CloudKit ServertoServer身份验证：继续获取401身份验证失败

from requests_cloudkit import CloudKitAuth from restmapper import restmapper import json KEY_ID = '[my key ID from CK Dashboard]' SECRET_FILE_KEY = 'eckey.pem' AUTH = CloudKitAuth(KEY_ID, SECRET_FILE_KEY) PARAMS = { 'query':{ 'recordType': '[my record type]' }, } CloudKit = restmapper.RestMapper("https://api.apple-cloudkit.com/database/1/[my container]/development/") cloudkit = CloudKit(auth=AUTH) response = cloudkit.POST.public.records.query(json.dumps(PARAMS))

1条回答

网友
1楼 · 发布于 2024-10-02 00:33:00

创建服务器到服务器的密钥是重要的第一步，但为了在这之后发出HTTP请求，必须对每个请求进行签名
查找this documentation page底部附近的验证Web服务请求部分
这有点复杂，但您必须小心地构造签名头，以包含在您发出的每个请求中。我不熟悉如何在Python中实现这一点，但下面是我在NodeJS中实现这一点的方法，这可能会有所帮助：
//Get the timestamp in a very specific format let date = moment().utc().format('YYYY-MM-DD[T]HH:mm:ss[Z]') //Construct the subpath let endpoint = '/records/lookup' let path = '/database/1/iCloud.*****/development/public' let subpath = path+endpoint //Get the key file let privateKeyFile = fs.readFileSync('../../'+SECRET_FILE_KEY, 'utf8') //Make a string out of your JSON query let query = { recordType: '[my record type]' } let requestBody = JSON.stringify(query) //Hash the query let bodyHash = crypto.createHash('sha256').update(requestBody, 'utf8').digest('base64') //Assemble the components you just generated in a special format //[Current date]:[Request body]:[Web service URL subpath] let message = date+':'+bodyHash+':'+subpath //Sign it let signature = crypto.createSign('RSA-SHA256').update(message).sign(privateKeyFile, 'base64') //Assemble your headers and include them in your HTTP request let headers = { 'X-Apple-CloudKit-Request-KeyID': KEY_ID, 'X-Apple-CloudKit-Request-ISO8601Date': date, 'X-Apple-CloudKit-Request-SignatureV1': signature }
一开始这有点毛茸茸的，但我只是把所有这些东西放在一个函数中，每当我需要发出请求时，我都会重用这个函数
苹果的文档几乎已经被抛弃，现在很难在CloudKit Web服务上找到好的帮助

相关问题更多 >

编程相关推荐

热门问题

热门文章