All files / tcb-admin-node/src/utils auth.js

92.75% Statements 64/69
60.87% Branches 28/46
100% Functions 8/8
95.52% Lines 64/67
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 15414x     1264x               312x 312x 871x 871x     312x     312x       312x 871x           14x   74x   74x 74x 74x 74x 74x 74x 74x   74x 74x   74x 296x 296x 1264x 1264x     1264x     296x     74x   148x 148x 148x 632x 632x     632x 632x 193x   632x 632x 632x 632x   148x       74x 74x   74x 74x 74x           74x 74x 74x 74x 74x     74x           74x                 74x                 74x     74x 74x 74x 74x       74x           74x                   74x     14x  
var crypto = require("crypto");
 
function camSafeUrlEncode(str) {
  return encodeURIComponent(str)
    .replace(/!/g, "%21")
    .replace(/'/g, "%27")
    .replace(/\(/g, "%28")
    .replace(/\)/g, "%29")
    .replace(/\*/g, "%2A");
}
function map(obj, fn) {
  var o = isArray(obj) ? [] : {};
  for (var i in obj) {
    Eif (obj.hasOwnProperty(i)) {
      o[i] = fn(obj[i], i);
    }
  }
  return o;
}
function isArray(arr) {
  return arr instanceof Array;
}
 
function clone(obj) {
  return map(obj, function(v) {
    return typeof v === "object" && v !== undefined && v !== null
      ? clone(v)
      : v;
  });
}
//测试用的key后面可以去掉
var getAuth = function(opt) {
  //   console.log(opt);
  opt = opt || {};
 
  var SecretId = opt.SecretId;
  var SecretKey = opt.SecretKey;
  var method = (opt.method || opt.Method || "get").toLowerCase();
  var pathname = opt.pathname || "/";
  var queryParams = clone(opt.Query || opt.params || {});
  var headers = clone(opt.Headers || opt.headers || {});
  pathname.indexOf("/") !== 0 && (pathname = "/" + pathname);
 
  Iif (!SecretId) return console.error("missing param SecretId");
  Iif (!SecretKey) return console.error("missing param SecretKey");
 
  var getObjectKeys = function(obj) {
    var list = [];
    for (var key in obj) {
      Eif (obj.hasOwnProperty(key)) {
        Iif (obj[key] === undefined) {
          continue;
        }
        list.push(key);
      }
    }
    return list.sort();
  };
 
  var obj2str = function(obj) {
    var i, key, val;
    var list = [];
    var keyList = getObjectKeys(obj);
    for (i = 0; i < keyList.length; i++) {
      key = keyList[i];
      Iif (obj[key] === undefined) {
        continue;
      }
      val = obj[key] === null ? "" : obj[key];
      if (typeof val !== "string") {
        val = JSON.stringify(val);
      }
      key = key.toLowerCase();
      key = camSafeUrlEncode(key);
      val = camSafeUrlEncode(val) || "";
      list.push(key + "=" + val);
    }
    return list.join("&");
  };
 
  // 签名有效起止时间
  var now = parseInt(new Date().getTime() / 1000) - 1;
  var exp = now;
 
  var Expires = opt.Expires || opt.expires;
  Eif (Expires === undefined) {
    exp += 900; // 签名过期时间为当前 + 900s
  } else {
    exp += Expires * 1 || 0;
  }
 
  // 要用到的 Authorization 参数列表
  var qSignAlgorithm = "sha1";
  var qAk = SecretId;
  var qSignTime = now + ";" + exp;
  var qKeyTime = now + ";" + exp;
  var qHeaderList = getObjectKeys(headers)
    .join(";")
    .toLowerCase();
  var qUrlParamList = getObjectKeys(queryParams)
    .join(";")
    .toLowerCase();
 
  // 签名算法说明文档:https://www.qcloud.com/document/product/436/7778
  // 步骤一:计算 SignKey
  var signKey = crypto
    .createHmac("sha1", SecretKey)
    .update(qKeyTime)
    .digest("hex");
 
  // console.log("queryParams", queryParams);
  // console.log(obj2str(queryParams));
 
  // 步骤二:构成 FormatString
  var formatString = [
    method,
    pathname,
    obj2str(queryParams),
    obj2str(headers),
    ""
  ].join("\n");
 
  // console.log(formatString);
  formatString = Buffer.from(formatString, "utf8");
 
  // 步骤三:计算 StringToSign
  var sha1Algo = crypto.createHash("sha1");
  sha1Algo.update(formatString);
  var res = sha1Algo.digest("hex");
  var stringToSign = ["sha1", qSignTime, res, ""].join("\n");
 
  // console.log(stringToSign);
  // 步骤四:计算 Signature
  var qSignature = crypto
    .createHmac("sha1", signKey)
    .update(stringToSign)
    .digest("hex");
 
  // 步骤五:构造 Authorization
  var authorization = [
    "q-sign-algorithm=" + qSignAlgorithm,
    "q-ak=" + qAk,
    "q-sign-time=" + qSignTime,
    "q-key-time=" + qKeyTime,
    "q-header-list=" + qHeaderList,
    "q-url-param-list=" + qUrlParamList,
    "q-signature=" + qSignature
  ].join("&");
 
  return authorization;
};
 
exports.getAuth = getAuth;