关于下载SAE日志签名认证的方法——PHP版

　　之前需要下载SAE上的日志存入数据库，因此研究了下SAE的签名认证和日志下载。这个链接是SAE官方给出的API文档。https://www.sinacloud.com/doc/api.html#qian-ming-fang-fa，虽然讲的方法很清晰，但并不是很具体。然后Python版本的网上比比皆是，我这里不费过多笔墨，看他的官方文档也不困难。

　　 下面的方法是获得SAE的签名认证：

  public function getAuthorization($accesskey,$secretkey,$time,$uri)
  {
    $header = array(
                'x-sae-timestamp' => $time,
                'x-sae-accesskey' => strtolower($accesskey)
            );
        ksort($header);
        $sae_header = array('GET',$uri);
        foreach ($header as $key => $value) {
            $sae_header[count($sae_header)] = $key.':'.$value;
        }
        $ret = implode(PHP_EOL, $sae_header);
        $auth = 'SAEV1_HMAC_SHA256 '.base64_encode(hash_hmac('sha256',$ret,$secretkey,true));
        return $auth;
  }

代码解释：传入参数L：$accesskey,$secretkey,$time,$uri，先将所有x-sae-开头的http header(小写)按name排序后用冒号链接name和value，放在method、uri(包含query string，不要转义)后以换行符分隔拼接为签名原文字符串，再以Secretkey为密钥用hmac sha256计算哈希值（二进制），再经base64编码，前面加上”SAEV1_HMAC_SHA256 “，得到本次请求的认证签名，即Authorization字段。

　　获得签名认证之后还需要获得header，方法如下：

  public function getheader($accesskey,$auth,$time)
  {
    return array(
                'Host: g.sae.sina.com.cn',
                'Accept: text/plain',
                'x-sae-accesskey: '.$accesskey,
                'x-sae-timestamp: '.$time,
                'Authorization: '. $auth
            );
  }

得到header之后就非常简单了：可以直接发送请求来获取SAE的日志：

  public function get($uri,$header){
    $host = 'http://g.sae.sina.com.cn'.$uri;
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL,$host);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
    curl_setopt($ch, CURLOPT_HEADER, 1);
    $ret =  curl_exec($ch);
    curl_close($ch);
    return $ret;
  }

使用上面的方法在配合具体的下载要求就可以随意下载SAE上的日志了。

下面附上完整的代码实例，这只是按照我的要求下载的日志并且存入了数据库，仅供参考：

    public function log()
    {
        //$uri = '/log/http/2016-08-03:2016-08-05/'.$_SERVER['HTTP_APPVERSION'].'3-access.log';
        $date = date('Y-m-d',strtotime('-1 day'));
        $time = time();
        $acc = 'lwjljzn2wz';
        $sec = '1hkzhw2y51wl2w1i21hl4miyj2yj44l5x1404l00';
        $uri = '/log/http/'.$date.'/3-access.log?grep/3.dxever.applinzi.com.*POST|fields/ /1/2/5';
        $uri_1 = '/log/http/'.$date.'/3-access.log?grep/3.dxever.applinzi.com.*POST|fields/"/2';
        //$uri = '/log/http/2016-08-09/3-access.log?fields/ /1/2/3';
        $g = D('godview');
        $auth = $g->getAuthorization($acc,$sec,$time,$uri);
        $header = $g->getheader($acc,$auth,$time);
        $ret = $g->get($uri,$header);
        $time_1 = time();
        $auth_1 = $g->getAuthorization($acc,$sec,$time_1,$uri_1);
        $header_1 = $g->getheader($acc,$auth_1,$time_1);
        $ret_1 = $g->get($uri_1,$header_1);
        $time_mom = date('Ymd',strtotime('-1 day'));
        $data = explode("3.dxever.applinzi.com",$ret);
        $data_1 = explode("POST ",$ret_1);

        unset($data_1[0]);
        unset($data[0]);
        foreach ($data as $k => $v)
        {

            preg_match_all('/\/index.php\/Area\/School\/GetSchoolComment\/token(.*) HTTP\/1.0/',$data_1["$k"],$token);
            if ($token[1][0] != NULL) {
                $log['user_id'] = $g->get_id($token[1][0]);
            }else {
                $log['user_id'] = NULL;
            }
            preg_match_all('/\/(.*) HTTP\/1.0/',$data_1["$k"],$url);

            preg_match_all('/((([1-9]?|1\d)\d|2([0-4]\d|5[0-5]))\.){3}(([1-9]?|1\d)\d|2([0-4]\d|5[0-5]))/',$v,$ip);
            preg_match_all('/\/2016:(.*)/',$v,$ti);
            // if ($url[1][0]==NULL) {
            //     // $url = 'a';
            //     preg_match_all('/GET (.*?) HTTP/',$v,$url);
            // }
            // preg_match_all('/Mozilla(.*)/',$v,$head);
            // $area = explode(" ",$time);
            $log['ip'] = $ip[0][0];
            $log['url'] = $url[1][0];
            $log['head'] = $head[0][0];
            $log['area'] = $area[1];
            // $time = $area[0];
            // $t = explode(":",$time,2);
            $log['time1'] = $time_mom;
            $log['time2'] = str_replace(':','',$ti[1][0]);
            // dump($log);
            $sta = $g->save_log($log);
        }
        if($sta){
            $this->response(returnSuccess(), 'json');
        }else {
            $this->response(returnWrong(), 'json');
        }

    }
下面为用到的方法的全部整合：

 public function getAuthorization($accesskey,$secretkey,$time,$uri)
  {
    $header = array(
                'x-sae-timestamp' => $time,
                'x-sae-accesskey' => strtolower($accesskey)
            );
        ksort($header);
        $sae_header = array('GET',$uri);
        foreach ($header as $key => $value) {
            $sae_header[count($sae_header)] = $key.':'.$value;
        }
        $ret = implode(PHP_EOL, $sae_header);
        $auth = 'SAEV1_HMAC_SHA256 '.base64_encode(hash_hmac('sha256',$ret,$secretkey,true));
        return $auth;
  }

  public function getheader($accesskey,$auth,$time)
  {
    return array(
                'Host: g.sae.sina.com.cn',
                'Accept: text/plain',
                'x-sae-accesskey: '.$accesskey,
                'x-sae-timestamp: '.$time,
                'Authorization: '. $auth
            );
  }

  public function get($uri,$header){
    $host = 'http://g.sae.sina.com.cn'.$uri;
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL,$host);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
    curl_setopt($ch, CURLOPT_HEADER, 1);
    $ret =  curl_exec($ch);
    curl_close($ch);
    return $ret;
  }

  public function save_log($log)
  {
    $a = M('log')->add($log);
    return $a;
  }