Module: Qiniu::Auth
- Defined in:
- lib/qiniu/auth.rb
Defined Under Namespace
Classes: PutPolicy
Constant Summary collapse
- DEFAULT_AUTH_SECONDS =
3600
- EMPTY_ARGS =
{}
Class Method Summary collapse
-
.authorize_download_url(url, args = EMPTY_ARGS) ⇒ Object
生成下载授权URL.
-
.authorize_download_url_2(domain, key, args = EMPTY_ARGS) ⇒ Object
对包含中文或其它 utf-8 字符的 Key 做下载授权.
- .calculate_deadline(expires_in, deadline = nil) ⇒ Object
-
.generate_acctoken(url, body = '') ⇒ Object
authorize_download_url_2.
-
.generate_uptoken(put_policy) ⇒ Object
generate_acctoken.
Class Method Details
.authorize_download_url(url, args = EMPTY_ARGS) ⇒ Object
生成下载授权URL
138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 |
# File 'lib/qiniu/auth.rb', line 138 def (url, args = EMPTY_ARGS) ### 提取AK/SK信息 access_key = Config.settings[:access_key] secret_key = Config.settings[:secret_key] download_url = url ### URL变换:追加FOP指令 if args[:fop].is_a?(String) && args[:fop] != '' then if download_url.index('?').is_a?(Fixnum) then # 已有参数 download_url = "#{download_url}&#{args[:fop]}" else # 尚无参数 download_url = "#{download_url}?#{args[:fop]}" end end ### 授权期计算 e = Auth.calculate_deadline(args[:expires_in], args[:deadline]) ### URL变换:追加授权期参数 if download_url.index('?').is_a?(Fixnum) then # 已有参数 download_url = "#{download_url}&e=#{e}" else # 尚无参数 download_url = "#{download_url}?e=#{e}" end ### 生成数字签名 sign = HMAC::SHA1.new(secret_key).update(download_url).digest encoded_sign = Utils.urlsafe_base64_encode(sign) ### 生成下载授权凭证 dntoken = "#{access_key}:#{encoded_sign}" ### 返回下载授权URL return "#{download_url}&token=#{dntoken}" end |
.authorize_download_url_2(domain, key, args = EMPTY_ARGS) ⇒ Object
对包含中文或其它 utf-8 字符的 Key 做下载授权
180 181 182 183 184 185 186 187 188 189 190 191 192 |
# File 'lib/qiniu/auth.rb', line 180 def (domain, key, args = EMPTY_ARGS) url_encoded_key = CGI::escape(key) schema = args[:schema] || "http" port = args[:port] if port.nil? then download_url = "#{schema}://#{domain}/#{url_encoded_key}" else download_url = "#{schema}://#{domain}:#{port}/#{url_encoded_key}" end return (download_url, args) end |
.calculate_deadline(expires_in, deadline = nil) ⇒ Object
15 16 17 18 19 20 21 22 23 24 25 26 27 |
# File 'lib/qiniu/auth.rb', line 15 def calculate_deadline(expires_in, deadline = nil) ### 授权期计算 if expires_in.is_a?(Integer) && expires_in > 0 then # 指定相对时间,单位:秒 return Time.now.to_i + expires_in elsif deadline.is_a?(Integer) then # 指定绝对时间,常用于调试和单元测试 return deadline end # 默认授权期1小时 return Time.now.to_i + DEFAULT_AUTH_SECONDS end |
.generate_acctoken(url, body = '') ⇒ Object
authorize_download_url_2
194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 |
# File 'lib/qiniu/auth.rb', line 194 def generate_acctoken(url, body = '') ### 提取AK/SK信息 access_key = Config.settings[:access_key] secret_key = Config.settings[:secret_key] ### 解析URL,生成待签名字符串 uri = URI.parse(url) signing_str = uri.path # 如有QueryString部分,则需要加上 query_string = uri.query if query_string.is_a?(String) && !query_string.empty? signing_str += '?' + query_string end # 追加换行符 signing_str += "\n" # 如果有Body,则也加上 # (仅限于mime == "application/x-www-form-urlencoded"的情况) if body.is_a?(String) && !body.empty? signing_str += body end ### 生成数字签名 sign = HMAC::SHA1.new(secret_key).update(signing_str).digest encoded_sign = Utils.urlsafe_base64_encode(sign) ### 生成管理授权凭证 acctoken = "#{access_key}:#{encoded_sign}" ### 返回管理授权凭证 return acctoken end |
.generate_uptoken(put_policy) ⇒ Object
generate_acctoken
229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 |
# File 'lib/qiniu/auth.rb', line 229 def generate_uptoken(put_policy) ### 提取AK/SK信息 access_key = Config.settings[:access_key] secret_key = Config.settings[:secret_key] ### 生成待签名字符串 encoded_put_policy = Utils.urlsafe_base64_encode(put_policy.to_json) ### 生成数字签名 sign = HMAC::SHA1.new(secret_key).update(encoded_put_policy).digest encoded_sign = Utils.urlsafe_base64_encode(sign) ### 生成上传授权凭证 uptoken = "#{access_key}:#{encoded_sign}:#{encoded_put_policy}" ### 返回上传授权凭证 return uptoken end |