aliyun-sdk 0.4.0 → 0.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/lib/aliyun/oss/bucket.rb +26 -10
- data/lib/aliyun/oss/protocol.rb +6 -0
- data/lib/aliyun/oss/util.rb +2 -2
- data/lib/aliyun/sts/config.rb +2 -1
- data/lib/aliyun/sts/protocol.rb +1 -1
- data/lib/aliyun/version.rb +1 -1
- data/spec/aliyun/oss/client/bucket_spec.rb +24 -0
- data/tests/config.rb +16 -0
- data/tests/test_object_url.rb +69 -0
- metadata +6 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4d2294b9c0a613bb98a3b888d820be1e0c2ecff3
|
4
|
+
data.tar.gz: 2891c2c8687b498e2c404b4637709088975440e9
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e1ea89fa4af2f7f46a78ada3fda39e7ff491ad7feecc4f8e056791e93f411a403db25076c3bf42a2e2f227e2de7f59e8daf78ee426249d70e6b4182664602ddc
|
7
|
+
data.tar.gz: 61abb3e86fc538213d70826bf2bde4c3e6dbfa47c8cdbd0c5c9eb271359f366930f23c68cc314dcb10cb18c5619fcc140dcebab87c7aa247bf228834a79056b6
|
data/CHANGELOG.md
CHANGED
data/lib/aliyun/oss/bucket.rb
CHANGED
@@ -595,17 +595,33 @@ module Aliyun
|
|
595
595
|
return url unless sign
|
596
596
|
|
597
597
|
expires = Time.now.to_i + expiry
|
598
|
-
|
599
|
-
"\n\n" +
|
600
|
-
"#{expires}\n" +
|
601
|
-
"/#{name}/#{key}"
|
602
|
-
signature = sign(string_to_sign)
|
603
|
-
|
604
|
-
query_string = {
|
598
|
+
query = {
|
605
599
|
'Expires' => expires.to_s,
|
606
|
-
'OSSAccessKeyId' => CGI.escape(access_key_id)
|
607
|
-
|
608
|
-
|
600
|
+
'OSSAccessKeyId' => CGI.escape(access_key_id)
|
601
|
+
}
|
602
|
+
|
603
|
+
sub_res = []
|
604
|
+
if @protocol.get_sts_token
|
605
|
+
sub_res << "security-token=#{@protocol.get_sts_token}"
|
606
|
+
query['security-token'] = CGI.escape(@protocol.get_sts_token)
|
607
|
+
end
|
608
|
+
|
609
|
+
resource = "/#{name}/#{key}"
|
610
|
+
unless sub_res.empty?
|
611
|
+
resource << "?#{sub_res.join('&')}"
|
612
|
+
end
|
613
|
+
|
614
|
+
string_to_sign = "" <<
|
615
|
+
"GET\n" << # method
|
616
|
+
"\n" << # Content-MD5
|
617
|
+
"\n" << # Content-Type
|
618
|
+
"#{expires}\n" <<
|
619
|
+
"#{resource}"
|
620
|
+
|
621
|
+
signature = sign(string_to_sign)
|
622
|
+
query_string =
|
623
|
+
query.merge('Signature' => CGI.escape(signature))
|
624
|
+
.map { |k, v| "#{k}=#{v}" }.join('&')
|
609
625
|
|
610
626
|
[url, query_string].join('?')
