aliyun-sdk 0.4.0 → 0.4.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 3351c07de0b29f43528b3bcb1a3ce7acae4cd9be
4
- data.tar.gz: e748094c575c5f22e775723d88794c92f2819d3b
3
+ metadata.gz: 4d2294b9c0a613bb98a3b888d820be1e0c2ecff3
4
+ data.tar.gz: 2891c2c8687b498e2c404b4637709088975440e9
5
5
  SHA512:
6
- metadata.gz: 7ca9fac250cd61d7f9adee1012e033e29a5eeecd5c890f795b0bfb3be4e1094475eb10fcf976e78b3d1662ba8b1046329698375928495c620762bb56228a6714
7
- data.tar.gz: d5a21aea9411798f93e44f45142abb488c67c4ec06c4b0ff7382cac289862fddac10976f488e9aac59a441b8e2528d9e6844614dd2e95b21d1cb092c09cdffaf
6
+ metadata.gz: e1ea89fa4af2f7f46a78ada3fda39e7ff491ad7feecc4f8e056791e93f411a403db25076c3bf42a2e2f227e2de7f59e8daf78ee426249d70e6b4182664602ddc
7
+ data.tar.gz: 61abb3e86fc538213d70826bf2bde4c3e6dbfa47c8cdbd0c5c9eb271359f366930f23c68cc314dcb10cb18c5619fcc140dcebab87c7aa247bf228834a79056b6
@@ -1,5 +1,9 @@
1
1
  ## Change Log
2
2
 
3
+ ### v0.4.1 / 2016-07-19
4
+
5
+ - Support signature object url with STS
6
+
3
7
  ### v0.4.0 / 2016-05-19
4
8
 
5
9
  - Enable copy objects of different buckets(but in the same region)
@@ -595,17 +595,33 @@ module Aliyun
595
595
  return url unless sign
596
596
 
597
597
  expires = Time.now.to_i + expiry
598
- string_to_sign = "GET\n" +
599
- "\n\n" +
600
- "#{expires}\n" +
601
- "/#{name}/#{key}"
602
- signature = sign(string_to_sign)
603
-
604
- query_string = {
598
+ query = {
605
599
  'Expires' => expires.to_s,
606
- 'OSSAccessKeyId' => CGI.escape(access_key_id),
607
- 'Signature' => CGI.escape(signature)
608
- }.map { |k, v| "#{k}=#{v}" }.join('&')
600
+ 'OSSAccessKeyId' => CGI.escape(access_key_id)
601
+ }
602
+
603
+ sub_res = []
604
+ if @protocol.get_sts_token
605
+ sub_res << "security-token=#{@protocol.get_sts_token}"
606
+ query['security-token'] = CGI.escape(@protocol.get_sts_token)
607
+ end
608
+
609
+ resource = "/#{name}/#{key}"
610
+ unless sub_res.empty?
611
+ resource << "?#{sub_res.join('&')}"
612
+ end
613
+
614
+ string_to_sign = "" <<
615
+ "GET\n" << # method
616
+ "\n" << # Content-MD5
617
+ "\n" << # Content-Type
618
+ "#{expires}\n" <<
619
+ "#{resource}"
620
+
621
+ signature = sign(string_to_sign)
622
+ query_string =
623
+ query.merge('Signature' => CGI.escape(signature))
624
+ .map { |k, v| "#{k}=#{v}" }.join('&')
609
625
 
610
626
  [url, query_string].join('?')
611
627
  end
@@ -1365,6 +1365,12 @@ module Aliyun
1365
1365
  @config.access_key_id
1366
1366
  end
1367
1367
 
1368
+ # Get user's STS token
1369
+ # @return [String] the STS token
1370
+ def get_sts_token
1371
+ @config.sts_token
1372
+ end
1373
+
1368
1374
  # Sign a string using the stored access key secret
1369
1375
  # @param [String] string_to_sign the string to sign
1370
1376
  # @return [String] the signature
@@ -41,8 +41,6 @@ module Aliyun
41
41
  "#{verb}\n#{content_md5}\n#{content_type}\n#{date}\n" +
42
42
  "#{cano_headers}#{cano_res}"
43
43
 
