qiniu 6.5.0 → 6.5.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/Gemfile.lock +1 -1
- data/lib/qiniu/auth.rb +31 -11
- data/lib/qiniu/http.rb +2 -2
- data/lib/qiniu/version.rb +1 -1
- data/spec/qiniu/auth_spec.rb +20 -0
- data/spec/qiniu/image_spec.rb +7 -3
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4183bac23fa834f48579fbc1b8d05a8218ada08b
|
|
4
|
+
data.tar.gz: 62ff9f7fb37c1acb45d03b37c72c13d6c5073d67
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c417b92d7a4a06508a9db2be71a9049843fdcb4730854e3e47b0bddccc0c246c4301504bc5acc7745402f07e5452f5639d9d4d8604a45e8e54e2e8d156fa29a6
|
|
7
|
+
data.tar.gz: b30fde59f5ff8711b0f8c76c5ee1b8db8539798ac5da75907fc77302a0cdc49a8accbb779ed46fa050711fde471d81a95709a512c7c53a6d22072ed237517661
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,9 @@
|
|
|
1
1
|
## CHANGE LOG
|
|
2
2
|
|
|
3
|
+
### V6.5.1
|
|
4
|
+
|
|
5
|
+
- 为 Qiniu::Auth 添加验证七牛回调请求签名合法性的函数。[https://github.com/qiniu/ruby-sdk/pull/133](https://github.com/qiniu/ruby-sdk/pull/133)
|
|
6
|
+
|
|
3
7
|
### v6.5.0
|
|
4
8
|
|
|
5
9
|
- 为 Qiniu::Auth 添加一个异常处理逻辑,在 Access Key 和 Secret Key 未正常设置(nil 值)的情况下给出正确提示。[https://github.com/qiniu/ruby-sdk/pull/126](https://github.com/qiniu/ruby-sdk/pull/126)
|
data/Gemfile.lock
CHANGED
data/lib/qiniu/auth.rb
CHANGED
|
@@ -206,11 +206,7 @@ module Qiniu
|
|
|
206
206
|
return authorize_download_url(download_url, args)
|
|
207
207
|
end # authorize_download_url_2
|
|
208
208
|
|
|
209
|
-
def
|
|
210
|
-
### 提取AK/SK信息
|
|
211
|
-
access_key = Config.settings[:access_key]
|
|
212
|
-
secret_key = Config.settings[:secret_key]
|
|
213
|
-
|
|
209
|
+
def generate_acctoken_sign_with_mac(access_key, secret_key, url, body)
|
|
214
210
|
### 解析URL,生成待签名字符串
|
|
215
211
|
uri = URI.parse(url)
|
|
216
212
|
signing_str = uri.path
|
|
@@ -232,13 +228,12 @@ module Qiniu
|
|
|
232
228
|
|
|
233
229
|
### 生成数字签名
|
|
234
230
|
sign = calculate_hmac_sha1_digest(secret_key, signing_str)
|
|
235
|
-
|
|
236
|
-
|
|
237
|
-
### 生成管理授权凭证
|
|
238
|
-
acctoken = "#{access_key}:#{encoded_sign}"
|
|
231
|
+
return Utils.urlsafe_base64_encode(sign)
|
|
232
|
+
end # generate_acctoken_sign_with_mac
|
|
239
233
|
|
|
240
|
-
|
|
241
|
-
|
|
234
|
+
def generate_acctoken(url, body = '')
|
|
235
|
+
encoded_sign = generate_acctoken_sign_with_mac(Config.settings[:access_key], Config.settings[:secret_key], url, body)
|
|
236
|
+
return "#{Config.settings[:access_key]}:#{encoded_sign}"
|
|
242
237
|
end # generate_acctoken
|
|
243
238
|
|
|
244
239
|
def generate_uptoken(put_policy)
|
|
@@ -259,6 +254,31 @@ module Qiniu
|
|
|
259
254
|
### 返回上传授权凭证
|
|
260
255
|
return uptoken
|
|
261
256
|
end # generate_uptoken
|
|
257
|
+
|
|
258
|
+
def authenticate_callback_request(auth_str, url, body = '')
|
|
259
|
+
### 提取AK/SK信息
|
|
260
|
+
access_key = Config.settings[:access_key]
|
|
261
|
+
