Added BearerToken credential

integration/credential_test.go

@@ -140,3 +140,17 @@ func PKCS7UnPadding(origData []byte) []byte {
 	unpadding := int(origData[length-1])
 	return origData[:(length - unpadding)]
 }
+
+func TestDescribeRegionsWithBearToken(t *testing.T) {
+	request := requests.NewCommonRequest()
+	request.Version = "2017-07-05"
+	request.Product = "CCC"
+	request.ApiName = "ListRoles "
+	request.SetDomain("ccc.cn-shanghai.aliyuncs.com")
+	request.TransToAcsRequest()
+	client, err := sdk.NewClientWithBearerToken("cn-shanghai", "eyJhbGciOiJSUzI1NiIsImsyaWQiOiJlNE92NnVOUDhsMEY2RmVUMVhvek5wb1NBcVZLblNGRyIsImtpZCI6IkpDOXd4enJocUowZ3RhQ0V0MlFMVWZldkVVSXdsdEZodWk0TzFiaDY3dFUifQ.TjU2UldwZzFzRE1oVEN5UStjYlZLV1dzNW45cFBOSWdNRDhzQmVXYmVpLytWY012MEJqYjdTdnB3SE9LcHBiZkorUGdvclAxRy9GTjdHeldmaWZFVndoa05ueUNTem80dU0rUVFKdDFSY2V0bmFQcml5WFljTDhmNUZ2c1pFd3BhTDFOajVvRW9QVG83S1NVU3JpTFdKQmNnVHB1U094cUd4cGpCeFdXS0pDVnN0L3lzRkp4RTVlSFNzUm1Qa1FBVTVwS1lmaXE0QVFSd3lPQjdYSk1uUGFKU1BiSWhyWVFVS21WOVd5K2d3PT0.jxdCiNimyes3swDRBSxdsgaL4IlOD2Kz49Gf5w0VZ0Xap9ozUyxvSSywGzMrKvCTIoeh9QMCMjCpnt9A-nQxENj3YGAeBk8Wy19uHiT-4OVo-CiCKmKxILpzxcpOptNO-LER1swVLbt0NiTuTH4KB5CUaRwJKIFJuUwa57HcsWbvWQyZa1ms0NNOccNfGJl4177eY2LTUyyXWi4wYNA_L0YMTkZz4sOFM_Mdzks8bHXiSbGkkjfWQy0QblkLz6Bboh1OYlg3_RCLSWby_FMNoxU_eG2lGAsDnYxZDmCAq2jedY0x1RzZodo9HYRQN7DujlBhfzqm4hOBNvA3LiJfzw")
+	assert.Nil(t, err)
+	response, err := client.ProcessCommonRequest(request)
+	assert.True(t, strings.Contains(err.Error(), "Bearertoken has expired"))
+	assert.False(t, response.IsSuccess())
+}

sdk/auth/credentials/bearer_token_credential.go

@@ -0,0 +1,12 @@
+package credentials
+
+type BearerTokenCredential struct {
+	BearerToken string
+}
+
+// NewBearerTokenCredential return a BearerTokenCredential object
+func NewBearerTokenCredential(token string) *BearerTokenCredential {
+	return &BearerTokenCredential{
+		BearerToken: token,
+	}
+}

sdk/auth/credentials/bearer_token_credential_test.go

@@ -0,0 +1,12 @@
+package credentials
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestNewBearerTokenCredential(t *testing.T) {
+	bc := NewBearerTokenCredential("Bearer.Token")
+	assert.Equal(t, &BearerTokenCredential{"Bearer.Token"}, bc)
+}

sdk/auth/credentials/provider/profile_credentials.go

@@ -122,7 +122,6 @@ func (p *ProfileProvider) Resolve() (auth.Credential, error) {
 			data += scan.Text() + "\n"
 		}
 		return credentials.NewRsaKeyPairCredential(privateKey, value1.String(), 3600), nil
-
 	default:
 		return nil, errors.New("ERROR: Failed to get credential")
 	}

sdk/auth/roa_signature_composer.go

@@ -62,7 +62,10 @@ func completeROASignParams(request requests.AcsRequest, signer Signer, regionId
 				headerParams["x-acs-security-token"] = value
 				continue
 			}
-
+			if key == "BearerToken" {
+				headerParams["x-acs-bearer-token"] = value
+				continue
+			}
 			queryParams[key] = value
 		}
 	}

sdk/auth/roa_signature_composer_test.go

@@ -84,3 +84,11 @@ func TestRoaSignatureComposer3(t *testing.T) {
 	signRoaRequest(request, signer, "regionId")
 	assert.Equal(t, "mock date", request.GetHeaders()["Date"])
 }
+func TestCompleteROASignParams(t *testing.T) {
+	req := requests.NewCommonRequest()
+	req.TransToAcsRequest()
+	sign := signers.NewBearerTokenSigner(credentials.NewBearerTokenCredential("Bearer.Token"))
+	completeROASignParams(req, sign, "cn-hangzhou")
+	head := req.GetHeaders()
+	assert.Equal(t, "Bearer.Token", head["x-acs-bearer-token"])
+}

sdk/auth/signer.go

@@ -44,6 +44,10 @@ func NewSignerWithCredential(credential Credential, commonApi func(request *requ
 		{
 			signer = signers.NewStsTokenSigner(instance)
 		}
+	case *credentials.BearerTokenCredential:
+		{
+			signer = signers.NewBearerTokenSigner(instance)
+		}
 	case *credentials.RamRoleArnCredential:
 		{
 			signer, err = signers.NewRamRoleArnSigner(instance, commonApi)

sdk/auth/signer_test.go

@@ -73,6 +73,14 @@ func TestSigner_EcsRamRoleSigner(t *testing.T) {
 	assert.True(t, ok)
 }
 
