Module: Qiniu::Auth

Defined in:

lib/qiniu/auth.rb

Defined Under Namespace

Classes: PutPolicy

Constant Summary

DEFAULT_AUTH_SECONDS =

3600

EMPTY_ARGS =

{}

Class Method Summary

• .authorize_download_url(url, args = EMPTY_ARGS) ⇒ Object

  生成下载授权URL.

• .authorize_download_url_2(domain, key, args = EMPTY_ARGS) ⇒ Object

  对包含中文或其它 utf-8 字符的 Key 做下载授权.

• .calculate_deadline(expires_in, deadline = nil) ⇒ Object
• .generate_acctoken(url, body = '') ⇒ Object

  authorize_download_url_2.

• .generate_uptoken(put_policy) ⇒ Object

  generate_acctoken.

Class Method Details

.authorize_download_url(url, args = EMPTY_ARGS) ⇒ Object

生成下载授权URL

# File 'lib/qiniu/auth.rb', line 138

def authorize_download_url(url, args = EMPTY_ARGS)
  ### 提取AK/SK信息
  access_key = Config.settings[:access_key]
  secret_key = Config.settings[:secret_key]

  download_url = url

  ### URL变换：追加FOP指令
  if args[:fop].is_a?(String) && args[:fop] != '' then
    if download_url.index('?').is_a?(Fixnum) then
      # 已有参数
      download_url = "#{download_url}&#{args[:fop]}"
    else
      # 尚无参数
      download_url = "#{download_url}?#{args[:fop]}"
    end
  end

  ### 授权期计算
  e = Auth.calculate_deadline(args[:expires_in], args[:deadline])

  ### URL变换：追加授权期参数
  if download_url.index('?').is_a?(Fixnum) then
    # 已有参数
    download_url = "#{download_url}&e=#{e}"
  else
    # 尚无参数
    download_url = "#{download_url}?e=#{e}"
  end

  ### 生成数字签名
  sign = HMAC::SHA1.new(secret_key).update(download_url).digest
  encoded_sign = Utils.urlsafe_base64_encode(sign)

  ### 生成下载授权凭证
  dntoken = "#{access_key}:#{encoded_sign}"

  ### 返回下载授权URL
  return "#{download_url}&token=#{dntoken}"
end

.authorize_download_url_2(domain, key, args = EMPTY_ARGS) ⇒ Object

对包含中文或其它 utf-8 字符的 Key 做下载授权

# File 'lib/qiniu/auth.rb', line 180

def authorize_download_url_2(domain, key, args = EMPTY_ARGS)
  url_encoded_key = CGI::escape(key)

  schema = args[:schema] || "http"
  port   = args[:port]

  if port.nil? then
    download_url = "#{schema}://#{domain}/#{url_encoded_key}"
  else
    download_url = "#{schema}://#{domain}:#{port}/#{url_encoded_key}"
  end
  return authorize_download_url(download_url, args)
end

.calculate_deadline(expires_in, deadline = nil) ⇒ Object

# File 'lib/qiniu/auth.rb', line 15

def calculate_deadline(expires_in, deadline = nil)
  ### 授权期计算
  if expires_in.is_a?(Integer) && expires_in > 0 then
    # 指定相对时间，单位：秒
    return Time.now.to_i + expires_in
  elsif deadline.is_a?(Integer) then
    # 指定绝对时间，常用于调试和单元测试
    return deadline
  end

  # 默认授权期1小时
  return Time.now.to_i + DEFAULT_AUTH_SECONDS
end

.generate_acctoken(url, body = '') ⇒ Object

authorize_download_url_2

# File 'lib/qiniu/auth.rb', line 194

def generate_acctoken(url, body = '')
  ### 提取AK/SK信息
  access_key = Config.settings[:access_key]
  secret_key = Config.settings[:secret_key]

  ### 解析URL，生成待签名字符串
  uri = URI.parse(url)
  signing_str = uri.path

  # 如有QueryString部分，则需要加上
  query_string = uri.query
  if query_string.is_a?(String) && !query_string.empty?
    signing_str += '?' + query_string
  end

  # 追加换行符
  signing_str += "\n"

  # 如果有Body，则也加上
  # （仅限于mime == "application/x-www-form-urlencoded"的情况）
  if body.is_a?(String) && !body.empty?
      signing_str += body
  end

  ### 生成数字签名
  sign = HMAC::SHA1.new(secret_key).update(signing_str).digest
  encoded_sign = Utils.urlsafe_base64_encode(sign)

  ### 生成管理授权凭证
  acctoken = "#{access_key}:#{encoded_sign}"

  ### 返回管理授权凭证
  return acctoken
end

.generate_uptoken(put_policy) ⇒ Object

generate_acctoken

# File 'lib/qiniu/auth.rb', line 229

def generate_uptoken(put_policy)
  ### 提取AK/SK信息
  access_key = Config.settings[:access_key]
  secret_key = Config.settings[:secret_key]

  ### 生成待签名字符串
  encoded_put_policy = Utils.urlsafe_base64_encode(put_policy.to_json)

  ### 生成数字签名
  sign = HMAC::SHA1.new(secret_key).update(encoded_put_policy).digest
  encoded_sign = Utils.urlsafe_base64_encode(sign)

  ### 生成上传授权凭证
  uptoken = "#{access_key}:#{encoded_sign}:#{encoded_put_policy}"

  ### 返回上传授权凭证
  return uptoken
end