Stardust uses AccessKey pair to allow access to the Stardust platform. An AccessKey pair consists of an AccessKey ID and an AccessKey secret.
- The AccessKey ID is used to identify a user.
- The AccessKey secret is used to verify the identity of the user. You must keep your AccessKey secret confidential.
Getting your AccessKey pair
You can send email to dev@stardust.ai by your account to ask for your AccessKey pair, such as:
{
"accessKey": "U2FsdGVkX19WZI4YdvcVgQWFQVdhwrtKyFjTHb8I4HcgIGlrymzcdVv7cnsCfpox",
"secretKey": "U2FsdGVkX18NunM9ru5v57kHgE5QZzPvnXP7AJYi6Wdmmqf3DY858gRBFSjSC123"
}Authentication Method
Stardust uses "AccessKey pairs and asymmetric encryption algorithms" to authenticate API calls. Stardust expects for the AccessKey and a digital signature to be included in all API requests to our platform.
Request structure
The following table describes the required HTTP header fields of a valid API request. You must specify key-value pairs for the fields. The values are case-sensitive.
| Field | Description | Example |
|---|---|---|
| X-STARDUST-KEY | The AccessKey ID of the user. | U2FsdGVkX19WZI4YdvcVgQWFQVd... |
| X-TS | The standard timestamp header of the HTTP request. | integer(int64): 1715948940207 |
| X-SIGN | The signature. | md5 string |
The following sample code provides an example of a signed HTTP request:
X-STARDUST-KEY: U2FsdGVkX19WZI4YdvcVgQWFQVdhwrtKyFjTHb8I4HcgIGlrymzcdVv7cnsCfpoj
_ts: 1715948940207
_sign: 58454e54341403d16d2f5f219d869d8aSignature calculation
A signature string is generated by encrypting and encoding a signature message, which is constructed by "timestamp & AccessKey secret & AccessKey ID". The following sample code provides an example of how to calculate a signature.
# coding: utf-8
import hashlib
import time
import requests
class BaseRequest(object):
MY_AK = "6y2fw7zeqgde3796rtbuk8ag9iyxmam6"
MY_SK = "vgj5kz13hasie8c8irezz7u5fok3mzb6"
FIELD_AK = 'X-STARDUST-KEY'
FIELD_TS = 'X-TS'
FIELD_SIGN = 'X-SIGN'
FIELD_CONTENT_TYPE = 'Content-type'
def __init__(self, endpoint):
self.headers = {
BaseRequest.FIELD_AK: BaseRequest.MY_AK,
BaseRequest.FIELD_TS: '',
BaseRequest.FIELD_SIGN: '',
BaseRequest.FIELD_CONTENT_TYPE: 'application/json'
}
self.url = "openAPI-base-url" + endpoint
pass
def _fill_headers(self):
ts = str(int(time.time() * 1000))
self.headers[BaseRequest.FIELD_TS] = ts
tmp = '&'.join([ts, BaseRequest.MY_SK, BaseRequest.MY_AK])
md5_hash = hashlib.md5()
md5_hash.update(tmp.encode('utf-8'))
self.headers[BaseRequest.FIELD_SIGN] = md5_hash.hexdigest()
pass
def post(self, body):
print(self.headers, body)
return requests.request("POST", self.url, headers=self.headers, data=body)
passpublic class Md5Utils {
/**
* Encrypt content with MD5
* @param content Content to be encrypted
* @return Encryption result
*/
public static String getMd5(String content) {
MessageDigest messageDigest = null;
try {
messageDigest = MessageDigest.getInstance("MD5");
messageDigest.reset();
messageDigest.update(content.getBytes(StandardCharsets.UTF_8));
byte[] byteArray = messageDigest.digest();
StringBuilder md5StrBuff = new StringBuilder();
for (byte b : byteArray) {
if (Integer.toHexString(0xFF & b).length() == 1) {
md5StrBuff.append("0").append(Integer.toHexString(0xFF & b));
} else {
md5StrBuff.append(Integer.toHexString(0xFF & b));
}
}
return md5StrBuff.toString();
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
public static void main(String[] args) {
String accessKey = "6y2fw7zeqgde3796rtbuk8ag9iyxmam6";
String secretKey = "vgj5kz13hasie8c8irezz7u5fok3mzb6";
Long createTime = System.currentTimeMillis();
// Splice into a string to be encrypted
String string = createTime + "&" + secretKey + "&"+ accessKey;
System.out.println(JSONUtil.toJsonStr(new BaseRequest(accessKey, Md5Utils.getMd5(string), createTime)));
}
}