+func TestSigner_BearerTokenSigner(t *testing.T) {
+	c := credentials.NewBearerTokenCredential("Bearer.Token")
+	signer, err := NewSignerWithCredential(c, nil)
+	assert.Nil(t, err)
+	_, ok := signer.(*signers.BearerTokenSigner)
+	assert.True(t, ok)
+}
+
 type OtherCredential struct {
 }
 

sdk/auth/signers/signer_bearer_token.go

@@ -0,0 +1,35 @@
+package signers
+
+import (
+	"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth/credentials"
+)
+
+type BearerTokenSigner struct {
+	credential *credentials.BearerTokenCredential
+}
+
+func NewBearerTokenSigner(credential *credentials.BearerTokenCredential) *BearerTokenSigner {
+	return &BearerTokenSigner{
+		credential: credential,
+	}
+}
+
+func (signer *BearerTokenSigner) GetExtraParam() map[string]string {
+	return map[string]string{"BearerToken": signer.credential.BearerToken}
+}
+
+func (*BearerTokenSigner) GetName() string {
+	return ""
+}
+func (*BearerTokenSigner) GetType() string {
+	return "BEARERTOKEN"
+}
+func (*BearerTokenSigner) GetVersion() string {
+	return "1.0"
+}
+func (signer *BearerTokenSigner) GetAccessKeyId() (accessKeyId string, err error) {
+	return "", nil
+}
+func (signer *BearerTokenSigner) Sign(stringToSign, secretSuffix string) string {
+	return ""
+}

sdk/auth/signers/signer_bearer_token_test.go

@@ -0,0 +1,31 @@
+package signers_test
+
+import (
+	"reflect"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+
+	"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth/credentials"
+	"github.com/aliyun/alibaba-cloud-sdk-go/sdk/auth/signers"
+)
+
+func TestBearerTokenSigner(t *testing.T) {
+	c := credentials.NewBearerTokenCredential("Bearer.Token")
+	sign := signers.NewBearerTokenSigner(c)
+	assert.NotNil(t, sign)
+	exparam := sign.GetExtraParam()
+	assert.True(t, reflect.DeepEqual(exparam, map[string]string{"BearerToken": "Bearer.Token"}))
+
+	assert.Empty(t, sign.GetName())
+
+	assert.Equal(t, "BEARERTOKEN", sign.GetType())
+
+	assert.Equal(t, "1.0", sign.GetVersion())
+
+	accessKeyID, err := sign.GetAccessKeyId()
+	assert.Empty(t, accessKeyID)
+	assert.Nil(t, err)
+
+	assert.Empty(t, sign.Sign("stringToSign", "&"))
+}

sdk/client.go

@@ -282,6 +282,14 @@ func (client *Client) InitWithEcsRamRole(regionId, roleName string) (err error)
 	return client.InitWithOptions(regionId, config, credential)
 }
 
+func (client *Client) InitWithBearerToken(regionId, bearerToken string) (err error) {
+	config := client.InitClientConfig()
+	credential := &credentials.BearerTokenCredential{
+		BearerToken: bearerToken,
+	}
+	return client.InitWithOptions(regionId, config, credential)
+}
+
 func (client *Client) InitClientConfig() (config *Config) {
 	if client.config != nil {
 		return client.config
@@ -641,6 +649,12 @@ func NewClientWithRsaKeyPair(regionId string, publicKeyId, privateKey string, se
 	return
 }
 
+func NewClientWithBearerToken(regionId, bearerToken string) (client *Client, err error) {
+	client = &Client{}
+	err = client.InitWithBearerToken(regionId, bearerToken)
+	return
+}
+
 func (client *Client) ProcessCommonRequest(request *requests.CommonRequest) (response *responses.CommonResponse, err error) {
 	request.TransToAcsRequest()
 	response = responses.NewCommonResponse()

sdk/client_test.go

@@ -611,16 +611,6 @@ func TestClient_NewClientWithStsRoleArn(t *testing.T) {
 	assert.Equal(t, false, client.isRunning)
 }
 
-//func Test_EnableAsync(t *testing.T) {
-//	client, err := NewClientWithAccessKey("regionid", "acesskeyid", "accesskeysecret")
-//	assert.Nil(t, err)
-//	assert.NotNil(t, client)
-//	assert.Equal(t, true, client.isRunning)
-//	client.EnableAsync(2, 8)
-//	client.Shutdown()
-//	assert.Equal(t, false, client.isRunning)
-//}
-
 func TestInitWithProviderChain(t *testing.T) {
 
 	//testcase1: No any environment variable
@@ -671,3 +661,9 @@ func TestInitWithProviderChain(t *testing.T) {
 	assert.EqualError(t, err, "No credential found")
 
 }
+
+func TestNewClientWithBearerToken(t *testing.T) {
+	client, err := NewClientWithBearerToken("cn-hangzhou", "Bearer.Token")
+	assert.Nil(t, err)
+	assert.NotNil(t, client)
+}