Authentication Method D
Format of Authentication URL
http://Hostname/Filename?sign=md5hash&t=timestamp
Parameter Description
Field | Description |
Hostname | Site acceleration domain name. |
Path | Resource access path, which must start with / during authentication. |
sign | User-defined authentication parameter name. |
t | User-defined timestamp parameter name |
timestamp | Timestamp parameter. Format: Positive decimal integer Unix timestamp, which is the total number of seconds that have passed since 00:00:00, 1970.1.1 (UTC time) and is regardless of the time zone; or positive hexadecimal integer Unix timestamp, which is the total number of seconds that have passed since 00:00:00, 1970.1.1 (UTC time) and is regardless of the time zone. |
md5hash | A string containing 32 characters calculated based on the MD5 algorithm: Algorithm: MD5 (key + Path + timestamp). Note: During calculation, the hexadecimal number identifier 0x of the hexadecimal timestamp must be filtered out. Authentication logic: If the request has not expired, the node will compare this string value with the md5hash value carried in the request URL. If the values are the same, the request will pass the authentication, and a response will be made to the request; if the values are different, the authentication will fail, and 403 will be returned. |
Configuration Example
Assuming authentication method D is used for the requested URL
https://www.example.com/foo.jpg
, the configuration is as follows:
Getting Authentication Parameters
Path:
/foo.jpg
.timestamp: The time when the server generates the authentication URL is 15:51:47, July 15, 2024 (UTC+8), the decimal (Unix timestamp) value of which is
1721029907
.Key:
DvYmqE81E1F9R791H6lmht
.md5hash: MD5 (key + Path + timestamp) = MD5 (
DvYmqE81E1F9R791H6lmht/foo.jpg1721029907
) = cadcec4a04e67b9c2abf4b61c642a0dd
.Authentication URL Generated by a Client Request
https://www.example.com/foo.jpg?sign=cadcec4a04e67b9c2abf4b61c642a0dd&t=1721029907
.Node Authentication
When the node server receives a client request via the encrypted URL, it will parse the timestamp parameter in the URL, and compare the sum of it and the configured validity period of ''1 second'' with the current time:
1. If the current time is after the ''timestamp + validity period'' time, it indicates that the request has expired, and 403 will be returned directly. If the current time is before the ''timestamp + validity period'' time, it indicates that the request has not expired, and the node server will go to step 2.
2. The node server calculates the md5hash value based on the obtained authentication parameters and compares it with the md5hash value carried in the request URL. If the values are the same, the request will pass the authentication, and a response will be made to the request; if the values are different, the authentication will fail, and 403 will be returned.