Parameter Specification
Update:
一、 Parameter Specification
- Request URL:
Get it from the Console - Service Configuration
- HTTP request Header:
Header
Value
Description
Content-Type
application/json;charset=UTF-8
Request body type
Accept
application/json;charset=UTF-8
Return type accepted
X-AppId
The only identifier of the project or application.
X-TimeStamp
The UTC timestamp of the request. Timestamps need to be formatted according to W3C standards, for example: 2010-01-31T23:59:59Z. (http://www.w3.org/TR/xmlschema-2/#dateTime)
Authorization
Signature value
-
Request method:POST
-
Request body JSON object:
Parameter
Essential
Type
Description|
type
Essential
Number
1: Image URL 2: Image BASE64 value
image
Essential
Srting
Image content, if type=1, then the value is the image URL, if type=2, then the value is the image BASE64 value. Supported formats: jpg, png, bmp, gif, webp, tiff, heic; Supported image size: <10M; Description of gif/long image: Automatically cut gif/long image into frame and check, up to 5 images. Gif/long images are billed according to the actual number of screenshots; Definition of long image: images whose ratio of length and width is greater than 5.
userId
Optional
Srting
Unique end user ID. The user ID should be no more than 32 characters.
userIP
Optional
Srting
User IP address
did
Optional
Srting
User device ID
dtype
Optional
Srting
User device type:1:iPhone 2:android 3: ipad 4:wphone 5: pc 6:web 7:wap
-
Example of request body:
JSON Response
{
"type":2,
"image":"T2dnUwACAAAAAAAAAAAd8pVTAAAAAGsIvpMBE...",
"userId": "testUser",
"did": "868034031518269",
"dtype": "1"
}
-
Request signature:
When the user requests the Image Check API, the request can be signed with the appId and secretKey (obtained from the Console - Service Configuration). When the API receives the request with the signature information, it will verify the signature using the same algorithm, and if the signature is found to be inconsistent, the API will return 401 error to the user.
If the API validation signature is consistent and the user corresponding to the appId has permission to operate the requested resource, the request succeeds, otherwise the API returns 401 error.
- Request Header to send a signature via HTTP
Method: Add a header named Authorization in the request, whose value is the signature value. For example:
Authorization: ****
- Signature calculation method
- Canonicalized Query String:
Convert the request body JSON string to a hexadecimal string (not Base64) by doing sha256 encoding with UTF-8 character encoding.
CanonicalizedQueryString = hex(sha256(jsonBody))
-
Constructs the signed string StringToSign ("\n" stands for ASCII newline character):
StringToSign = HTTPMethod + “\n” +
HostHeaderInLowercase + “\n” +
HTTPRequestURI + “\n” +
CanonicalizedQueryString <从上一步得到> + “\n” +
“X-AppId:” + SAME_APPID_IN_HEADER + “\n” +
“X-TimeStamp:” + SAME_TIMESTAMP_IN_HEADER
The HTTPRequestURI is the absolute path to the request URI, without the request string. If the HTTPRequestURI is empty, also keep a forward slash (/).
The hash-based message authentication code (HMAC) is created using the HMAC-SHA256 protocol and the signature is calculated.
-
StringToSign as the signature string, secretKey as the secret key and SHA256 as the hash algorithm.
For more information about HMAC, see: https://tools.ietf.org/html/rfc2104。
-
Converting the results of the previous step to a BASE64 string.
-
Put the BASE64 string into the Authorization of HTTP request Header.
- Example of signature
Below is an example of appId & secretKey & image.
appId=***
secrectKey=****
image_base64="T2dnUwACAAAAAAAAAAAd8pVTAAAAAGsIvpMBE..."
Below is an example of request type.
{
"type": 2,
"userId": "12345678",
"image": "T2dnUwACAAAAAAAAAAAd8pVTAAAAAGsIvpMBE..."
