Augcl
/
houserent-front
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
租房小程序前端代码
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
12 Commits
1 Branch
7.2 MiB
Tree: 57f70614ab
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '57f70614ab'
${ noResults }
houserent-front/node_modules/ali-oss/lib/common/signUtils.js

350 lines
10 KiB
Raw Normal View History

1,租房
3 months ago
 
  1. const crypto = require('crypto');
  2. const is = require('is-type-of');
  3. const qs = require('qs');
  4. const { lowercaseKeyHeader } = require('./utils/lowercaseKeyHeader');
  5. const { encodeString } = require('./utils/encodeString');
  6. 

  7. /**
  8.  *
  9.  * @param {String} resourcePath
  10.  * @param {Object} parameters
  11.  * @return
  12.  */
  13. exports.buildCanonicalizedResource = function buildCanonicalizedResource(resourcePath, parameters) {
  14.   let canonicalizedResource = `${resourcePath}`;
  15.   let separatorString = '?';
  16. 

  17.   if (is.string(parameters) && parameters.trim() !== '') {
  18.     canonicalizedResource += separatorString + parameters;
  19.   } else if (is.array(parameters)) {
  20.     parameters.sort();
  21.     canonicalizedResource += separatorString + parameters.join('&');
  22.   } else if (parameters) {
  23.     const processFunc = key => {
  24.       canonicalizedResource += separatorString + key;
  25.       if (parameters[key] || parameters[key] === 0) {
  26.         canonicalizedResource += `=${parameters[key]}`;
  27.       }
  28.       separatorString = '&';
  29.     };
  30.     Object.keys(parameters).sort().forEach(processFunc);
  31.   }
  32. 

  33.   return canonicalizedResource;
  34. };
  35. 

  36. /**
  37.  * @param {String} method
  38.  * @param {String} resourcePath
  39.  * @param {Object} request
  40.  * @param {String} expires
  41.  * @return {String} canonicalString
  42.  */
  43. exports.buildCanonicalString = function canonicalString(method, resourcePath, request, expires) {
  44.   request = request || {};
  45.   const headers = lowercaseKeyHeader(request.headers);
  46.   const OSS_PREFIX = 'x-oss-';
  47.   const ossHeaders = [];
  48.   const headersToSign = {};
  49. 

  50.   let signContent = [
  51.     method.toUpperCase(),
  52.     headers['content-md5'] || '',
  53.     headers['content-type'],
  54.     expires || headers['x-oss-date']
  55.   ];
  56. 

  57.   Object.keys(headers).forEach(key => {
  58.     const lowerKey = key.toLowerCase();
  59.     if (lowerKey.indexOf(OSS_PREFIX) === 0) {
  60.       headersToSign[lowerKey] = String(headers[key]).trim();
  61.     }
  62.   });
  63. 

  64.   Object.keys(headersToSign)
  65.     .sort()
  66.     .forEach(key => {
  67.       ossHeaders.push(`${key}:${headersToSign[key]}`);
  68.     });
  69. 

  70.   signContent = signContent.concat(ossHeaders);
  71. 

  72.   signContent.push(this.buildCanonicalizedResource(resourcePath, request.parameters));
  73. 

  74.   return signContent.join('\n');
  75. };
  76. 

  77. /**
  78.  * @param {String} accessKeySecret
  79.  * @param {String} canonicalString
  80.  */
  81. exports.computeSignature = function computeSignature(accessKeySecret, canonicalString, headerEncoding = 'utf-8') {
  82.   const signature = crypto.createHmac('sha1', accessKeySecret);
  83.   return signature.update(Buffer.from(canonicalString, headerEncoding)).digest('base64');
  84. };
  85. 

  86. /**
  87.  * @param {String} accessKeyId
  88.  * @param {String} accessKeySecret
  89.  * @param {String} canonicalString
  90.  */
  91. exports.authorization = function authorization(accessKeyId, accessKeySecret, canonicalString, headerEncoding) {
  92.   return `OSS ${accessKeyId}:${this.computeSignature(accessKeySecret, canonicalString, headerEncoding)}`;
  93. };
  94. 

  95. /**
  96.  * @param {string[]} [additionalHeaders]
  97.  * @returns {string[]}
  98.  */
  99. exports.fixAdditionalHeaders = additionalHeaders => {
  100.   if (!additionalHeaders) {
  101.     return [];
  102.   }
  103. 

  104.   const OSS_PREFIX = 'x-oss-';
  105. 

  106.   return [...new Set(additionalHeaders.map(v => v.toLowerCase()))]
  107.     .filter(v => {
  108.       return v !== 'content-type' && v !== 'content-md5' && !v.startsWith(OSS_PREFIX);
  109.     })
  110.     .sort();
  111. };
  112. 

