hatter/oss-backupd
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

oss get signed url ok now

Browse Source
This commit is contained in:
Hatter Jiang
2019-11-24 23:59:36 +08:00
parent d370cd29e0
commit 2108be4b3e
2 changed files with 66 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Cargo.toml
View File

@@ -10,6 +10,8 @@ edition = "2018"
argparse = "0.2.2"
rust-crypto = "0.2.36"
indicatif = "0.13.0"
urlencoding = "1.0.0"
base64 = "0.11.0"
rust_util = { git = "https://github.com/jht5945/rust_util" }

83
src/main.rs
View File

@@ -1,38 +1,83 @@
use std::{
time::SystemTime,
};
use crypto::{
mac::{
Mac,
MacResult,
},
hmac::Hmac,
sha1::Sha1,
};
pub const OSS_VERB_GET: &str = "GET";
pub struct OSSConfig {
pub endpoint: String,
pub access_key_id: String,
pub access_key_secret: String,
}
fn main() {
println!("Hello, world!");
println!("{}", generate_oss_signed_url("", "", "", "", "", 1_u64, true));
println!("{}", SystemTime::now().duration_since(SystemTime::UNIX_EPOCH).unwrap().as_secs());
println!("{}", generate_oss_signed_url("shanghai.aliyuncs.com", "aaa", "bbb", "aaaa", "b.txt", 1_u64, true));
}
// https://help.aliyun.com/document_detail/31952.html
// Signature = urlencode(base64(hmac-sha1(AccessKeySecret,
// VERB + "\n"
// + CONTENT-MD5 + "\n"
// + CONTENT-TYPE + "\n"
// + EXPIRES + "\n"
// + CanonicalizedOSSHeaders
// + CanonicalizedResource)))
// https://git.hatter.ink/hatter/oss-backupd/wiki/Signed-OSS-URL
fn generate_oss_signed_url(endpoint: &str, access_key_id: &str, access_key_secret: &str,
bucket_name: &str, key: &str, expire_in_seconds: u64, is_http: bool) -> String {
bucket_name: &str, key: &str, expire_in_seconds: u64, is_https: bool) -> String {
let mut signed_url = String::new();
signed_url.push_str(if is_http {
"http://"
} else {
"https://"
});
signed_url.push_str(if is_https { "https://" } else { "http://" });
signed_url.push_str(bucket_name);
signed_url.push_str(".");
signed_url.push_str(endpoint);
signed_url.push_str("/");
signed_url.push_str(key);
let current_secs = get_current_secs();
let expire_secs = current_secs + expire_in_seconds;
signed_url.push_str("?Expires=");
// TODO
signed_url.push_str(expire_secs.to_string().as_str());
signed_url.push_str("&OSSAccessKeyId=");
// TODO
signed_url.push_str(&urlencoding::encode(access_key_id));
signed_url.push_str("&Signature=");
// TODO
let to_be_signed = get_to_be_signed(OSS_VERB_GET, expire_secs, bucket_name, key);
let signature = to_base64(calc_hmac_sha1(access_key_secret.as_bytes(), to_be_signed.as_bytes()));
signed_url.push_str(&urlencoding::encode(signature.as_str()));
signed_url
}
}
fn to_base64(mac_result: MacResult) -> String {
base64::encode(mac_result.code())
}
fn calc_hmac_sha1(key: &[u8], message: &[u8]) -> MacResult {
let mut hmac = Hmac::new(Sha1::new(), key);
hmac.input(message);
hmac.result()
}
fn get_to_be_signed(verb: &str, expire_secs: u64, bucket_name: &str, key: &str) -> String {
let mut to_be_signed = String::new();
to_be_signed.push_str(verb);
to_be_signed.push_str("\n");
to_be_signed.push_str("\n");
to_be_signed.push_str("\n");
to_be_signed.push_str(expire_secs.to_string().as_str());
to_be_signed.push_str("\n");
to_be_signed.push_str("/");
to_be_signed.push_str(bucket_name);
to_be_signed.push_str("/");
to_be_signed.push_str(key);
to_be_signed
}
fn get_current_secs() -> u64 {
SystemTime::now().duration_since(SystemTime::UNIX_EPOCH).unwrap().as_secs()
}