}
Generate CanonicalizedQueryString
b3ad8e9d16439ccd5e91924d2516bf9592975003f69beff44e56cddf47bd3118
Generate StringToSign
POST
isafe.ilivedata.com
/api/v1/image/check
b3ad8e9d16439ccd5e91924d2516bf9592975003f69beff44e56cddf47bd3118
X-AppId:***
X-TimeStamp:2020-07-31T07:59:03Z
Signatures from HMAC calculations
****
一、 Parameter Specification
- Request URL:
Get it from the Console - Service Configuration
- HTTP request Header:
| Header | Value | Description |
|---|---|---|
| Content-Type | application/json;charset=UTF-8 | Request body type |
| Accept | application/json;charset=UTF-8 | Return type accepted |
| X-AppId | The only identifier of the project or application. | |
| X-TimeStamp | The UTC timestamp of the request. Timestamps need to be formatted according to W3C standards, for example: 2010-01-31T23:59:59Z. (http://www.w3.org/TR/xmlschema-2/#dateTime) | |
| Authorization | Signature value |
-
Request method:POST
-
Request body JSON object:
| Parameter | Essential | Type | Description| |
|---|---|---|---|
| type | Essential | Number | 1: Image URL 2: Image BASE64 value |
| image | Essential | Srting | Image content, if type=1, then the value is the image URL, if type=2, then the value is the image BASE64 value. Supported formats: jpg, png, bmp, gif, webp, tiff, heic; Supported image size: <10M; Description of gif/long image: Automatically cut gif/long image into frame and check, up to 5 images. Gif/long images are billed according to the actual number of screenshots; Definition of long image: images whose ratio of length and width is greater than 5. |
| userId | Optional | Srting | Unique end user ID. The user ID should be no more than 32 characters. |
| userIP | Optional | Srting | User IP address |
| did | Optional | Srting | User device ID |
| dtype | Optional | Srting | User device type:1:iPhone 2:android 3: ipad 4:wphone 5: pc 6:web 7:wap |
-
Example of request body:
JSON Response { "type":2, "image":"T2dnUwACAAAAAAAAAAAd8pVTAAAAAGsIvpMBE...", "userId": "testUser", "did": "868034031518269", "dtype": "1" } -
Request signature:
When the user requests the Image Check API, the request can be signed with the appId and secretKey (obtained from the Console - Service Configuration). When the API receives the request with the signature information, it will verify the signature using the same algorithm, and if the signature is found to be inconsistent, the API will return 401 error to the user.
If the API validation signature is consistent and the user corresponding to the appId has permission to operate the requested resource, the request succeeds, otherwise the API returns 401 error.
- Request Header to send a signature via HTTP
Method: Add a header named Authorization in the request, whose value is the signature value. For example:
Authorization: ****
- Signature calculation method
- Canonicalized Query String:
Convert the request body JSON string to a hexadecimal string (not Base64) by doing sha256 encoding with UTF-8 character encoding.
CanonicalizedQueryString = hex(sha256(jsonBody))
-
Constructs the signed string StringToSign ("\n" stands for ASCII newline character):
StringToSign = HTTPMethod + “\n” + HostHeaderInLowercase + “\n” + HTTPRequestURI + “\n” + CanonicalizedQueryString <从上一步得到> + “\n” + “X-AppId:” + SAME_APPID_IN_HEADER + “\n” + “X-TimeStamp:” + SAME_TIMESTAMP_IN_HEADER
The HTTPRequestURI is the absolute path to the request URI, without the request string. If the HTTPRequestURI is empty, also keep a forward slash (/).
The hash-based message authentication code (HMAC) is created using the HMAC-SHA256 protocol and the signature is calculated.
-
StringToSign as the signature string, secretKey as the secret key and SHA256 as the hash algorithm.
For more information about HMAC, see: https://tools.ietf.org/html/rfc2104。 -
Converting the results of the previous step to a BASE64 string.
-
Put the BASE64 string into the Authorization of HTTP request Header.
- Example of signature
Below is an example of appId & secretKey & image.
appId=***
secrectKey=****
image_base64="T2dnUwACAAAAAAAAAAAd8pVTAAAAAGsIvpMBE..."
Below is an example of request type.
{
"type": 2,
"userId": "12345678",
"image": "T2dnUwACAAAAAAAAAAAd8pVTAAAAAGsIvpMBE..."
}
Generate CanonicalizedQueryString
b3ad8e9d16439ccd5e91924d2516bf9592975003f69beff44e56cddf47bd3118
Generate StringToSign
POST
isafe.ilivedata.com
/api/v1/image/check
b3ad8e9d16439ccd5e91924d2516bf9592975003f69beff44e56cddf47bd3118
X-AppId:***
X-TimeStamp:2020-07-31T07:59:03Z
Signatures from HMAC calculations
****