Your EPS account
Sign in to view secure API documentation, update your account details, log support requests and much more.
Your email or password is incorrect. Please try again or reset your password.
If the issue persists please contact your EPS representative.
Reset your password
Please enter your email address below. We will send password reset instructions to the email associated with your EPS account.
Thank you
An email has been sent to your account email address with further instructions on how to reset your password.
API 密钥验证和访问
您将使用 HTTP 授权标头传输每个请求的 API 密钥以及 SHA-512 签名哈希。签名哈希包含您的 API 密钥、共享密钥以及当前的 UNIX 时间戳。
创建您的授权标头
EPS 希望您的授权标头使用下列格式 - 记录所需的 EPS
前缀。此前缀可确保向您的请求应用了正确的授权规则。
Authorization: EAN APIKey=yourAPIKey,Signature=sha512Hash,timestamp=yourUNIXTimestamp
您的 signature
值为您的 API 密钥串联的未加盐 SHA-512 哈希 + 共享密钥 + UNIX 时间戳(以秒为单位)。
您的 timestamp
值必须为用于生成您的 signature
的相同值。如果提供了不同的时间戳值,EPS 将无法验证您的签名哈希值,并且您的请求将被拒绝。
下面是一个完整的授权标头示例:
Authorization: EAN APIKey=dkc4wrkp7w58wx5v2jxen2kx,Signature=Mgup2Azf,timestamp=1476739212
验证您的授权标头
尝试测试请求之前,请针对 EPS 签名生成器测试您自己的代码。
注意:NTP 时钟同步
EPS 会使用网络时间协议 (NTP) 来同步内部服务器的时间。如果您也使用 NTP,则不应出现时钟同步问题。大多数现代操作系统均支持此时钟同步或类似的时间同步服务 – 请查看您的操作系统文档。系统接受早于或晚于服务器时间戳长达五分钟的时间戳,以适应合理的时钟漂移。
签名生成代码示例
PHP
$apiKey = "abcdefg"; $secret = "1a2bc3"; $timestamp = time(); $authHeader = 'Authorization: EAN APIKey=' . $apiKey . ',Signature=' . hash("sha512", $apiKey.$secret.$timestamp) . ',timestamp=' . time();
JavaScript
var crypto = require('crypto'); var request = require('request'); var apiKey = "123"; var secret="123"; var timestamp = Math.round((new Date().getTime()/1000)); var hash = crypto.createHmac('sha256', apiKey+secret+timestamp).digest('hex'); var authHeaderValue = 'EAN APIKey=' +apiKey+ ',Signature=' + hash + ',timestamp=' + timestamp;
Java
import java.io.UnsupportedEncodingException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.security.Timestamp; import java.util.Date; String apiKey = "123"; String secret = "123"; Date date= new java.util.Date(); Long timestamp = (date.getTime() / 1000); String signature = null; try { String toBeHashed = apiKey + secret + timestamp; MessageDigest md = MessageDigest.getInstance("SHA-512"); byte[] bytes = md.digest(toBeHashed.getBytes("UTF-8")); StringBuilder sb = new StringBuilder(); for(int i=0; i< bytes.length ;i++){ sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1)); } signature = sb.toString(); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } String authHeaderValue = "EAN APIKey=" + apiKey + ",Signature=" + signature + ",timestamp=" + timestamp;
Python
import hashlib import datetime apiKey = "123" secret = "123" timestamp = str(int(time.time())); authHeaderValue = "EAN APIKey=" + apiKey + ",Signature=" + hashlib.sha512(apiKey+secret+timestamp).hexdigest() + ",timestamp=" + timestamp
Ruby
require 'digest' apiKey="123" secret="123" timestamp = Time.now.to_i toBeHashed = "#{apiKey}#{secret}#{timestamp}" signature = Digest::SHA2.new(512).hexdigest(toBeHashed) authHeaderValue = "EAN APIKey=#{apiKey},Signature=#{signature},timestamp=#{timestamp}"
C#
String apiKey = "123"; String secret = "123"; TimeSpan epochTicks = new TimeSpan(new DateTime(1970, 1, 1).Ticks); TimeSpan unixTicks = new TimeSpan(DateTime.UtcNow.Ticks) - epochTicks; double unixTime = (int)unixTicks.TotalSeconds; var toBeHashed = apiKey + secret + unixTime; var bytes = System.Text.Encoding.UTF8.GetBytes(toBeHashed); using (var hash = System.Security.Cryptography.SHA512.Create()) { var hashedInputBytes = hash.ComputeHash(bytes); var hashedInputStringBuilder = new System.Text.StringBuilder(128); foreach (var b in hashedInputBytes) hashedInputStringBuilder.Append(b.ToString("X2")); var signature = hashedInputStringBuilder.ToString(); var authHeaderValue = "EAN APIKey=" + apiKey + ",Signature=" + signature +",timestamp=" + unixTime; }
Perl
use strict; use Crypt::Digest::SHA512 qw(sha512_hex); my $apiKey = '123'; my $secret = '123'; my $timestamp = time; my $sig = sha512_hex($apiKey . $secret . $timestamp); my $authHeaderValue = "EAN APIKey=".$apiKey.",Signature=".$sig.",timestamp=".$timestamp; print $authHeaderValue;
保护您的共享密钥
向您提供的共享密钥对于您的请求数据至关重要 – 请将其视为密码。请勿在任何可公开访问的网站或 App 代码中包含原始值。当您获准可以整合 EPS Rapid 之后,会向您提供共享密钥和 API 密钥。
EPS Home | EPS Portal Login | Expedia Partner Central | Advertise with Expedia | News | Privacy Policy | Cookie Policy
© 2020 Expedia, Inc. All Rights Reserved.