Class: Aliyun::Oss::Authorization

Inherits:

Object

• Object
• Aliyun::Oss::Authorization

Defined in:

lib/aliyun/oss/authorization.rb

Constant Summary

PROVIDER =

'OSS'

OVERRIDE_RESPONSE_LIST =

%w(
response-content-type response-content-language response-cache-control
logging response-content-encoding acl uploadId uploads partNumber group
link delete website location objectInfo response-expires
response-content-disposition cors lifecycle restore qos referer append
position)

Class Method Summary

• .concat_content_string(verb, time, options = {}) ⇒ Object
• .get_authorization(access_key, secret_key, options = {}) ⇒ String

  Get authorization key.

• .get_base64_policy(policy) ⇒ String

  Get base64 encoded string, used to fill policy field.

• .get_cononicalized_oss_headers(headers) ⇒ Object
• .get_cononicalized_resource(bucket, key, query) ⇒ Object
• .get_policy_signature(secret_key, policy) ⇒ String

  Get Signature for policy.

• .get_temporary_signature(secret_key, expire_time, options = {}) ⇒ String

  Get temporary Signature.

• .join_values(verb, time, headers, conon_headers, conon_resource) ⇒ Object
• .signature(secret_key, content_string) ⇒ Object

Class Method Details

.concat_content_string(verb, time, options = {}) ⇒ Object

# File 'lib/aliyun/oss/authorization.rb', line 83

def self.concat_content_string(verb, time, options = {})
  headers = options.fetch(:headers, {})

  conon_headers = get_cononicalized_oss_headers(headers)
  conon_resource = get_cononicalized_resource(
    *options.values_at(:bucket, :key, :query)
  )

  join_values(verb, time, headers, conon_headers, conon_resource)
end

.get_authorization(access_key, secret_key, options = {}) ⇒ String

Get authorization key

Parameters:

• access_key (String) —

  Access Key

• secret_key (String) —

  Secret Key

• options (Hash) (defaults to: {}) —

  Options

Options Hash (options):

• :verb (String) —

  VERB, request method

• :date (String) —

  Request Time in formate: ‘%a, %d %b %Y %H:%M:%S GMT’

• :bucket (String) —

  Bucket Name

• :key (String) —

  Object Name

• :query (Hash) —

  Query key-value pair

• :headers (Hash) —

  Headers

Returns:

• (String) —

  the authorization string

See Also:

• Authorization}

# File 'lib/aliyun/oss/authorization.rb', line 77

def self.get_authorization(access_key, secret_key, options = {})
  content_string = concat_content_string(options[:verb], options[:date], options)
  signature_string = signature(secret_key, content_string)
  "#{PROVIDER} #{access_key}:#{signature_string.strip}"
end

.get_base64_policy(policy) ⇒ String

Get base64 encoded string, used to fill policy field

Parameters:

• policy (Hash) —

  Policy Detail

Returns:

• (String)

See Also:

• Post Object}

# File 'lib/aliyun/oss/authorization.rb', line 44

def self.get_base64_policy(policy)
  Base64.encode64(JSON.generate(policy).force_encoding('utf-8')).delete("\n")
end

.get_cononicalized_oss_headers(headers) ⇒ Object

# File 'lib/aliyun/oss/authorization.rb', line 115

def self.get_cononicalized_oss_headers(headers)
  oss_headers = (headers || {}).select do |key, _|
    key.to_s.downcase.start_with?('x-oss-')
  end
  return if oss_headers.empty?

  oss_headers.keys.sort.map do |key|
    "#{key.downcase}:#{oss_headers[key]}"
  end.join("\n") + "\n"
end

.get_cononicalized_resource(bucket, key, query) ⇒ Object

# File 'lib/aliyun/oss/authorization.rb', line 126

def self.get_cononicalized_resource(bucket, key, query)
  conon_resource = '/'
  conon_resource += "#{bucket}/" if bucket
  conon_resource += key if key
  return conon_resource if query.nil? || query.empty?

  query_str = query.keys.select { |k| OVERRIDE_RESPONSE_LIST.include?(k) }
              .sort.map { |k| "#{k}=#{query[k]}" }.join('&')

  query_str.empty? ? conon_resource : conon_resource + '?' + query_str
end

.get_policy_signature(secret_key, policy) ⇒ String

Get Signature for policy

Parameters:

• secret_key (String) —

  Secret Key

• policy (Hash) —

  Policy Detail

Returns:

• (String)

See Also:

• {https://docs.aliyun.com/#/pub/oss/api-reference/object&PostObject}

# File 'lib/aliyun/oss/authorization.rb', line 56

def self.get_policy_signature(secret_key, policy)
  signature(secret_key, get_base64_policy(policy)).strip
end

.get_temporary_signature(secret_key, expire_time, options = {}) ⇒ String

Get temporary Signature

Parameters:

• secret_key (String) —

  Secret Key

• expire_time (Integer) —

  the number of seconds since January 1, 1970 UTC. used to specified expired time

• options (Hash) (defaults to: {}) —

  other options

Options Hash (options):

• :key (String) —

  the object name

• :bucket (String) —

  bucket name

• :verb, (String) —

  Request Method

• :query (Hash) —

  Query Params

• :headers (Hash) —

  Headers Params

Returns:

• (String)

See Also:

• Tempoorary Signature}

# File 'lib/aliyun/oss/authorization.rb', line 32

def self.get_temporary_signature(secret_key, expire_time, options = {})
  content_string = concat_content_string(options[:verb], expire_time, options)
  CGI.escape(signature(secret_key, content_string).strip)
end

.join_values(verb, time, headers, conon_headers, conon_resource) ⇒ Object

# File 'lib/aliyun/oss/authorization.rb', line 94

def self.join_values(verb, time, headers, conon_headers, conon_resource)
  [
    verb,
    headers['Content-MD5'].to_s.strip,
    headers['Content-Type'].to_s.strip,
    time,
    conon_headers
  ].join("\n") + conon_resource
end

.signature(secret_key, content_string) ⇒ Object

# File 'lib/aliyun/oss/authorization.rb', line 104

def self.signature(secret_key, content_string)
  utf8_string = content_string.force_encoding('utf-8')
  Base64.encode64(
    OpenSSL::HMAC.digest(
      OpenSSL::Digest::SHA1.new,
      secret_key,
      utf8_string
    )
  )
end