diff --git a/osssendfile-rs/src/main.rs b/osssendfile-rs/src/main.rs
index 958e420..cfc1b91 100755
--- a/osssendfile-rs/src/main.rs
+++ b/osssendfile-rs/src/main.rs
@@ -34,9 +34,7 @@ use std::fs::File;
 use std::io::{ErrorKind, Read, Write};
 use std::path::PathBuf;
 use std::{fs, io};
-use std::fmt::format;
 use std::process::Command;
-use std::str::FromStr;
 use tokio::fs::File as TokioFile;
 use tokio_util::bytes::BytesMut;
 use tokio_util::codec::{Decoder, FramedRead};
@@ -168,25 +166,28 @@ async fn main() -> XResult<()> {
     information!("Get STS success");
 
     let mut pending_remove_file = None::<String>;
-    let source_file = args.file.clone(); // TODO
+    let mut source_file = args.file.clone();
 
     let metadata = fs::metadata(&source_file)?;
-    let filename = source_file.file_name().unwrap().to_str().unwrap();
-    let filename_ext = get_filename_ext(filename);
+    let filename = source_file.file_name().unwrap().to_str().unwrap().to_string();
 
     let temp_zip_file = format!("{}.zip", filename);
     if metadata.is_dir() {
-        // TODO check temp_zip_file exists
+        if let Ok(_) = fs::metadata(&temp_zip_file) {
+            return simple_error!("File {} exists", temp_zip_file);
+        }
         match zip_dir(&temp_zip_file, source_file.to_str().unwrap()) {
             Ok(_) => {
                 information!("Zip {} to {} success", source_file.display(), temp_zip_file);
-                // TODO source_file = PathBuf::from_str(&temp_zip_file)?;
+                  source_file = PathBuf::from(temp_zip_file.clone());
                 pending_remove_file = Some(temp_zip_file.clone());
             }
             Err(e) => return simple_error!("Zip {} to {} failed: {}", source_file.display(), temp_zip_file, e),
         }
     }
 
+    let filename = source_file.file_name().unwrap().to_str().unwrap().to_string();
+    let filename_ext = get_filename_ext(&filename);
     let temp_file = match source_file.parent() {
         None => PathBuf::from(format!("{}.tmp", filename)),
         Some(parent_source_file) => {
@@ -238,7 +239,7 @@ async fn main() -> XResult<()> {
     let send_file_response = send_file(&client,
                                        &oss_send_file_config.token,
                                        &object_url,
-                                       &args.filename.clone().unwrap_or_else(|| get_filename(filename)),
+                                       &args.filename.clone().unwrap_or_else(|| get_filename(&filename)),
                                        args.keywords.as_deref().unwrap_or(""),
                                        temp_key).await?;
     information!("Send URL success, file id: {}", &send_file_response.id);
@@ -404,7 +405,7 @@ async fn request_sts_via_oidc(client: &Client, oidc_config: &OidcConfig) -> XRes
 
 #[derive(Debug, Deserialize)]
 struct StsTokenForAssumeRoleByKeyResponse {
-    pub mode: String,
+    // pub mode: String,
     pub expiration: String,
     pub access_key_id: String,
     pub access_key_secret: String,
@@ -415,7 +416,7 @@ struct StsTokenForAssumeRoleByKeyResponse {
 struct AssumeRoleByKeyResponse {
     pub status: i32,
     pub message: Option<String>,
-    pub data: StsTokenForAssumeRoleByKeyResponse,
+    pub data: Option<StsTokenForAssumeRoleByKeyResponse>,
 }
 
 async fn request_sts_via_pkcs7(client: &Client, role_arn: &str) -> XResult<Sts> {
@@ -431,15 +432,17 @@ async fn request_sts_via_pkcs7(client: &Client, role_arn: &str) -> XResult<Sts>
         return simple_error!("Assume role by key failed, status: {}", assumed_role_response.status());
     }
 
