Class: QingStor::SDK::Signer

Inherits:

Object

• Object
• QingStor::SDK::Signer

Defined in:

lib/qingstor/sdk/request/signer.rb

Class Method Summary

• .canonicalized_headers(input) ⇒ Object
• .canonicalized_resource(input) ⇒ Object
• .query_signature(input, expires) ⇒ Object
• .query_string_to_sign(input, expires) ⇒ Object
• .sign(input) ⇒ Object
• .sign_query(input, expires) ⇒ Object
• .signature(input) ⇒ Object
• .string_to_sign(input) ⇒ Object
• .sub_resource?(key) ⇒ Boolean

Class Method Details

.canonicalized_headers(input) ⇒ Object

# File 'lib/qingstor/sdk/request/signer.rb', line 83

def self.canonicalized_headers(input)
  h = {}
  input[:request_headers].each { |k, v| h[k.to_s.strip.downcase] = v.to_s.strip }
  h.keys.sort.select { |k| k.start_with? 'x-qs-' }.map { |k| "#{k}:#{h[k]}\n" }.join ''
end

.canonicalized_resource(input) ⇒ Object

# File 'lib/qingstor/sdk/request/signer.rb', line 89

def self.canonicalized_resource(input)
  params = input[:request_params].keys.sort.map { |k|
    if sub_resource? k.to_s
      v = input[:request_params][k].to_s.strip
      !v.nil? && v != '' ? "#{k}=#{CGI.unescape v}" : k
    end
  }.compact.join '&'
  params = input[:request_uri].include?('?') ? "&#{params}" : "?#{params}" if params != ''
  "#{input[:request_uri]}#{params}"
end

.query_signature(input, expires) ⇒ Object

# File 'lib/qingstor/sdk/request/signer.rb', line 54

def self.query_signature(input, expires)
  string_to_sign = query_string_to_sign(input, expires)
  Logger.debug "QingStor query request string to sign: [#{input[:id]}] #{string_to_sign}"

  CGI.escape Base64.encode64(
    OpenSSL::HMAC.digest(
      OpenSSL::Digest.new('sha256'),
      input[:config][:secret_access_key].to_s,
      string_to_sign,
    ),
  ).strip
end

.query_string_to_sign(input, expires) ⇒ Object

# File 'lib/qingstor/sdk/request/signer.rb', line 75

def self.query_string_to_sign(input, expires)
  string_to_sign = "#{input[:request_method]}\n" \
                   "#{input[:request_headers][:'Content-MD5']}\n" \
                   "#{input[:request_headers][:'Content-Type']}\n" \
                   "#{expires}\n"
  "#{string_to_sign}#{canonicalized_headers input}#{canonicalized_resource input}"
end

.sign(input) ⇒ Object

# File 'lib/qingstor/sdk/request/signer.rb', line 24

def self.sign(input)
  authorization = "QS #{input[:config][:access_key_id]}:#{signature input}"
  input[:request_headers][:Authorization] = authorization

  Logger.debug "QingStor request authorization: [#{input[:id]}] #{authorization}"
  input
end

.sign_query(input, expires) ⇒ Object

# File 'lib/qingstor/sdk/request/signer.rb', line 32

def self.sign_query(input, expires)
  input[:request_params][:signature] = query_signature input, expires
  input[:request_params][:access_key_id] = input[:config][:access_key_id]
  input[:request_params][:expires] = expires

  Logger.debug "QingStor query signature: [#{input[:id]}] #{input[:request_params][:signature]}"
  input
end

.signature(input) ⇒ Object

# File 'lib/qingstor/sdk/request/signer.rb', line 41

def self.signature(input)
  string_to_sign = string_to_sign(input)
  Logger.debug "QingStor request string to sign: [#{input[:id]}] #{string_to_sign}"

  Base64.encode64(
    OpenSSL::HMAC.digest(
      OpenSSL::Digest.new('sha256'),
      input[:config][:secret_access_key].to_s,
      string_to_sign,
    ),
  ).strip
end

.string_to_sign(input) ⇒ Object

# File 'lib/qingstor/sdk/request/signer.rb', line 67

def self.string_to_sign(input)
  string_to_sign = "#{input[:request_method]}\n" \
                   "#{input[:request_headers][:'Content-MD5']}\n" \
                   "#{input[:request_headers][:'Content-Type']}\n" \
                   "#{input[:request_headers][:Date]}\n"
  "#{string_to_sign}#{canonicalized_headers input}#{canonicalized_resource input}"
end

.sub_resource?(key) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/qingstor/sdk/request/signer.rb', line 100

def self.sub_resource?(key)
  %w(
    acl cors delete mirror part_number policy stats upload_id uploads
    response-expires response-cache-control response-content-type
    response-content-language response-content-encoding response-content-disposition
  ).include? key
end