Accessing a Real-Time Service (AK/SK-based Authentication)
If a real-time service is in the Running state, the real-time service has been deployed successfully. This service provides a standard RESTful API for users to call. Users can call the API using AK/SK-based authentication.
When AK/SK-based authentication is used, you can use the APIG SDK or ModelArts SDK to access real-time services. For details about how to use the ModelArts SDK to access real-time services, see AK/SK-based Authentication. This section describes how to use the APIG SDK to access a real-time service. The process is as follows:
- AK/SK-based authentication supports API requests with a body not larger than 12 MB. For API requests with a larger body, token-based authentication is recommended.
- The client must synchronize its local time with the NTP server to avoid a large offset in the value of X-Sdk-Date in the request header.
API Gateway checks the time format and compares the time with the time when API Gateway receives the request. If the time difference exceeds 15 minutes, API Gateway will reject the request.
Obtaining an AK/SK Pair
If an AK/SK pair is already available, skip this step. Find the downloaded AK/SK file, which is usually named credentials.csv.
As shown in the following figure, the file contains the username, AK, and SK.
- Register with and log in to the management console.
- Click the username and choose My Credentials from the drop-down list.
- On the My Credentials page, choose Access Keys in the navigation pane.
- Click Create Access Key. The Identity Verification dialog box is displayed.
- Enter the SMS verification code and click OK to download the access key. Keep the key secure.
Obtaining the URI
Before calling an API, you need to obtain the API URI. The procedure is as follows:
- Log in to the ModelArts management console. In the left navigation pane, choose Service Deployment > Real-Time Services. By default, the system switches to the Real-Time Services page.
- Click the name of the target service. The service details page is displayed.
- Obtain the API of the service.
Figure 3 Obtaining the API of the service
Preparing Environment (Python)
This section uses Python as an example to describe how to use the APIG SDK. For details about how to download and use the SDK in other languages, see the API Gateway Developer Guide.
- Obtain the Python installation package (version 2.7.9 or 3.X) from the Python official website and install it. After Python is installed, you can run the pip install requests command to install the requests library using the Python package manager pip.
If a certificate error occurs when you use pip to install the requests library, download and execute the file using Python to upgrade pip. Then run the preceding command to install the library.
- Obtain IntelliJ IDEA from the IntelliJ IDEA official website and install it. Install the Python plug-in on IntelliJ IDEA. See Figure 4.
- Download the ApiGateway-python-sdk.zip. The following table describes the directory structure of the decompressed package.
Table 1 Directory structure of the decompressed package Name
Description
apig_sdk\__init__.py
SDK code
apig_sdk\signer.py
main.py
Sample code
backend_signature.py
Sample code for the backend signature
licenses\license-requests
Third-party library license file
- Create a project.
- Open IDEA and choose File > New > Project. On the displayed New Project page, select Python and click Next.
Figure 5 Creating a project
- Click Next. The following page is displayed. Click ..., select the path for the decompressed SDK package, and click Finish.
Figure 6 Selecting the SDK path after decompression
- Open IDEA and choose File > New > Project. On the displayed New Project page, select Python and click Next.
- After the project is created, the directory structure is shown in the following figure. main.py is sample code. Modify the parameters to suit your requirements before use. For details about the sample code, see API Calling Example.
Figure 7 Directory structure of a new project
API Calling Example
- Add apig_sdk to the project.
1 2
from apig_sdk import signer import requests
- Generate a new signer and enter the AK and SK. For details about how to obtain the AK and SK, see Obtaining an AK/SK Pair.
1 2 3
sig = signer.Signer() sig.Key = "UATBQ1PQO1D5ORNVCDAA" sig.Secret = "ap6H7L******0QvHCNk"
- Generate a request object and specify the method, request URI, header, and body.
r= signer.HttpRequest(method, uri, header, body)
Table 2 HttpRequest parameters Parameter
Sub-Parameter
Mandatory
Description
method
N/A
Yes
The value can be GET, POST, PUT, or DELETE.
uri
N/A
Yes
Enter the API URI of the real-time service. For details about how to obtain the URI, see Obtaining the URI.
header
x-stage
Yes
API release environment, which can only be RELEASE.
Content-Type
No
Content type, which can only be application/json. For details about the multipart/form-data request body, see Table 3.
x-sdk-content-sha256
No
Signature mode. This parameter can be set to UNSIGNED-PAYLOAD, indicating that signature authentication is not performed on the request body.
This parameter is mandatory when the body is input as a file.
body
N/A
No
The JSON format is supported, for example, "{\"xxx\":\"xxx\"}".
- If the request body is in JSON format:
r = signer.HttpRequest("POST", "https://1684994b180244de9d141c00d3e52c73.apig.exampleRegion.huaweicloudapis.com/v1/infers/exampleServiceId", {"x-stage": "RELEASE","Content-Type":"application/json"},"{\"xxx\":\"xxx\"}") - If the request body is input as a file, construct the request body in multipart/form-data format.
Request body format: files = {"Request parameter": ("Load path", File content, "File type", Request header)}
Table 3 files parameters Parameter
Description
Request parameter
Enter the parameter name of the real-time service.
Load path
Path in which the file is stored.
File content
Content of the file to be uploaded.
File type
Type of the file to be uploaded, which can be one of the following options:
- txt: text/plain
- jpg/jpeg: image/jpeg
- png: image/png
Request header
You are advised to set this parameter to {}. The request header is specified by header in HttpRequest.
The following figure shows an example of accessing a real-time service with request parameter images.
Figure 8 Accessing a real-time service
1 2 3
r = signer.HttpRequest("POST","https://63fb035aeef34368880448a94cb7f440.apig.cn-north-4.huaweicloudapis.com/v1/infers/76c41384-23ab-45f9-a66e-892e7bc2be53", {"x-stage": "RELEASE", "x-sdk-content-sha256": "UNSIGNED-PAYLOAD"}) files = {"images": ("flower.png", open("flower.png", "rb"), "image/png", {})}
- If the request body is in JSON format:
- Execute the following function to add the X-Sdk-Date header and Authorization header used for signature to the request:
1
sig.Sign(r)
- Call the API and check the result.
resp = requests.request(method,url, headers, data, files)
Table 4 Request parameters Parameter
Description
method
Request method of the signed request object.
url
Request URL of the signed request object.
headers
Headers of the signed request object.
data
Body of the request object, which can only be in JSON format.
files
Request body in multipart/form-data format.
- If the request body is in JSON format:
1 2 3
resp = requests.request(r.method, r.scheme + "://" + r.host + r.uri, headers=r.headers, data=r.body) print(resp.status_code, resp.reason) print(resp.content)
- If the request body is input as an image:
1 2 3
resp = requests.request(r.method, r.scheme + "://" + r.host + r.uri, headers=r.headers, data={}, files=files) print(resp.status_code, resp.reason) print(resp.content)
- If the request body is in JSON format:
Last Article: Accessing a Real-Time Service (Token-based Authentication)
Next Article: Accessing a Real-Time Service (Application Authentication)
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.