44
- logger.debug("String to sign: #{string_to_sign}")
45
-
46
44
  Util.sign(key, string_to_sign)
47
45
  end
48
46
 
@@ -51,6 +49,8 @@ module Aliyun
51
49
  # @param [String] string_to_sign the string to sign
52
50
  # @return [String] the signature
53
51
  def sign(key, string_to_sign)
52
+ logger.debug("String to sign: #{string_to_sign}")
53
+
54
54
  Base64.strict_encode64(
55
55
  OpenSSL::HMAC.digest('sha1', key, string_to_sign))
56
56
  end
@@ -7,13 +7,14 @@ module Aliyun
7
7
  # timeout, retry mechanism, etc
8
8
  class Config < Common::Struct::Base
9
9
 
10
- attrs :access_key_id, :access_key_secret
10
+ attrs :access_key_id, :access_key_secret, :endpoint
11
11
 
12
12
  def initialize(opts = {})
13
13
  super(opts)
14
14
 
15
15
  @access_key_id = @access_key_id.strip if @access_key_id
16
16
  @access_key_secret = @access_key_secret.strip if @access_key_secret
17
+ @endpoint = @endpoint.strip if @endpoint
17
18
  end
18
19
  end # Config
19
20
 
@@ -86,7 +86,7 @@ module Aliyun
86
86
 
87
87
  r = RestClient::Request.execute(
88
88
  :method => 'POST',
89
- :url => ENDPOINT,
89
+ :url => @config.endpoint || ENDPOINT,
90
90
  :payload => query
91
91
  ) do |response, request, result, &blk|
92
92
 
@@ -2,6 +2,6 @@
2
2
 
3
3
  module Aliyun
4
4
 
5
- VERSION = "0.4.0"
5
+ VERSION = "0.4.1"
6
6
 
7
7
  end # Aliyun
@@ -466,6 +466,30 @@ module Aliyun
466
466
  sig = Util.sign('yyy', string_to_sign)
467
467
  expect(signature).to eq(sig)
468
468
  end
469
+
470
+ it "should get object url with STS" do
471
+ sts_bucket = Client.new(
472
+ :endpoint => @endpoint,
473
+ :access_key_id => 'xxx',
474
+ :access_key_secret => 'yyy',
475
+ :sts_token => 'zzz').get_bucket(@bucket_name)
476
+
477
+ object_url = 'http://rubysdk-bucket.oss-cn-hangzhou.aliyuncs.com/yeah'
478
+
479
+ url = sts_bucket.object_url('yeah')
480
+ path = url[0, url.index('?')]
481
+ expect(path).to eq(object_url)
482
+
483
+ query = {}
484
+ url[url.index('?') + 1, url.size].split('&')
485
+ .each { |s| k, v = s.split('='); query[k] = v }
486
+
487
+ expect(query.key?('Expires')).to be true
488
+ expect(query.key?('Signature')).to be true
489
+ expect(query['OSSAccessKeyId']).to eq('xxx')
490
+ expect(query['security-token']).to eq('zzz')
491
+ end
492
+
469
493
  end # object operations
470
494
 
