阿里云新版人脸识别基于JAVA签名校验使用示例教程

在线体验各类最新模型,更有模型 免费Token 额度领取!
立即体验
简介: 您可以从这里了解更多阿里云 SDK 的信息,前面系列博客也结合各种语言的SDK进行了实现。本文以DetectFace API为示例,演示实际基于签名校验的实现。
作者:俏巴

概述

阿里云会对每个访问的请求进行身份验证,所以无论使用 HTTP 还是 HTTPS 协议提交请求,都需要在请求中包含签名(Signature)信息。通过使用 Access Key ID 和 Access Key Secret 进行对称加密的方法来验证请求的发送者身份。阿里云提供了多种语言的 SDK 及第三方 SDK,可以免去您对签名算法进行编码的麻烦。您可以从这里了解更多阿里云 SDK 的信息,前面系列博客也结合各种语言的SDK进行了实现。本文以DetectFace API为示例,演示实际基于签名校验的实现。

操作步骤

1、pom.xml

   
     
        <dependency>
            <groupId>org.apache.httpcomponentsgroupId>
            <artifactId>httpclientartifactId>
            <version>4.4version>
        dependency>
        
     
        <dependency>
            <groupId>commons-langgroupId>
            <artifactId>commons-langartifactId>
            <version>2.6version>
        dependency>
        
     
        <dependency>
            <groupId>log4jgroupId>
            <artifactId>log4jartifactId>
            <version>1.2.17version>
        dependency>

        
     
        <dependency>
            <groupId>com.google.collectionsgroupId>
            <artifactId>google-collectionsartifactId>
            <version>1.0-rc2version>
        dependency>
    dependencies>

2、工具类:UrlUtil

import java.net.URLEncoder;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
public class UrlUtil {
    private static Logger logger = Logger.getLogger(UrlUtil.class);
    private final static String CHARSET_UTF8 = "utf8";
    /**
     *
     * @param url
     * @return
     */
    public static String urlEncode(String url) {
        if (!StringUtils.isEmpty(url)) {
            try {
                url = URLEncoder.encode(url, "UTF-8");
            } catch (Exception e) {
                logger.warn("Url encode error:" + e.getMessage());
            }
        }
        return url;
    }
    public static String generateQueryString(Map<String, String> params, boolean isEncodeKV) {
        StringBuilder canonicalizedQueryString = new StringBuilder();
        for (Map.Entry<String, String> entry : params.entrySet()) {
            if (isEncodeKV)
                canonicalizedQueryString.append(percentEncode(entry.getKey())).append("=")
                        .append(percentEncode(entry.getValue())).append("&");
            else
                canonicalizedQueryString.append(entry.getKey()).append("=")
                        .append(entry.getValue()).append("&");
        }
        if (canonicalizedQueryString.length() > 1) {
            canonicalizedQueryString.setLength(canonicalizedQueryString.length() - 1);
        }
        return canonicalizedQueryString.toString();
    }
    public static String percentEncode(String value) {
        try {
            // 使用URLEncoder.encode编码后,将"+","*","%7E"做替换即满足 API规定的编码规范
            return value == null ? null : URLEncoder.encode(value, CHARSET_UTF8)
                    .replace("+", "%20").replace("*", "%2A").replace("%7E", "~");
        } catch (Exception e) {
            //不可能发生的异常
        }
        return "";
    }
}

