hatter/alibabacloud-openapi-signature
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: updates

Browse Source
This commit is contained in:
Hatter Jiang
2023-09-03 17:43:24 +08:00
parent 7a838472fe
commit 5bfc8d2221
6 changed files with 141 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

102
src/v4/aliyun_util.rs
View File

@@ -1,17 +1,99 @@
use std::collections::BTreeMap;
use std::sync::atomic::{AtomicU64, Ordering};
use std::time::SystemTime;
use sm3::Digest;
use rand::random;
use crate::v4::access_key::DerivedAccessKey;
use crate::util::BTreeMapAddKv;
use crate::v4::access_key::{AccessKey, DerivedAccessKey};
use crate::v4::common_util::{join_slices, percent_encode};
use crate::v4::constant::{
ALIYUN_V4, ALIYUN_V4_REQUEST,
HEADER_CONTENT_TYPE,
HEADER_HOST, HEADER_X_ACS_PREFIX, REGION_CENTER,
};
use crate::v4::constant::{ALIYUN_V4, ALIYUN_V4_REQUEST, CONTENT_TYPE_APPLICATION_JSON, HEADER_ACCEPT, HEADER_AUTHORIZATION, HEADER_CONTENT_TYPE, HEADER_HOST, HEADER_USER_AGENT, HEADER_X_ACS_PREFIX, HEADER_X_ASC_ACCESS_KEY_ID, HEADER_X_ASC_ACTION, HEADER_X_ASC_CONTENT_SHA256, HEADER_X_ASC_CONTENT_SM3, HEADER_X_ASC_DATE, HEADER_X_ASC_SECURITY_TOKEN, HEADER_X_ASC_SIGNATURE_NONCE, HEADER_X_ASC_VERSION, REGION_CENTER};
use crate::v4::sign_algorithm::SignAlgorithm;
fn get_authorization(sign_algorithm: SignAlgorithm,
const SEQ: AtomicU64 = AtomicU64::new(0);
struct Request {
pub version: String,
pub action: String,
pub access_key: Option<AccessKey>,
pub user_agent: String,
pub sign_algorithm: SignAlgorithm,
pub headers: BTreeMap<String, String>,
pub stream: Option<Vec<u8>>,
}
fn add_common_headers(header: &mut BTreeMap<String, String>, request: &Request) {
header.insert_kv(HEADER_HOST, "endpoint"); // TODO
header.insert_kv(HEADER_X_ASC_VERSION, &request.version);
header.insert_kv(HEADER_X_ASC_ACTION, &request.action);
header.insert_kv(HEADER_USER_AGENT, &request.user_agent);
header.insert_kv(HEADER_X_ASC_DATE, get_timestamp());
header.insert_kv(HEADER_X_ASC_SIGNATURE_NONCE, get_nonce());
header.insert_kv(HEADER_ACCEPT, CONTENT_TYPE_APPLICATION_JSON);
// TODO BODY ...
match &request.sign_algorithm {
// TODO ...
SignAlgorithm::Sha256 => {
header.insert_kv(HEADER_X_ASC_CONTENT_SHA256, "");
}
SignAlgorithm::Sm3 => {
header.insert_kv(HEADER_X_ASC_CONTENT_SM3, "");
}
}
let query = BTreeMap::new();
if let Some(access_key) = &request.access_key {
if let Some(security_token) = &access_key.security_token {
header.insert_kv(HEADER_X_ASC_ACCESS_KEY_ID, &access_key.access_key_id);
header.insert_kv(HEADER_X_ASC_SECURITY_TOKEN, security_token);
}
let signing_key = get_signing_key(
&request.sign_algorithm,
&access_key.access_key_secret,
"yyyy-mm-dd",// TODO DATE,
"region", // TODO REGION
"product", // TODO PRODUCT
);
let derived_access_key = DerivedAccessKey {
access_key_id: access_key.access_key_id.clone(),
derived_access_key_secret: signing_key,
};
let authorization = get_authorization(
&request.sign_algorithm,
&derived_access_key,
"yyyy-mm-dd",// TODO DATE,
"region", // TODO REGION
"product", // TODO PRODUCT
"pathname", // TODO pathname
"method", // TODO method
&query,
header,
"payload", // TODO payload
);
header.insert_kv(HEADER_AUTHORIZATION, authorization);
}
}
fn get_timestamp() -> String {
// TODO ...
"yyyy-mm-dd".into()
}
fn get_nonce() -> String {
let seq = SEQ.fetch_add(1, Ordering::Relaxed);
let now = SystemTime::now();
let rand_bytes: [u8; 32] = random();
let seed = format!("{}-{:?}-{:?}", seq, now, rand_bytes);
"nonce-".to_string() + &SignAlgorithm::Sha256.digest(seed.as_bytes())
}
fn get_authorization(sign_algorithm: &SignAlgorithm,
access_key: &DerivedAccessKey,
date: &str, region: &str, product: &str,
pathname: &str,
@@ -40,7 +122,7 @@ fn get_authorization(sign_algorithm: SignAlgorithm,
authorization
}
fn get_signature(sign_algorithm: SignAlgorithm,
fn get_signature(sign_algorithm: &SignAlgorithm,
signing_key: &[u8],
pathname: &str,
method: &str,
@@ -73,7 +155,7 @@ fn get_signature(sign_algorithm: SignAlgorithm,
hex::encode(sign_algorithm.hmac_sign(string_to_sign.as_bytes(), signing_key))
}
fn get_signing_key(sign_algorithm: SignAlgorithm, secret: &str, date: &str, region: &str, product: &str) -> Vec<u8> {
fn get_signing_key(sign_algorithm: &SignAlgorithm, secret: &str, date: &str, region: &str, product: &str) -> Vec<u8> {
let sc1 = join_slices(ALIYUN_V4.as_bytes(), secret.as_bytes());
let sc2 = sign_algorithm.hmac_sign(date.as_bytes(), &sc1);
let sc3 = sign_algorithm.hmac_sign(region.as_bytes(), &sc2);