-    let assumed_role: AssumeRoleByKeyResponse = serde_json::from_str(&assumed_role_response.text().await?)?;
+    let assume_role_json = assumed_role_response.text().await?;
+    let assumed_role: AssumeRoleByKeyResponse = serde_json::from_str(&assume_role_json)?;
     if assumed_role.status != 200 {
         return simple_error!("Assume role by key failed, response: {:?}", assumed_role);
     }
-    Ok(Sts{
-        access_key_id: assumed_role.data.access_key_id,
-        access_key_secret: assumed_role.data.access_key_secret,
-        expiration: assumed_role.data.expiration,
-        security_token: assumed_role.data.sts_token,
+    let data = assumed_role.data.unwrap();
+    Ok(Sts {
+        access_key_id: data.access_key_id,
+        access_key_secret: data.access_key_secret,
+        expiration: data.expiration,
+        security_token: data.sts_token,
     })
 }
 
@@ -500,14 +503,14 @@ fn zip_dir(temp_zip_file: &str, target: &str) -> XResult<()> {
 #[derive(Debug, Serialize)]
 struct AlibabaCloudInstanceIdentityAudienceMeta {
     pub ver: i32,
-    iat: i64,
-    exp: i64,
-    aud: String,
-    jti: String,
+    pub iat: i64,
+    pub exp: i64,
+    pub aud: String,
+    pub jti: String,
 }
 
 async fn fetch_alibaba_cloud_instance_identity_v1(client: &Client, audience: &str) -> XResult<String> {
-    let instance_identity_token = client.get(INSTANCE_IDENTITY_TOKEN)
+    let instance_identity_token = client.put(INSTANCE_IDENTITY_TOKEN)
         .header(INSTANCE_IDENTITY_TTL, "60")
         .send()
         .await?;
@@ -538,5 +541,5 @@ async fn fetch_alibaba_cloud_instance_identity_v1(client: &Client, audience: &st
     Ok(pkcs7)
 }
 
-// @SCRIPT-SIGNATURE-V1: yk-r1.ES256.20251015T193822+08:00.MEYCIQCHVvU0SXeLuxIAD19G
-// PbuX9ZsYWBpsHL2aSo7MeelVhAIhAPMrEXIaiyaEDB8YtQfun1Sb+nwiAUeJvIOc9pKd5NwM
+// @SCRIPT-SIGNATURE-V1: yk-r1.ES256.20260315T233039+08:00.MEQCIFBq1TNXxRp+k11NmKe2
+// lF+Q4aMOZHEB9Z6jF4rkJdSAAiALEgUf4c5HIF7P3I2FW6tjyV0I5jbC4oZUdxw0NvL1Yg==
diff --git a/script-meta-v2.json b/script-meta-v2.json
index 9503d39..5fe1190 100644
--- a/script-meta-v2.json
+++ b/script-meta-v2.json
@@ -90,11 +90,11 @@
   },
   "osssendfile.rs": {
     "script_name": "osssendfile.rs",
-    "script_length": 14876,
-    "script_sha256": "a16d5f0d2da9f4c034a42ff7bb4caa434cc2673fd8f882fbb23dd16c21f18afa",
+    "script_length": 20431,
+    "script_sha256": "ef1ff0e0f9f3edff3eb1a9e1df8bef38f2bc506456a07dc292e52d8510a6d800",
     "script_full_url": "https://git.hatter.ink/rust-scripts/scriptbase/raw/branch/main/osssendfile-rs/src/main.rs",
     "publish_time": 1737272563311,
-    "update_time": 1760528318233
+    "update_time": 1773588679914
   },
   "post.rs": {
     "script_name": "post.rs",
diff --git a/script-meta.json b/script-meta.json
index c31201f..2932702 100644
--- a/script-meta.json
+++ b/script-meta.json
@@ -51,8 +51,8 @@
   },
   "osssendfile-rs": {
     "script_name": "osssendfile-rs",
-    "script_length": 14876,
-    "script_sha256": "a16d5f0d2da9f4c034a42ff7bb4caa434cc2673fd8f882fbb23dd16c21f18afa"
+    "script_length": 20431,
+    "script_sha256": "ef1ff0e0f9f3edff3eb1a9e1df8bef38f2bc506456a07dc292e52d8510a6d800"
   },
   "post-rs": {
     "script_name": "post-rs",