471
495
  context "multipart operations" do
@@ -11,5 +11,21 @@ class TestConf
11
11
  def bucket
12
12
  ENV['RUBY_SDK_OSS_BUCKET']
13
13
  end
14
+
15
+ def sts_creds
16
+ {
17
+ access_key_id: ENV['RUBY_SDK_STS_ID'],
18
+ access_key_secret: ENV['RUBY_SDK_STS_KEY'],
19
+ endpoint: ENV['RUBY_SDK_STS_ENDPOINT']
20
+ }
21
+ end
22
+
23
+ def sts_role
24
+ ENV['RUBY_SDK_STS_ROLE']
25
+ end
26
+
27
+ def sts_bucket
28
+ ENV['RUBY_SDK_STS_BUCKET']
29
+ end
14
30
  end
15
31
  end
@@ -0,0 +1,69 @@
1
+ require 'minitest/autorun'
2
+ require 'yaml'
3
+ $LOAD_PATH.unshift(File.expand_path("../../lib", __FILE__))
4
+ require 'aliyun/oss'
5
+ require 'aliyun/sts'
6
+ require 'rest-client'
7
+ require_relative 'config'
8
+
9
+ class TestObjectUrl < Minitest::Test
10
+ def setup
11
+ Aliyun::Common::Logging.set_log_level(Logger::DEBUG)
12
+ client = Aliyun::OSS::Client.new(TestConf.creds)
13
+ @bucket = client.get_bucket(TestConf.bucket)
14
+
15
+ @prefix = "tests/object_url/"
16
+ end
17
+
18
+ def get_key(k)
19
+ "#{@prefix}#{k}"
20
+ end
21
+
22
+ def test_signed_url_for_get
23
+ key = get_key('object-for-get')
24
+
25
+ @bucket.put_object(key, acl: Aliyun::OSS::ACL::PRIVATE)
26
+
27
+ plain_url = @bucket.object_url(key, false)
28
+ begin
29
+ r = RestClient.get(plain_url)
30
+ assert false, 'GET plain object url should receive 403'
31
+ rescue => e
32
+ assert_equal 403, e.response.code
33
+ end
34
+
35
+ signed_url = @bucket.object_url(key)
36
+ r = RestClient.get(signed_url)
37
+
38
+ assert_equal 200, r.code
39
+ end
40
+
41
+ def test_signed_url_with_sts
42
+ key = get_key('object-with-sts')
43
+
44
+ sts_client = Aliyun::STS::Client.new(TestConf.sts_creds)
45
+ token = sts_client.assume_role(TestConf.sts_role, 'app')
46
+
47
+ bucket = Aliyun::OSS::Client.new(
48
+ :endpoint => TestConf.creds[:endpoint],
49
+ :sts_token => token.security_token,
50
+ :access_key_id => token.access_key_id,
51
+ :access_key_secret => token.access_key_secret)
52
+ .get_bucket(TestConf.sts_bucket)
53
+
54
+ bucket.put_object(key, acl: Aliyun::OSS::ACL::PRIVATE)
55
+
56
+ plain_url = bucket.object_url(key, false)
57
+ begin
58
+ r = RestClient.get(plain_url)
59
+ assert false, 'GET plain object url should receive 403'
60
+ rescue => e
61
+ assert_equal 403, e.response.code
62
+ end
63
+
64
+ signed_url = bucket.object_url(key)
65
+ r = RestClient.get(signed_url)
66
+
67
+ assert_equal 200, r.code
68
+ end
69
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aliyun-sdk
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.0
4
+ version: 0.4.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tianlong Wu
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-05-19 00:00:00.000000000 Z
11
+ date: 2016-07-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: nokogiri
@@ -100,14 +100,14 @@ dependencies:
100
100
  requirements:
101
101
  - - "~>"
102
102
  - !ruby/object:Gem::Version
103
- version: '0.10'
103
+ version: 0.10.0
104
104
  type: :development
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - "~>"
109
109
  - !ruby/object:Gem::Version
110
- version: '0.10'
110
+ version: 0.10.0
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: minitest
113
113
  requirement: !ruby/object:Gem::Requirement
@@ -188,6 +188,7 @@ files:
188
188
  - tests/test_multipart.rb
189
189
  - tests/test_object_acl.rb
190
190
  - tests/test_object_key.rb
191
+ - tests/test_object_url.rb
191
192
  - tests/test_resumable.rb
192
193
  homepage: https://github.com/aliyun/aliyun-oss-ruby-sdk
193
194
  licenses:
@@ -235,5 +236,6 @@ test_files:
235
236
  - tests/test_multipart.rb
236
237
  - tests/test_object_acl.rb
237
238
  - tests/test_object_key.rb
239
+ - tests/test_object_url.rb
238
240
  - tests/test_resumable.rb
239
241
  has_rdoc: