Página Principal Explorar Ajuda
Registe-se Iniciar Sessão
publics
/
aliyun-oss-go-sdk
0
0
Fork 0
Ficheiros Problemas 0 Pull Requests 0 Wiki
Árvore: a8af89afb3
Ramos Etiquetas
aliyun-oss-g...
/
oss
/
auth.go

auth.go 4.0 KB
Histórico Em bruto

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144 
  1. package oss
    2. 

  2. 

  3. import (
    4. 

  4. 	"bytes"
    5. 

  5. 	"crypto/hmac"
    6. 

  6. 	"crypto/sha1"
    7. 

  7. 	"encoding/base64"
    8. 

  8. 	"fmt"
    9. 

  9. 	"hash"
    10. 

  10. 	"io"
    11. 

  11. 	"net/http"
    12. 

  12. 	"sort"
    13. 

  13. 	"strconv"
    14. 

  14. 	"strings"
    15. 

  15. )
    16. 

  16. 

  17. // headerSorter defines the key-value structure for storing the sorted data in signHeader.
    18. 

  18. type headerSorter struct {
    19. 

  19. 	Keys []string
    20. 

  20. 	Vals []string
    21. 

  21. }
    22. 

  22. 

  23. // signHeader signs the header and sets it as the authorization header.
    24. 

  24. func (conn Conn) signHeader(req *http.Request, canonicalizedResource string) {
    25. 

  25. 

  26. 	akIf := conn.config.GetCredentials()
    27. 

  27. 

  28. 	// Get the final authorization string
    29. 

  29. 	authorizationStr := "OSS " + akIf.GetAccessKeyID() + ":" + conn.getSignedStr(req, canonicalizedResource, akIf.GetAccessKeySecret())
    30. 

  30. 

  31. 	// Give the parameter "Authorization" value
    32. 

  32. 	req.Header.Set(HTTPHeaderAuthorization, authorizationStr)
    33. 

  33. }
    34. 

  34. 

  35. func (conn Conn) getSignedStr(req *http.Request, canonicalizedResource string, keySecret string) string {
    36. 

  36. 	// Find out the "x-oss-"'s address in header of the request
    37. 

  37. 	temp := make(map[string]string)
    38. 

  38. 

  39. 	for k, v := range req.Header {
    40. 

  40. 		if strings.HasPrefix(strings.ToLower(k), "x-oss-") {
    41. 

  41. 			temp[strings.ToLower(k)] = v[0]
    42. 

  42. 		}
    43. 

  43. 	}
    44. 

  44. 	hs := newHeaderSorter(temp)
    45. 

  45. 

  46. 	// Sort the temp by the ascending order
    47. 

  47. 	hs.Sort()
    48. 

  48. 

  49. 	// Get the canonicalizedOSSHeaders
    50. 

  50. 	canonicalizedOSSHeaders := ""
    51. 

  51. 	for i := range hs.Keys {
    52. 

  52. 		canonicalizedOSSHeaders += hs.Keys[i] + ":" + hs.Vals[i] + "\n"
    53. 

  53. 	}
    54. 

  54. 

  55. 	// Give other parameters values
    56. 

  56. 	// when sign URL, date is expires
    57. 

  57. 	date := req.Header.Get(HTTPHeaderDate)
    58. 

  58. 	contentType := req.Header.Get(HTTPHeaderContentType)
    59. 

  59. 	contentMd5 := req.Header.Get(HTTPHeaderContentMD5)
    60. 

  60. 

  61. 	signStr := req.Method + "\n" + contentMd5 + "\n" + contentType + "\n" + date + "\n" + canonicalizedOSSHeaders + canonicalizedResource
    62. 

  62. 

  63. 	// convert sign to log for easy to view
    64. 

  64. 	if conn.config.LogLevel >= Debug {
    65. 

  65. 		var signBuf bytes.Buffer
    66. 

  66. 		for i := 0; i < len(signStr); i++ {
    67. 

  67. 			if signStr[i] != '\n' {
    68. 

  68. 				signBuf.WriteByte(signStr[i])
    69. 

  69. 			} else {
    70. 

  70. 				signBuf.WriteString("\\n")
    71. 

  71. 			}
    72. 

