Authentication v1

This section is intended to describe authentication way to interact with SwiftFederation APIs.

1. Authorization Header and Format

• Authorization Header Definition

• Authorization Header Format

Authorization:${signatureAlgorithm} ${accessKeyId}:${signature}

Signature Algorithm

• Populate signing string

${HTTPMethod}+"\n"+${URI}+"\n"+${x-sfd-date}+"\n"+${x-sfd-nonce}+"\n"+${accessKeyId}+ "\n"+${requestBody} 

e.g. 

POST
/v1.0/report/bandwidth
20180330T200550Z
90355
cdn123456
{"domains":["www.example1.com","www.example2.com"],"startTime":"2018-03-29T17:35:00Z","endTime":"2018-03-29T17:45:00Z"}

• Generate Signature

Calculate signature of signing string by using HMAC-SHA256 algorithm with access key secret. And then use hex to encode signature to string.

byte[] signatureBytes = hmacSha256(${accessKeySecret}, ${signingString}); 

String signature = Hex.encodeHex(signatureBytes);

2. Example

2.1. Request Example

Assume that AccessKeyID is 6vE59B1z4p174N25 and AccessKeySecret is 28G5nC2zw143m25026n9H11PwNYs4576.

• Original Request

GET /v1.1/customer/1 HTTP/1.1
Host: base-api.swiftfederation.com

Content-Type:application/json; charset=utf-8
X-SFD-Date:20190401T131000Z
X-SFD-Nonce:69527

• Calculate Populate signing string

"GET"+"\n"+"/v1.1/customer/1"+"\n"+"20190401T131000Z"+"\n"+"69527"+"\n"+"6vE59B1z4p174N25"+"\n"+""

=>

GET
/v1.1/customer/1
20190401T131000Z
69527
6vE59B1z4p174N25

• Calculate Signature

Signature=Hex.encodeHex(hmacSha256("28G5nC2zw143m25026n9H11PwNYs4576", "GET"+"\n"+"/v1.1/customer/1"+"\n"+"20190401T131000Z"+"\n"+"69527"+"\n"+"6vE59B1z4p174N25"+"\n"+""))

Signature=dc0e08bf6f6487c044d2f8388da0baf7a8eda7f506b1eeffaf59957ac86969f3

• Final Request

GET /v1.1/customer/1 HTTP/1.1
Host: base-api.swiftfederation.com

Authorization:HMAC-SHA256 6vE59B1z4p174N25:dc0e08bf6f6487c044d2f8388da0baf7a8eda7f506b1eeffaf59957ac86969f3
Content-Type:application/json; charset=utf-8
X-SFD-Date:20190401T131000Z
X-SFD-Nonce:69527