3、工具类:SignatureUtils

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.Map;
import java.util.TreeMap;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.StringUtils;
public class SignatureUtils {
    private final static String CHARSET_UTF8 = "utf8";
    private final static String ALGORITHM = "UTF-8";
    private final static String SEPARATOR = "&";
    public static Map<String, String> splitQueryString(String url)
            throws URISyntaxException, UnsupportedEncodingException {
        URI uri = new URI(url);
        String query = uri.getQuery();
        final String[] pairs = query.split("&");
        TreeMap<String, String> queryMap = new TreeMap<String, String>();
        for (String pair : pairs) {
            final int idx = pair.indexOf("=");
            final String key = idx > 0 ? pair.substring(0, idx) : pair;
            if (!queryMap.containsKey(key)) {
                queryMap.put(key, URLDecoder.decode(pair.substring(idx + 1), CHARSET_UTF8));
            }
        }
        return queryMap;
    }
    public static String generate(String method, Map<String, String> parameter,
                                  String accessKeySecret) throws Exception {
        String signString = generateSignString(method, parameter);
        System.out.println("signString---"+signString);
        byte[] signBytes = hmacSHA1Signature(accessKeySecret + "&", signString);
        String signature = newStringByBase64(signBytes);
        System.out.println("signature---"+signature);
        if ("POST".equals(method))
            return signature;
        return URLEncoder.encode(signature, "UTF-8");
    }
    public static String generateSignString(String httpMethod, Map<String, String> parameter)
            throws IOException {
        TreeMap<String, String> sortParameter = new TreeMap<String, String>();
        sortParameter.putAll(parameter);
        String canonicalizedQueryString = UrlUtil.generateQueryString(sortParameter, true);
        if (null == httpMethod) {
            throw new RuntimeException("httpMethod can not be empty");
        }
        StringBuilder stringToSign = new StringBuilder();
        stringToSign.append(httpMethod).append(SEPARATOR);
        stringToSign.append(percentEncode("/")).append(SEPARATOR);
        stringToSign.append(percentEncode(canonicalizedQueryString));
        return stringToSign.toString();
    }
    public static String percentEncode(String value) {
        try {
            return value == null ? null : URLEncoder.encode(value, CHARSET_UTF8)
                    .replace("+", "%20").replace("*", "%2A").replace("%7E", "~");
        } catch (Exception e) {
        }
        return "";
    }
    public static byte[] hmacSHA1Signature(String secret, String baseString)
            throws Exception {
        if (StringUtils.isEmpty(secret)) {
            throw new IOException("secret can not be empty");
        }
        if (StringUtils.isEmpty(baseString)) {
            return null;
        }
        Mac mac = Mac.getInstance("HmacSHA1");
        SecretKeySpec keySpec = new SecretKeySpec(secret.getBytes(CHARSET_UTF8), ALGORITHM);
        mac.init(keySpec);
        return mac.doFinal(baseString.getBytes(CHARSET_UTF8));
    }
    public static String newStringByBase64(byte[] bytes)
            throws UnsupportedEncodingException {
        if (bytes == null || bytes.length == 0) {
            return null;
        }
        return new String(Base64.encodeBase64(bytes, false), CHARSET_UTF8);
    }
    public static void main(String[] args) {
        String str = "GET&%2F&AccessKeyId%3DCd***eHJuMOrT%26Action%3DDescribeInstances%26Format%3DJSON%26RegionId%3Dcn-hangzhou%26SignatureMethod%3DHMAC-SHA1%26SignatureNonce%3D9fdf288**36082ebef%26SignatureVersion%3D1.0%26Timestamp%3D2015-12-21T09%253A05%253A44Z%26Version%3D2014-05-26";
        byte[] signBytes;
        try {
            signBytes = SignatureUtils.hmacSHA1Signature("byc****6HQmH" + "&", str.toString());
            String signature = SignatureUtils.newStringByBase64(signBytes);
        } catch (Exception e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }
    }
}

4、Main方法

import com.google.common.collect.Maps;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
import java.net.URI;
import java.net.URLEncoder;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Map;
import java.util.SimpleTimeZone;
import java.util.UUID;

public class Demo1 {
    private static String getQueryUrl(Map<String, String> param, String accessKeyId, String secret) throws Exception {
        Date date = new Date();
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
        simpleDateFormat.setTimeZone(new SimpleTimeZone(0, "GMT"));
        String timestamp = simpleDateFormat.format(date);
        Map<String, String> publicParam = Maps.newHashMap();

        publicParam.put("AccessKeyId", accessKeyId);
        publicParam.put("Format", "json");
        publicParam.put("SignatureMethod", "Hmac-SHA1");
        publicParam.put("SignatureNonce", UUID.randomUUID().toString());
        publicParam.put("SignatureVersion", "1.0");
        publicParam.put("Timestamp", timestamp);
        publicParam.put("Version", "2018-12-03");
        publicParam.put("RegionId", "cn-shanghai");

        if (param != null) {
            for (Map.Entry<String, String> entry : param.entrySet()) {
                publicParam.put(entry.getKey(), entry.getValue());
            }
        }

        String s = SignatureUtils.generateSignString("POST", publicParam);
        byte[] signBytes;
        signBytes = SignatureUtils.hmacSHA1Signature(secret + "&", s);
        String signature = SignatureUtils.newStringByBase64(signBytes);

        publicParam.put("Signature", signature);

        String url = "http://face.cn-shanghai.aliyuncs.com/?";
        //对参数进行url编码
        for (Map.Entry<String, String> entry : publicParam.entrySet()) {
            publicParam.put(entry.getKey(), URLEncoder.encode(entry.getValue().toString(), "UTF-8"));
        }
        //拼接请求url
        for (Map.Entry<String, String> entry : publicParam.entrySet()) {
            url = url + entry + "&";
        }
        //去掉最后一个&
        url = url.substring(0, url.length() - 1);
        return url;
    }

    public static void main(String[] args) {
        try {
            Map<String, String> map = Maps.newHashMap();
            map.put("Action", "DetectFace");
            String imageUrl_1 = "https://timgsa.baidu.com/timg?image&quality=80&size=b9999_10000&sec=1559655604341&di=3d6995f6dee1c4795d1827e754a00452&imgtype=0&src=http%3A%2F%2Fimg0.ph.126.net%2F90u9atgu46nnziAm1NMAGw%3D%3D%2F6631853916514183512.jpg";
            map.put("ImageUrl",imageUrl_1);

