代码示例

以下提供了多种语言的 Token 生成和接口调用示例。

JavaScript (Node.js)

const crypto = require('crypto');

const API_KEY    = 'a9f3c28d7b1e4f90c2a1b3d4';
const API_SECRET = '9f8c2e7a4d1b6f3a0e2c9b7d5a4f8e1c6b0d9a3e7f2c4b8a1d5e6f9c0b2';

// 生成 Token
const timestamp = Math.floor(Date.now() / 1000).toString();
const rawString = API_KEY + '.' + timestamp;
const signature = crypto
  .createHmac('sha256', API_SECRET)
  .update(rawString)
  .digest('hex');
const token = rawString + '.' + signature;

// 调用接口
const resp = await fetch('https://api.example.com/api/papi/v1/game/list', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${token}`,
    'Content-Type': 'application/json'
  }
});
console.log(await resp.json());

Python

import hmac, hashlib, time, requests

API_KEY    = 'a9f3c28d7b1e4f90c2a1b3d4'
API_SECRET = '9f8c2e7a4d1b6f3a0e2c9b7d5a4f8e1c6b0d9a3e7f2c4b8a1d5e6f9c0b2'

# 生成 Token
timestamp  = str(int(time.time()))
raw_string = f'{API_KEY}.{timestamp}'
signature  = hmac.new(
    API_SECRET.encode(), raw_string.encode(), hashlib.sha256
).hexdigest()
token = f'{raw_string}.{signature}'

# 调用接口
resp = requests.post(
    'https://api.example.com/api/papi/v1/game/list',
    headers={'Authorization': f'Bearer {token}'}
)
print(resp.json())

PHP

<?php
$apiKey    = 'a9f3c28d7b1e4f90c2a1b3d4';
$apiSecret = '9f8c2e7a4d1b6f3a0e2c9b7d5a4f8e1c6b0d9a3e7f2c4b8a1d5e6f9c0b2';

// 生成 Token
$timestamp = (string) time();
$rawString = $apiKey . '.' . $timestamp;
$signature = hash_hmac('sha256', $rawString, $apiSecret);
$token     = $rawString . '.' . $signature;

// 调用接口
$ch = curl_init('https://api.example.com/api/papi/v1/game/list');
curl_setopt_array($ch, [
    CURLOPT_POST           => true,
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HTTPHEADER     => [
        'Authorization: Bearer ' . $token,
        'Content-Type: application/json'
    ]
]);
echo curl_exec($ch);
curl_close($ch);

Go

package main

import (
    "crypto/hmac"
    "crypto/sha256"
    "encoding/hex"
    "fmt"
    "io"
    "net/http"
    "strconv"
    "time"
)

func main() {
    apiKey    := "a9f3c28d7b1e4f90c2a1b3d4"
    apiSecret := "9f8c2e7a4d1b6f3a0e2c9b7d5a4f8e1c6b0d9a3e7f2c4b8a1d5e6f9c0b2"

    // 生成 Token
    timestamp := strconv.FormatInt(time.Now().Unix(), 10)
    rawString := apiKey + "." + timestamp
    mac := hmac.New(sha256.New, []byte(apiSecret))
    mac.Write([]byte(rawString))
    signature := hex.EncodeToString(mac.Sum(nil))
    token := rawString + "." + signature

    // 调用接口
    req, _ := http.NewRequest("POST",
        "https://api.example.com/api/papi/v1/game/list", nil)
    req.Header.Set("Authorization", "Bearer "+token)

    resp, _ := http.DefaultClient.Do(req)
    defer resp.Body.Close()
    body, _ := io.ReadAll(resp.Body)
    fmt.Println(string(body))
}

cURL / Bash

#!/bin/bash
API_KEY="a9f3c28d7b1e4f90c2a1b3d4"
API_SECRET="9f8c2e7a4d1b6f3a0e2c9b7d5a4f8e1c6b0d9a3e7f2c4b8a1d5e6f9c0b2"

# 生成 Token
TIMESTAMP=$(date +%s)
RAW_STRING="${API_KEY}.${TIMESTAMP}"
SIGNATURE=$(echo -n "$RAW_STRING" | openssl dgst -sha256 -hmac "$API_SECRET" | awk '{print $2}')
TOKEN="${RAW_STRING}.${SIGNATURE}"

# 调用接口
curl -X POST "https://api.example.com/api/papi/v1/game/list" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json"