1)
# The signature
signature = base64.b64encode(hashed.digest())
retStr = "signature=%s" % (signature)
return retStr
def main(args):
if len(args) != 2:
print("Both arguments, command and secretkey, are required.")
exit()
command = args[0]
secretKey = args[1]
sortedCmd = parse_sort_cmd(command)
signature = sign_request(sortedCmd, secretKey)
print "signature: %s" % signature
if __name__ =='__main__':
main(sys.argv[1:])
Thanks,
--
Kanzhe Jiang
MTS at BigSwitch
