Last active
February 24, 2020 09:38
-
-
Save Zazcallabah/64fb095775a640b7b8b695850b075de1 to your computer and use it in GitHub Desktop.
Akamai EdgeGrid Signature for use as an Octopus build step template
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$RestMethod = "#{RestMethod}" | |
$AkamaiSecret = "#{AkamaiSecret}" | |
$AkamaiUri = "#{AkamaiUri}" | |
$AkamaiObjects = "#{AkamaiObjects}" | |
$AkamaiClientToken = "#{AkamaiClientToken}" | |
$AkamaiClientAccessToken = "#{AkamaiClientAccessToken}" | |
[System.Net.ServicePointManager]::Expect100Continue = $false | |
function sha256asb64str | |
{ | |
param($data) | |
$hasher = [System.Security.Cryptography.HashAlgorithm]::Create('sha256') | |
$hash = $hasher.ComputeHash([System.Text.Encoding]::UTF8.GetBytes($data)) | |
[Convert]::ToBase64String($hash) | |
} | |
function hmacsha256 | |
{ | |
param($key,$data) | |
$hmac = New-Object System.Security.Cryptography.HMACSHA256 | |
$hmac.key = [System.Text.Encoding]::UTF8.GetBytes($key) | |
$hash = $hmac.ComputeHash([System.Text.Encoding]::UTF8.GetBytes($data)) | |
return [Convert]::ToBase64String($hash) | |
} | |
function MakeAuthHeader | |
{ | |
param( | |
[uri]$uri, | |
[string]$method, | |
$headers, | |
[string]$clientToken, | |
[string]$accessToken, | |
[string]$clientSecret, | |
[string]$data | |
) | |
$guid = [Guid]::NewGuid().ToString() | |
$timestamp = [datetime]::UtcNow.tostring("yyyyMMddTHH:mm:ss+0000") | |
$reqsig = "EG1-HMAC-SHA256 client_token=$($clientToken);access_token=$($accessToken);timestamp=$($timestamp);nonce=$($guid);" | |
if( $headers -ne $null ) | |
{ | |
$canonHeaders = ($headers.GetEnumerator() | %{ "$($_.name.trim().toLowerInvariant()):$($_.value.trim())" }) -join "`t" | |
} | |
else | |
{ | |
$canonHeaders = "" | |
} | |
if( $method -eq "POST" ) | |
{ | |
$contentHash = sha256asb64str $data | |
} | |
else | |
{ | |
$contentHash = "" | |
} | |
$requestdatafields = @( | |
$method.ToUpperInvariant(), | |
$uri.Scheme, | |
$uri.Host, | |
$uri.PathAndQuery, | |
$canonHeaders, | |
$contentHash, | |
$reqsig | |
); | |
$signingkey = hmacsha256 -key $clientSecret -data $timestamp | |
$stringtosign = $requestdatafields -join "`t" | |
$signature = hmacsha256 -key $signingKey -data $stringtosign | |
$signedheader= "$($reqsig)signature=$($signature)" | |
return $signedheader | |
} | |
$objectlist = $AkamaiObjects -split "," | |
$data = @{ "objects" = @($objectlist); } | ConvertTo-Json -depth 99 -Compress | |
$headers = @{ | |
"Content-Type"="application/json"; | |
} | |
$method = $RestMethod | |
$auth = MakeAuthHeader -uri $AkamaiUri -method $method -headers @{} -clientToken $AkamaiClientToken -accessToken $AkamaiClientAccessToken -clientSecret $AkamaiSecret -data $data | |
$headers.Add("Authorization",$auth) | |
$data | Invoke-Webrequest -UseBasicParsing -Method POST -Uri $AkamaiUri -Headers $headers -UserAgent $null | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment