class TencentCloud::Common::Sign

def sign_v3(content_type, endpoint, method, uri, query, payload, timestamp, secret_id, secret_key)
  canonical_headers = "content-type:#{content_type}\nhost:#{endpoint}\n"
  signed_headers = 'content-type;host'
  canonical_request = [
    method,
    uri,
    query,
    canonical_headers,
    signed_headers,
    payload,
  ].join("\n")
  service = endpoint.split('.')[0]
  date = Time.at(timestamp).utc.strftime('%Y-%m-%d')
  credential_scope = date + '/' + service + '/' + 'tc3_request'
  algorithm = 'TC3-HMAC-SHA256'
  hashed_request_payload = Digest::SHA256.hexdigest(canonical_request)
  string_to_sign = [
    algorithm,
    timestamp,
    credential_scope,
    hashed_request_payload,
  ].join("\n")
  digest = OpenSSL::Digest.new('sha256')
  secret_date = OpenSSL::HMAC.digest(digest, 'TC3' + secret_key, date)
  secret_service = OpenSSL::HMAC.digest(digest, secret_date, service)
  secret_signing = OpenSSL::HMAC.digest(digest, secret_service, 'tc3_request')
  signature = OpenSSL::HMAC.hexdigest(digest, secret_signing, string_to_sign)
  "#{algorithm} Credential=#{secret_id}/#{credential_scope}, SignedHeaders=#{signed_headers}, Signature=#{signature}"
end