  72. 		}
    73. 

  73. 		conn.config.WriteLog(Debug, "[Req:%p]signStr:%s\n", req, signBuf.String())
    74. 

  74. 	}
    75. 

  75. 

  76. 	h := hmac.New(func() hash.Hash { return sha1.New() }, []byte(keySecret))
    77. 

  77. 	io.WriteString(h, signStr)
    78. 

  78. 	signedStr := base64.StdEncoding.EncodeToString(h.Sum(nil))
    79. 

  79. 

  80. 	return signedStr
    81. 

  81. }
    82. 

  82. 

  83. func (conn Conn) getRtmpSignedStr(bucketName, channelName, playlistName string, expiration int64, keySecret string, params map[string]interface{}) string {
    84. 

  84. 	if params[HTTPParamAccessKeyID] == nil {
    85. 

  85. 		return ""
    86. 

  86. 	}
    87. 

  87. 

  88. 	canonResource := fmt.Sprintf("/%s/%s", bucketName, channelName)
    89. 

  89. 	canonParamsKeys := []string{}
    90. 

  90. 	for key := range params {
    91. 

  91. 		if key != HTTPParamAccessKeyID && key != HTTPParamSignature && key != HTTPParamExpires && key != HTTPParamSecurityToken {
    92. 

  92. 			canonParamsKeys = append(canonParamsKeys, key)
    93. 

  93. 		}
    94. 

  94. 	}
    95. 

  95. 

  96. 	sort.Strings(canonParamsKeys)
    97. 

  97. 	canonParamsStr := ""
    98. 

  98. 	for _, key := range canonParamsKeys {
    99. 

  99. 		canonParamsStr = fmt.Sprintf("%s%s:%s\n", canonParamsStr, key, params[key].(string))
    100. 

  100. 	}
    101. 

  101. 

  102. 	expireStr := strconv.FormatInt(expiration, 10)
    103. 

  103. 	signStr := expireStr + "\n" + canonParamsStr + canonResource
    104. 

  104. 

  105. 	h := hmac.New(func() hash.Hash { return sha1.New() }, []byte(keySecret))
    106. 

  106. 	io.WriteString(h, signStr)
    107. 

  107. 	signedStr := base64.StdEncoding.EncodeToString(h.Sum(nil))
    108. 

  108. 	return signedStr
    109. 

  109. }
    110. 

  110. 

  111. // newHeaderSorter is an additional function for function SignHeader.
    112. 

  112. func newHeaderSorter(m map[string]string) *headerSorter {
    113. 

  113. 	hs := &headerSorter{
    114. 

  114. 		Keys: make([]string, 0, len(m)),
    115. 

  115. 		Vals: make([]string, 0, len(m)),
    116. 

  116. 	}
    117. 

  117. 

  118. 	for k, v := range m {
    119. 

  119. 		hs.Keys = append(hs.Keys, k)
    120. 

  120. 		hs.Vals = append(hs.Vals, v)
    121. 

  121. 	}
    122. 

  122. 	return hs
    123. 

  123. }
    124. 

  124. 

  125. // Sort is an additional function for function SignHeader.
    126. 

  126. func (hs *headerSorter) Sort() {
    127. 

  127. 	sort.Sort(hs)
    128. 

  128. }
    129. 

  129. 

  130. // Len is an additional function for function SignHeader.
    131. 

  131. func (hs *headerSorter) Len() int {
    132. 

  132. 	return len(hs.Vals)
    133. 

  133. }
    134. 

  134. 

  135. // Less is an additional function for function SignHeader.
    136. 

  136. func (hs *headerSorter) Less(i, j int) bool {
    137. 

  137. 	return bytes.Compare([]byte(hs.Keys[i]), []byte(hs.Keys[j])) < 0
    138. 

  138. }
    139. 

  139. 

  140. // Swap is an additional function for function SignHeader.
    141. 

  141. func (hs *headerSorter) Swap(i, j int) {
    142. 

  142. 	hs.Vals[i], hs.Vals[j] = hs.Vals[j], hs.Vals[i]
    143. 

  143. 	hs.Keys[i], hs.Keys[j] = hs.Keys[j], hs.Keys[i]
    144. 

  144. }
    145.