qiniu 6.5.0 → 6.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/Gemfile.lock +1 -1
- data/lib/qiniu/auth.rb +31 -11
- data/lib/qiniu/http.rb +2 -2
- data/lib/qiniu/version.rb +1 -1
- data/spec/qiniu/auth_spec.rb +20 -0
- data/spec/qiniu/image_spec.rb +7 -3
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4183bac23fa834f48579fbc1b8d05a8218ada08b
|
|
4
|
+
data.tar.gz: 62ff9f7fb37c1acb45d03b37c72c13d6c5073d67
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c417b92d7a4a06508a9db2be71a9049843fdcb4730854e3e47b0bddccc0c246c4301504bc5acc7745402f07e5452f5639d9d4d8604a45e8e54e2e8d156fa29a6
|
|
7
|
+
data.tar.gz: b30fde59f5ff8711b0f8c76c5ee1b8db8539798ac5da75907fc77302a0cdc49a8accbb779ed46fa050711fde471d81a95709a512c7c53a6d22072ed237517661
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,9 @@
|
|
|
1
1
|
## CHANGE LOG
|
|
2
2
|
|
|
3
|
+
### V6.5.1
|
|
4
|
+
|
|
5
|
+
- 为 Qiniu::Auth 添加验证七牛回调请求签名合法性的函数。[https://github.com/qiniu/ruby-sdk/pull/133](https://github.com/qiniu/ruby-sdk/pull/133)
|
|
6
|
+
|
|
3
7
|
### v6.5.0
|
|
4
8
|
|
|
5
9
|
- 为 Qiniu::Auth 添加一个异常处理逻辑,在 Access Key 和 Secret Key 未正常设置(nil 值)的情况下给出正确提示。[https://github.com/qiniu/ruby-sdk/pull/126](https://github.com/qiniu/ruby-sdk/pull/126)
|
data/Gemfile.lock
CHANGED
data/lib/qiniu/auth.rb
CHANGED
|
@@ -206,11 +206,7 @@ module Qiniu
|
|
|
206
206
|
return authorize_download_url(download_url, args)
|
|
207
207
|
end # authorize_download_url_2
|
|
208
208
|
|
|
209
|
-
def
|
|
210
|
-
### 提取AK/SK信息
|
|
211
|
-
access_key = Config.settings[:access_key]
|
|
212
|
-
secret_key = Config.settings[:secret_key]
|
|
213
|
-
|
|
209
|
+
def generate_acctoken_sign_with_mac(access_key, secret_key, url, body)
|
|
214
210
|
### 解析URL,生成待签名字符串
|
|
215
211
|
uri = URI.parse(url)
|
|
216
212
|
signing_str = uri.path
|
|
@@ -232,13 +228,12 @@ module Qiniu
|
|
|
232
228
|
|
|
233
229
|
### 生成数字签名
|
|
234
230
|
sign = calculate_hmac_sha1_digest(secret_key, signing_str)
|
|
235
|
-
|
|
236
|
-
|
|
237
|
-
### 生成管理授权凭证
|
|
238
|
-
acctoken = "#{access_key}:#{encoded_sign}"
|
|
231
|
+
return Utils.urlsafe_base64_encode(sign)
|
|
232
|
+
end # generate_acctoken_sign_with_mac
|
|
239
233
|
|
|
240
|
-
|
|
241
|
-
|
|
234
|
+
def generate_acctoken(url, body = '')
|
|
235
|
+
encoded_sign = generate_acctoken_sign_with_mac(Config.settings[:access_key], Config.settings[:secret_key], url, body)
|
|
236
|
+
return "#{Config.settings[:access_key]}:#{encoded_sign}"
|
|
242
237
|
end # generate_acctoken
|
|
243
238
|
|
|
244
239
|
def generate_uptoken(put_policy)
|
|
@@ -259,6 +254,31 @@ module Qiniu
|
|
|
259
254
|
### 返回上传授权凭证
|
|
260
255
|
return uptoken
|
|
261
256
|
end # generate_uptoken
|
|
257
|
+
|
|
258
|
+
def authenticate_callback_request(auth_str, url, body = '')
|
|
259
|
+
### 提取AK/SK信息
|
|
260
|
+
access_key = Config.settings[:access_key]
|
|
261
|
+
secret_key = Config.settings[:secret_key]
|
|
262
|
+
|
|
263
|
+
### 检查签名格式
|
|
264
|
+
ak_pos = auth_str.index(access_key)
|
|
265
|
+
if ak_pos.nil? then
|
|
266
|
+
return false
|
|
267
|
+
end
|
|
268
|
+
|
|
269
|
+
colon_pos = auth_str.index(':', ak_pos + 1)
|
|
270
|
+
if colon_pos.nil? || ((ak_pos + access_key.length) != colon_pos) then
|
|
271
|
+
return false
|
|
272
|
+
end
|
|
273
|
+
|
|
274
|
+
encoded_sign = generate_acctoken_sign_with_mac(access_key, secret_key, url, body)
|
|
275
|
+
sign_pos = auth_str.index(encoded_sign, colon_pos + 1)
|
|
276
|
+
if sign_pos.nil? || ((sign_pos + encoded_sign.length) != auth_str.length) then
|
|
277
|
+