|
611
627
|
end
|
data/lib/aliyun/oss/protocol.rb
CHANGED
@@ -1365,6 +1365,12 @@ module Aliyun
|
|
1365
1365
|
@config.access_key_id
|
1366
1366
|
end
|
1367
1367
|
|
1368
|
+
# Get user's STS token
|
1369
|
+
# @return [String] the STS token
|
1370
|
+
def get_sts_token
|
1371
|
+
@config.sts_token
|
1372
|
+
end
|
1373
|
+
|
1368
1374
|
# Sign a string using the stored access key secret
|
1369
1375
|
# @param [String] string_to_sign the string to sign
|
1370
1376
|
# @return [String] the signature
|
data/lib/aliyun/oss/util.rb
CHANGED
@@ -41,8 +41,6 @@ module Aliyun
|
|
41
41
|
"#{verb}\n#{content_md5}\n#{content_type}\n#{date}\n" +
|
42
42
|
"#{cano_headers}#{cano_res}"
|
43
43
|
|
44
|
-
logger.debug("String to sign: #{string_to_sign}")
|
45
|
-
|
46
44
|
Util.sign(key, string_to_sign)
|
47
45
|
end
|
48
46
|
|
@@ -51,6 +49,8 @@ module Aliyun
|
|
51
49
|
# @param [String] string_to_sign the string to sign
|
52
50
|
# @return [String] the signature
|
53
51
|
def sign(key, string_to_sign)
|
52
|
+
logger.debug("String to sign: #{string_to_sign}")
|
53
|
+
|
54
54
|
Base64.strict_encode64(
|
55
55
|
OpenSSL::HMAC.digest('sha1', key, string_to_sign))
|
56
56
|
end
|
data/lib/aliyun/sts/config.rb
CHANGED
@@ -7,13 +7,14 @@ module Aliyun
|
|
7
7
|
# timeout, retry mechanism, etc
|
8
8
|
class Config < Common::Struct::Base
|
9
9
|
|
10
|
-
attrs :access_key_id, :access_key_secret
|
10
|
+
attrs :access_key_id, :access_key_secret, :endpoint
|
11
11
|
|
12
12
|
def initialize(opts = {})
|
13
13
|
super(opts)
|
14
14
|
|
15
15
|
@access_key_id = @access_key_id.strip if @access_key_id
|
16
16
|
@access_key_secret = @access_key_secret.strip if @access_key_secret
|
17
|
+
@endpoint = @endpoint.strip if @endpoint
|
17
18
|
end
|
18
19
|
end # Config
|
19
20
|
|
data/lib/aliyun/sts/protocol.rb
CHANGED
data/lib/aliyun/version.rb
CHANGED
@@ -466,6 +466,30 @@ module Aliyun
|
|
466
466
|
sig = Util.sign('yyy', string_to_sign)
|
467
467
|
expect(signature).to eq(sig)
|
468
468
|
end
|
469
|
+
|
470
|
+
it "should get object url with STS" do
|
471
|
+
sts_bucket = Client.new(
|
472
|
+
:endpoint => @endpoint,
|
473
|
+
:access_key_id => 'xxx',
|
474
|
+
:access_key_secret => 'yyy',
|
475
|
+
:sts_token => 'zzz').get_bucket(@bucket_name)
|
476
|
+
|
477
|
+
object_url = 'http://rubysdk-bucket.oss-cn-hangzhou.aliyuncs.com/yeah'
|
478
|
+
|
479
|
+
url = sts_bucket.object_url('yeah')
|
480
|
+
path = url[0, url.index('?')]
|
481
|
+
expect(path).to eq(object_url)
|
482
|
+
|
483
|
+
query = {}
|
484
|
+
url[url.index('?') + 1, url.size].split('&')
|
485
|
+
.each { |s| k, v = s.split('='); query[k] = v }
|
486
|
+
|
487
|
+
expect(query.key?('Expires')).to be true
|
488
|
+
expect(query.key?('Signature')).to be true
|
489
|
+
expect(query['OSSAccessKeyId']).to eq('xxx')
|
490
|
+
expect(query['security-token']).to eq('zzz')
|
491
|
+
end
|
492
|
+
|
469
493
|
end # object operations
|
470
494
|
|
471
495
|
context "multipart operations" do
|
data/tests/config.rb
CHANGED
@@ -11,5 +11,21 @@ class TestConf
|
|
11
11
|
def bucket
|
12
12
|
ENV['RUBY_SDK_OSS_BUCKET']
|
13
13
|
end
|
14
|
+
|
15
|
+
def sts_creds
|
16
|
+
{
|
17
|
+
access_key_id: ENV['RUBY_SDK_STS_ID'],
|
18
|
+
access_key_secret: ENV['RUBY_SDK_STS_KEY'],
|
19
|
+
endpoint: ENV['RUBY_SDK_STS_ENDPOINT']
|
20
|
+
}
|
21
|
+
end
|
22
|
+
|
23
|
+
def sts_role
|
24
|
+
ENV['RUBY_SDK_STS_ROLE']
|
25
|
+
end
|
26
|
+
|
27
|
+
def sts_bucket
|
28
|
+
ENV['RUBY_SDK_STS_BUCKET']
|
29
|
+
end
|
14
30
|
end
|
15
31
|
end
|
@@ -0,0 +1,69 @@
|
|
1
|
+