  113. /**
  114.  * @param {string} method
  115.  * @param {Object} request
  116.  * @param {Object} request.headers
  117.  * @param {Object} [request.queries]
  118.  * @param {string} [bucketName]
  119.  * @param {string} [objectName]
  120.  * @param {string[]} [additionalHeaders] additional headers after deduplication, lowercase and sorting
  121.  * @returns {string}
  122.  */
  123. exports.getCanonicalRequest = function getCanonicalRequest(method, request, bucketName, objectName, additionalHeaders) {
  124.   const headers = lowercaseKeyHeader(request.headers);
  125.   const queries = request.queries || {};
  126.   const OSS_PREFIX = 'x-oss-';
  127. 

  128.   if (objectName && !bucketName) {
  129.     throw Error('Please ensure that bucketName is passed into getCanonicalRequest.');
  130.   }
  131. 

  132.   const signContent = [
  133.     method.toUpperCase(), // HTTP Verb

  134.     encodeString(`/${bucketName ? `${bucketName}/` : ''}${objectName || ''}`).replace(/%2F/g, '/') // Canonical URI

  135.   ];
  136. 

  137.   // Canonical Query String

  138.   signContent.push(
  139.     qs.stringify(queries, {
  140.       encoder: encodeString,
  141.       sort: (a, b) => a.localeCompare(b),
  142.       strictNullHandling: true
  143.     })
  144.   );
  145. 

  146.   // Canonical Headers

  147.   if (additionalHeaders) {
  148.     additionalHeaders.forEach(v => {
  149.       if (!Object.prototype.hasOwnProperty.call(headers, v)) {
  150.         throw Error(`Can't find additional header ${v} in request headers.`);
  151.       }
  152.     });
  153.   }
  154. 

  155.   const tempHeaders = new Set(additionalHeaders);
  156. 

  157.   Object.keys(headers).forEach(v => {
  158.     if (v === 'content-type' || v === 'content-md5' || v.startsWith(OSS_PREFIX)) {
  159.       tempHeaders.add(v);
  160.     }
  161.   });
  162. 

  163.   const canonicalHeaders = `${[...tempHeaders]
  164.     .sort()
  165.     .map(v => `${v}:${is.string(headers[v]) ? headers[v].trim() : headers[v]}\n`)
  166.     .join('')}`;

  167. 

  168.   signContent.push(canonicalHeaders);
  169. 

  170.   // Additional Headers

  171.   if (additionalHeaders.length > 0) {
  172.     signContent.push(additionalHeaders.join(';'));
  173.   } else {
  174.     signContent.push('');
  175.   }
  176. 

  177.   // Hashed Payload

  178.   signContent.push(headers['x-oss-content-sha256'] || 'UNSIGNED-PAYLOAD');
  179. 

  180.   return signContent.join('\n');
  181. };
  182. 

  183. /**
  184.  * @param {string} region Standard region, e.g. cn-hangzhou
  185.  * @param {string} date ISO8601 UTC:yyyymmdd'T'HHMMss'Z'
  186.  * @param {string} canonicalRequest
  187.  * @returns {string}
  188.  */
  189. exports.getStringToSign = function getStringToSign(region, date, canonicalRequest) {
  190.   const stringToSign = [
  191.     'OSS4-HMAC-SHA256',
  192.     date, // TimeStamp

  193.     `${date.split('T')[0]}/${region}/oss/aliyun_v4_request`, // Scope

  194.     crypto.createHash('sha256').update(canonicalRequest).digest('hex') // Hashed Canonical Request

  195.   ];
  196. 

  197.   return stringToSign.join('\n');
  198. };
  199. 

  200. /**
  201.  * @param {String} accessKeySecret
  202.  * @param {string} date yyyymmdd
  203.  * @param {string} region Standard region, e.g. cn-hangzhou
  204.  * @param {string} stringToSign
  205.  * @returns {string}
  206.  */
  207. exports.getSignatureV4 = function getSignatureV4(accessKeySecret, date, region, stringToSign) {
  208.   const signingDate = crypto.createHmac('sha256', `aliyun_v4${accessKeySecret}`).update(date).digest();
  209.   const signingRegion = crypto.createHmac('sha256', signingDate).update(region).digest();
  210.   const signingOss = crypto.createHmac('sha256', signingRegion).update('oss').digest();
  211.   const signingKey = crypto.createHmac('sha256', signingOss).update('aliyun_v4_request').digest();
  212.   const signatureValue = crypto.createHmac('sha256', signingKey).update(stringToSign).digest('hex');
  213. 

  214.   return signatureValue;
  215. };
  216. 

  217. /**
  218.  * @param {String} accessKeyId
  219.  * @param {String} accessKeySecret
  220.  * @param {string} region Standard region, e.g. cn-hangzhou
  221.  * @param {string} method
  222.  * @param {Object} request
  223.  * @param {Object} request.headers
  224.  * @param {Object} [request.queries]
  225.  * @param {string} [bucketName]
  226.  * @param {string} [objectName]
  227.  * @param {string[]} [additionalHeaders]
  228.  * @param {string} [headerEncoding='utf-8']
  229.  * @returns {string}
  230.  */
  231. exports.authorizationV4 = function authorizationV4(
  232.   accessKeyId,
  233.   accessKeySecret,
  234.   region,
  235.   method,
  236.   request,
  237.   bucketName,
  238.   objectName,
  239.   additionalHeaders,
  240.   headerEncoding = 'utf-8'
  241. ) {
  242.   const fixedAdditionalHeaders = this.fixAdditionalHeaders(additionalHeaders);
  243.   const fixedHeaders = {};
  244.   Object.entries(request.headers).forEach(v => {
  245.     fixedHeaders[v[0]] = is.string(v[1]) ? Buffer.from(v[1], headerEncoding).toString() : v[1];
  246.   });
  247.   const date = fixedHeaders['x-oss-date'] || (request.queries && request.queries['x-oss-date']);
  248.   const canonicalRequest = this.getCanonicalRequest(
  249.     method,
  250.     {
  251.       headers: fixedHeaders,
  252.       queries: request.queries
  253.     },
  254.     bucketName,
  255.     objectName,
  256.     fixedAdditionalHeaders
  257.   );
  258.   const stringToSign = this.getStringToSign(region, date, canonicalRequest);
  259.   const onlyDate = date.split('T')[0];
  260.   const signatureValue = this.getSignatureV4(accessKeySecret, onlyDate, region, stringToSign);
  261.   const additionalHeadersValue =
  262.     fixedAdditionalHeaders.length > 0 ? `AdditionalHeaders=${fixedAdditionalHeaders.join(';')},` : '';
  263. 

  264.   return `OSS4-HMAC-SHA256 Credential=${accessKeyId}/${onlyDate}/${region}/oss/aliyun_v4_request,${additionalHeadersValue}Signature=${signatureValue}`;
  265. };
  266. 

  267. /**
  268.  *
  269.  * @param {String} accessKeySecret
  270.  * @param {Object} options
  271.  * @param {String} resource
  272.  * @param {Number} expires
  273.  */
  274. exports._signatureForURL = function _signatureForURL(accessKeySecret, options = {}, resource, expires, headerEncoding) {
  275.   const headers = {};
  276.   const { subResource = {} } = options;
  277. 

  278.   if (options.process) {
  279.     const processKeyword = 'x-oss-process';
  280.     subResource[processKeyword] = options.process;
  281.   }
  282. 

  283.   if (options.trafficLimit) {
  284.     const trafficLimitKey = 'x-oss-traffic-limit';
  285.     subResource[trafficLimitKey] = options.trafficLimit;
  286.   }
  287. 

  288.   if (options.response) {
  289.     Object.keys(options.response).forEach(k => {
  290.       const key = `response-${k.toLowerCase()}`;
  291.       subResource[key] = options.response[k];
  292.     });
  293.   }
  294. 

  295.   Object.keys(options).forEach(key => {
  296.     const lowerKey = key.toLowerCase();
  297.     const value = options[key];
  298.     if (lowerKey.indexOf('x-oss-') === 0) {
  299.       headers[lowerKey] = value;
  300.     } else if (lowerKey.indexOf('content-md5') === 0) {
  301.       headers[key] = value;
  302.     } else if (lowerKey.indexOf('content-type') === 0) {
  303.       headers[key] = value;
  304.     }
  305.   });
  306. 

  307.   if (Object.prototype.hasOwnProperty.call(options, 'security-token')) {
  308.     subResource['security-token'] = options['security-token'];
  309.   }
  310. 

  311.   if (Object.prototype.hasOwnProperty.call(options, 'callback')) {
  312.     const json = {
  313.       callbackUrl: encodeURI(options.callback.url),
  314.       callbackBody: options.callback.body
  315.     };
  316.     if (options.callback.host) {
  317.       json.callbackHost = options.callback.host;
  318.     }
  319.     if (options.callback.contentType) {
  320.       json.callbackBodyType = options.callback.contentType;
  321.     }
  322.     if (options.callback.callbackSNI) {
  323.       json.callbackSNI = options.callback.callbackSNI;
  324.     }
  325.     subResource.callback = Buffer.from(JSON.stringify(json)).toString('base64');
  326. 

  327.     if (options.callback.customValue) {
  328.       const callbackVar = {};
  329.       Object.keys(options.callback.customValue).forEach(key => {
  330.         callbackVar[`x:${key}`] = options.callback.customValue[key];
  331.       });
  332.       subResource['callback-var'] = Buffer.from(JSON.stringify(callbackVar)).toString('base64');
  333.     }
  334.   }
  335. 

  336.   const canonicalString = this.buildCanonicalString(
  337.     options.method,
  338.     resource,
  339.     {
  340.       headers,
  341.       parameters: subResource
  342.     },
  343.     expires.toString()
  344.   );
  345. 

  346.   return {
  347.     Signature: this.computeSignature(accessKeySecret, canonicalString, headerEncoding),
  348.     subResource
  349.   };
  350. };