return false
|
|
278
|
+
end
|
|
279
|
+
|
|
280
|
+
return true
|
|
281
|
+
end # authenticate_callback_request
|
|
262
282
|
end # class << self
|
|
263
283
|
|
|
264
284
|
end # module Auth
|
data/lib/qiniu/http.rb
CHANGED
|
@@ -65,7 +65,7 @@ module Qiniu
|
|
|
65
65
|
end
|
|
66
66
|
|
|
67
67
|
content_type = resp_headers["content-type"][0]
|
|
68
|
-
if !content_type.nil? && content_type
|
|
68
|
+
if !content_type.nil? && !content_type.downcase.index(API_RESULT_MIMETYPE).nil? then
|
|
69
69
|
# 如果是JSON格式,则反序列化
|
|
70
70
|
resp_body = Utils.safe_json_parse(resp_body)
|
|
71
71
|
end
|
|
@@ -117,7 +117,7 @@ module Qiniu
|
|
|
117
117
|
end
|
|
118
118
|
|
|
119
119
|
content_type = resp_headers["content-type"][0]
|
|
120
|
-
if !content_type.nil? && content_type
|
|
120
|
+
if !content_type.nil? && !content_type.downcase.index(API_RESULT_MIMETYPE).nil? then
|
|
121
121
|
# 如果是JSON格式,则反序列化
|
|
122
122
|
resp_body = Utils.safe_json_parse(resp_body)
|
|
123
123
|
end
|
data/lib/qiniu/version.rb
CHANGED
data/spec/qiniu/auth_spec.rb
CHANGED
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
|
|
4
4
|
require 'spec_helper'
|
|
5
5
|
require 'qiniu/auth'
|
|
6
|
+
require 'qiniu/config'
|
|
6
7
|
require 'qiniu/storage'
|
|
7
8
|
require 'digest/sha1'
|
|
8
9
|
|
|
@@ -69,6 +70,25 @@ module Qiniu
|
|
|
69
70
|
end
|
|
70
71
|
end
|
|
71
72
|
end
|
|
73
|
+
|
|
74
|
+
### 测试回调签名
|
|
75
|
+
context ".authenticate_callback_request" do
|
|
76
|
+
it "should works" do
|
|
77
|
+
url = '/test.php'
|
|
78
|
+
body = 'name=xxx&size=1234'
|
|
79
|
+
false.should == Qiniu::Auth.authenticate_callback_request('ABCD', url, body)
|
|
80
|
+
false.should == Qiniu::Auth.authenticate_callback_request(Config.settings[:access_key], url, body)
|
|
81
|
+
false.should == Qiniu::Auth.authenticate_callback_request('QBox ' + Config.settings[:access_key] + ':', url, body)
|
|
82
|
+
false.should == Qiniu::Auth.authenticate_callback_request('QBox ' + Config.settings[:access_key] + ':????', url, body)
|
|
83
|
+
|
|
84
|
+
acctoken = Qiniu::Auth.generate_acctoken(url, body)
|
|
85
|
+
auth_str = 'QBox ' + acctoken
|
|
86
|
+
|
|
87
|
+
false.should == Qiniu::Auth.authenticate_callback_request(auth_str + ' ', url, body)
|
|
88
|
+
true.should == Qiniu::Auth.authenticate_callback_request(auth_str, url, body)
|
|
89
|
+
true.should == Qiniu::Auth.authenticate_callback_request(acctoken, url, body)
|
|
90
|
+
end
|
|
91
|
+
end
|
|
72
92
|
end # module Auth
|
|
73
93
|
|
|
74
94
|
module Exception_Auth
|
data/spec/qiniu/image_spec.rb
CHANGED
|
@@ -59,14 +59,18 @@ module Qiniu
|
|
|
59
59
|
end
|
|
60
60
|
end
|
|
61
61
|
|
|
62
|
-
=begin
|
|
63
62
|
context ".exif" do
|
|
64
63
|
it "should works" do
|
|
65
|
-
|
|
64
|
+
result = Qiniu.get(@bucket, 'gogopher.jpg')
|
|
65
|
+
result["url"].should_not be_empty
|
|
66
|
+
puts result.inspect
|
|
67
|
+
|
|
68
|
+
code, data, headers = Qiniu::Fop::Image.exif(result["url"])
|
|
69
|
+
code.should == 200
|
|
66
70
|
puts data.inspect
|
|
71
|
+
puts headers.inspect
|
|
67
72
|
end
|
|
68
73
|
end
|
|
69
|
-
=end
|
|
70
74
|
|
|
71
75
|
context ".mogrify_preview_url" do
|
|
72
76
|
it "should works" do
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: qiniu
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 6.5.
|
|
4
|
+
version: 6.5.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- why404
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2015-
|
|
12
|
+
date: 2015-09-24 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rake
|