require 'minitest/autorun'
|
2
|
+
require 'yaml'
|
3
|
+
$LOAD_PATH.unshift(File.expand_path("../../lib", __FILE__))
|
4
|
+
require 'aliyun/oss'
|
5
|
+
require 'aliyun/sts'
|
6
|
+
require 'rest-client'
|
7
|
+
require_relative 'config'
|
8
|
+
|
9
|
+
class TestObjectUrl < Minitest::Test
|
10
|
+
def setup
|
11
|
+
Aliyun::Common::Logging.set_log_level(Logger::DEBUG)
|
12
|
+
client = Aliyun::OSS::Client.new(TestConf.creds)
|
13
|
+
@bucket = client.get_bucket(TestConf.bucket)
|
14
|
+
|
15
|
+
@prefix = "tests/object_url/"
|
16
|
+
end
|
17
|
+
|
18
|
+
def get_key(k)
|
19
|
+
"#{@prefix}#{k}"
|
20
|
+
end
|
21
|
+
|
22
|
+
def test_signed_url_for_get
|
23
|
+
key = get_key('object-for-get')
|
24
|
+
|
25
|
+
@bucket.put_object(key, acl: Aliyun::OSS::ACL::PRIVATE)
|
26
|
+
|
27
|
+
plain_url = @bucket.object_url(key, false)
|
28
|
+
begin
|
29
|
+
r = RestClient.get(plain_url)
|
30
|
+
assert false, 'GET plain object url should receive 403'
|
31
|
+
rescue => e
|
32
|
+
assert_equal 403, e.response.code
|
33
|
+
end
|
34
|
+
|
35
|
+
signed_url = @bucket.object_url(key)
|
36
|
+
r = RestClient.get(signed_url)
|
37
|
+
|
38
|
+
assert_equal 200, r.code
|
39
|
+
end
|
40
|
+
|
41
|
+
def test_signed_url_with_sts
|
42
|
+
key = get_key('object-with-sts')
|
43
|
+
|
44
|
+
sts_client = Aliyun::STS::Client.new(TestConf.sts_creds)
|
45
|
+
token = sts_client.assume_role(TestConf.sts_role, 'app')
|
46
|
+
|
47
|
+
bucket = Aliyun::OSS::Client.new(
|
48
|
+
:endpoint => TestConf.creds[:endpoint],
|
49
|
+
:sts_token => token.security_token,
|
50
|
+
:access_key_id => token.access_key_id,
|
51
|
+
:access_key_secret => token.access_key_secret)
|
52
|
+
.get_bucket(TestConf.sts_bucket)
|
53
|
+
|
54
|
+
bucket.put_object(key, acl: Aliyun::OSS::ACL::PRIVATE)
|
55
|
+
|
56
|
+
plain_url = bucket.object_url(key, false)
|
57
|
+
begin
|
58
|
+
r = RestClient.get(plain_url)
|
59
|
+
assert false, 'GET plain object url should receive 403'
|
60
|
+
rescue => e
|
61
|
+
assert_equal 403, e.response.code
|
62
|
+
end
|
63
|
+
|
64
|
+
signed_url = bucket.object_url(key)
|
65
|
+
r = RestClient.get(signed_url)
|
66
|
+
|
67
|
+
assert_equal 200, r.code
|
68
|
+
end
|
69
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aliyun-sdk
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tianlong Wu
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-07-19 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: nokogiri
|
@@ -100,14 +100,14 @@ dependencies:
|
|
100
100
|
requirements:
|
101
101
|
- - "~>"
|
102
102
|
- !ruby/object:Gem::Version
|
103
|
-
version:
|
103
|
+
version: 0.10.0
|
104
104
|
type: :development
|
105
105
|
prerelease: false
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
107
107
|
requirements:
|
108
108
|
- - "~>"
|
109
109
|
- !ruby/object:Gem::Version
|
110
|
-
version:
|
110
|
+
version: 0.10.0
|
111
111
|
- !ruby/object:Gem::Dependency
|
112
112
|
name: minitest
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
@@ -188,6 +188,7 @@ files:
|
|
188
188
|
- tests/test_multipart.rb
|
189
189
|
- tests/test_object_acl.rb
|
190
190
|
- tests/test_object_key.rb
|
191
|
+
- tests/test_object_url.rb
|
191
192
|
- tests/test_resumable.rb
|
192
193
|
homepage: https://github.com/aliyun/aliyun-oss-ruby-sdk
|
193
194
|
licenses:
|
@@ -235,5 +236,6 @@ test_files:
|
|
235
236
|
- tests/test_multipart.rb
|
236
237
|
- tests/test_object_acl.rb
|
237
238
|
- tests/test_object_key.rb
|
239
|
+
- tests/test_object_url.rb
|
238
240
|
- tests/test_resumable.rb
|
239
241
|
has_rdoc:
|