            // access_key_id, access_key_secret  获取参考链接:https://yq.aliyun.com/articles/693979?spm=a2c4e.11155435.0.0.319326a2bKJ90g
            String accessKeyId = "*******";
            String secret = "*******";
            String url = getQueryUrl(map, accessKeyId, secret);

            // 使用生成的 URL 创建POST请求
            URIBuilder builder = new URIBuilder(url);
            URI uri = builder.build();
            HttpPost request = new HttpPost(uri);
            HttpClient httpclient = HttpClients.createDefault();

            HttpResponse response = httpclient.execute(request);
            HttpEntity entity = response.getEntity();

            if (entity != null)
            {
                System.out.println(EntityUtils.toString(entity));
            }
        }
        catch (Exception e)
        {
            System.out.println(e.getMessage());
        }
    }
}

5、运行结果


{"Data":{"landmark":[799.2508544921875,1096.208740234375,1240.654296875,1094.9720458984375,1017.4330444335938,998.57861328125,1019.7756958007812,1073.234375,856.2061767578125,1035.13671875,933.8515625,1003.8469848632812,1100.0830078125,1011.6668701171875,1179.436767578125,1038.3056640625,872.8338623046875,1087.581298828125,945.71942138671875,1074.416015625,1093.3974609375,1081.538818359375,1166.590576171875,1092.97607421875,1493.1463623046875,1106.8787841796875,1803.4925537109375,1122.54248046875,1661.3282470703125,1008.6871948242188,1651.0706787109375,1079.126953125,1537.4063720703125,1056.8326416015625,1597.4547119140625,1028.1773681640625,1726.907470703125,1018.4874267578125,1778.471435546875,1060.5947265625,1546.176025390625,1099.3516845703125,1597.8970947265625,1085.4248046875,1704.5565185546875,1081.686279296875,1754.29541015625,1101.360595703125,950.329833984375,1237.64794921875,1183.385009765625,1267.03759765625,977.181396484375,1217.33203125,1007.8623046875,1203.468505859375,1040.79296875,1196.4024658203125,1074.479736328125,1197.28076171875,1107.569091796875,1203.653076171875,1138.1513671875,1217.7967529296875,1163.763427734375,1239.65087890625,972.8101806640625,1259.625244140625,999.7427978515625,1275.834716796875,1029.82177734375,1285.0888671875,1060.949951171875,1289.74853515625,1092.414306640625,1290.66357421875,1123.592041015625,1286.35107421875,1154.080322265625,1278.5302734375,1505.3389892578125,1268.0709228515625,1708.0179443359375,1249.576416015625,1518.981201171875,1239.8076171875,1538.6033935546875,1215.315185546875,1567.039306640625,1202.20703125,1598.1136474609375,1198.019775390625,1629.2843017578125,1201.669677734375,1659.324462890625,1210.7451171875,1686.067138671875,1227.1563720703125,1530.2646484375,1279.018310546875,1556.6688232421875,1285.6533203125,1583.6409912109375,1289.33984375,1610.8587646484375,1289.97509765625,1638.017578125,1288.05908203125,1664.3843994140625,1281.280517578125,1688.3682861328125,1268.41259765625,1356.669921875,1282.080322265625,1408.8363037109375,1560.64453125,1382.7197265625,1421.0,1381.5010986328125,1632.008056640625,1219.308349609375,1626.333251953125,1504.8509521484375,1610.831787109375,1130.4825439453125,1834.1395263671875,1509.7669677734375,1838.226318359375,1168.39501953125,1840.3800048828125,1477.0972900390625,1842.334228515625,1356.515380859375,1776.99951171875,1318.5791015625,1763.8675537109375,1391.8681640625,1763.096435546875,1223.385498046875,1796.4013671875,1458.71044921875,1788.520751953125,1175.30078125,1811.2015380859375,1270.33349609375,1778.24560546875,1426.817626953125,1771.79443359375,1487.899169921875,1809.6094970703125,1339.509521484375,1975.9508056640625,1215.365234375,1935.4556884765625,1444.841064453125,1933.088623046875,1168.38525390625,1888.6160888671875,1273.85400390625,1966.6778564453125,1396.037353515625,1963.970703125,1483.1046142578125,1889.708984375,1350.7132568359375,1842.592041015625,1342.6649169921875,1877.176025390625,1259.4251708984375,1840.41455078125,1253.5074462890625,1868.7591552734375,1413.9844970703125,1838.3511962890625,1413.215087890625,1872.574462890625,1213.9150390625,1836.5245361328125,1210.5072021484375,1855.8992919921875,1305.033935546875,1843.0133056640625,1297.79638671875,1876.015380859375,1382.399658203125,1841.2255859375,1378.171142578125,1878.257080078125,1445.6971435546875,1837.94091796875,1446.6396484375,1860.6153564453125,622.818603515625,1224.1640625,1785.5914306640625,1214.9752197265625,1357.4207763671875,2194.99365234375,768.70306396484375,1845.98193359375,1715.2325439453125,1736.135498046875,668.5491943359375,1537.0185546875,1775.165771484375,1473.250732421875,1036.9564208984375,2098.42333984375,1579.2042236328125,2001.826416015625],"pose":[10.426637649536133,-4.4992427825927734,-0.58456879854202271],"face_prob":[1.0],"request_id":"B95412C6-858B-47D4-B3A0-DBE0BA6188D9","errno":0,"face_num":1,"iris":[1071.598876953125,1235.034912109375,51.706081390380859,1573.8760986328125,1241.315673828125,51.706081390380859],"landmark_num":105,"face_rect":[679,539,1172,1664]},"RequestId":"B95412C6-858B-47D4-B3A0-DBE0BA6188D9","Success":true}

相关文章
|
9月前
|
Java 开发工具
【Azure Storage Account】Java Code访问Storage Account File Share的上传和下载代码示例
本文介绍如何使用Java通过azure-storage-file-share SDK实现Azure文件共享的上传下载。包含依赖引入、客户端创建及完整示例代码,助你快速集成Azure File Share功能。
606 6
|
10月前
|
IDE Java 关系型数据库
Java 初学者学习路线(含代码示例)
本教程为Java初学者设计,涵盖基础语法、面向对象、集合、异常处理、文件操作、多线程、JDBC、Servlet及MyBatis等内容,每阶段配核心代码示例,强调动手实践,助你循序渐进掌握Java编程。
1210 3
|
10月前
|
Java
java入门代码示例
本文介绍Java入门基础,包含Hello World、变量类型、条件判断、循环及方法定义等核心语法示例,帮助初学者快速掌握Java编程基本结构与逻辑。
683 0
Java API 开发者
373 0
|
12月前
|
安全 Java 网络安全
Java 实现 SMTP 协议调用的详细示例及实战指南 SMTP Java 调用示例
本文介绍了如何使用Java调用SMTP协议发送邮件,涵盖SMTP基本概念、JavaMail API配置、代码实现及注意事项,适合Java开发者快速掌握邮件发送功能集成。
1437 0
|
12月前
|
算法 搜索推荐 Java
Java中的Collections.shuffle()方法及示例
`Collections.shuffle()` 是 Java 中用于随机打乱列表顺序的方法,基于 Fisher-Yates 算法实现,支持原地修改。可选传入自定义 `Random` 对象以实现结果可重复,适用于抽奖、游戏、随机抽样等场景。
443 0
|
存储 安全 Java
应届生面试高频 Java 基础问题及实操示例解析
本文总结了Java基础面试中的高频考点,包括数据类型分类、final修饰符的三种用途、static关键字特性、==与equals的区别、Java只有值传递的特性、String的不可变性、Error与Exception的差异、程序初始化顺序规则,以及IO流的字节流/字符流分类。每个问题都配有简明定义和典型示例,如用final修饰变量示例、static方法调用限制说明等,帮助应聘者快速掌握核心概念和实际应用场景。
391 0
|
Java 关系型数据库 MySQL
2025 年互联网公司校招 Java 面试题总结及答案实操示例解析
本项目基于Spring Boot 3与Java 17技术栈,围绕校园招聘常见面试题,提供核心知识点的实操示例。涵盖多线程、RESTful API设计、数据库操作(Spring Data JPA)、事务管理及异常处理等。通过完整代码实现与运行步骤,帮助理解用户管理、线程池配置等实际应用场景。资源包含项目结构、关键代码示例(如User实体类、UserService服务层、ThreadService多线程实现)及数据库迁移脚本,适合深入学习与实践。环境要求:JDK 17+、Maven 3.8+、MySQL 8.0+。
452 3
|
SQL Java 数据库连接
如何用 Java 校验 SQL 语句的合法性?
本文介绍了五种校验 SQL 语句合法性的方案:1) 使用 JDBC API 的 `execute()` 方法,通过捕获异常判断合法性;2) 使用 JSqlParser 库解析 SQL 语句为 Java 对象;3) 使用正则表达式检查 SQL 语句格式;4) 使用 ANTLR 生成 SQL 解析器;5) 使用 Apache Calcite 解析 SQL。每种方法各有优劣,具体选择取决于需求和个人偏好。需要注意的是,这些方法仅能校验语法合法性,无法保证语义正确性,仍需防范 SQL 注入攻击。
863 6