secret_key = Config.settings[:secret_key]
|
|
262
|
+
|
|
263
|
+
### 检查签名格式
|
|
264
|
+
ak_pos = auth_str.index(access_key)
|
|
265
|
+
if ak_pos.nil? then
|
|
266
|
+
return false
|
|
267
|
+
end
|
|
268
|
+
|
|
269
|
+
colon_pos = auth_str.index(':', ak_pos + 1)
|
|
270
|
+
if colon_pos.nil? || ((ak_pos + access_key.length) != colon_pos) then
|
|
271
|
+
return false
|
|
272
|
+
end
|
|
273
|
+
|
|
274
|
+
encoded_sign = generate_acctoken_sign_with_mac(access_key, secret_key, url, body)
|
|
275
|
+
sign_pos = auth_str.index(encoded_sign, colon_pos + 1)
|
|
276
|
+
if sign_pos.nil? || ((sign_pos + encoded_sign.length) != auth_str.length) then
|
|
277
|
+
return false
|
|
278
|
+
end
|
|
279
|
+
|
|
280
|
+
return true
|
|
281
|
+
end # authenticate_callback_request
|
|
262
282
|
end # class << self
|
|
263
283
|
|
|
264
284
|
end # module Auth
|
data/lib/qiniu/http.rb
CHANGED
|
@@ -65,7 +65,7 @@ module Qiniu
|
|
|
65
65
|
end
|
|
66
66
|
|
|
67
67
|
content_type = resp_headers["content-type"][0]
|
|
68
|
-
if !content_type.nil? && content_type
|
|
68
|
+
if !content_type.nil? && !content_type.downcase.index(API_RESULT_MIMETYPE).nil? then
|
|
69
69
|
# 如果是JSON格式,则反序列化
|
|
70
70
|
resp_body = Utils.safe_json_parse(resp_body)
|
|
71
71
|
end
|
|
@@ -117,7 +117,7 @@ module Qiniu
|
|
|
117
117
|
end
|
|
118
118
|
|
|
119
119
|
content_type = resp_headers["content-type"][0]
|
|
120
|
-
if !content_type.nil? && content_type
|
|
120
|
+
if !content_type.nil? && !content_type.downcase.index(API_RESULT_MIMETYPE).nil? then
|
|
121
121
|
# 如果是JSON格式,则反序列化
|
|
122
122
|
resp_body = Utils.safe_json_parse(resp_body)
|
|
123
123
|
end
|
data/lib/qiniu/version.rb
CHANGED
data/spec/qiniu/auth_spec.rb
CHANGED
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
|
|
4
4
|
require 'spec_helper'
|
|
5
5
|
require 'qiniu/auth'
|
|
6
|
+
require 'qiniu/config'
|
|
6
7
|
require 'qiniu/storage'
|
|
7
8
|
require 'digest/sha1'
|
|
8
9
|
|
|
@@ -69,6 +70,25 @@ module Qiniu
|
|
|
69
70
|
end
|
|
70
71
|
end
|
|
71
72
|
end
|
|
73
|
+
|
|
74
|
+
### 测试回调签名
|
|
75
|
+
context ".authenticate_callback_request" do
|
|
76
|
+
it "should works" do
|
|
77
|
+
url = '/test.php'
|
|
78
|
+
body = 'name=xxx&size=1234'
|
|
79
|
+
false.should == Qiniu::Auth.authenticate_callback_request('ABCD', url, body)
|
|
80
|
+
false.should == Qiniu::Auth.authenticate_callback_request(Config.settings[:access_key], url, body)
|
|
81
|
+
false.should == Qiniu::Auth.authenticate_callback_request('QBox ' + Config.settings[:access_key] + ':', url, body)
|
|
82
|
+
false.should == Qiniu::Auth.authenticate_callback_request('QBox ' + Config.settings[:access_key] + ':????', url, body)
|
|
83
|
+
|
|
84
|
+
acctoken = Qiniu::Auth.generate_acctoken(url, body)
|
|
85
|
+
auth_str = 'QBox ' + acctoken
|
|
86
|
+
|
|
87
|
+
false.should == Qiniu::Auth.authenticate_callback_request(auth_str + ' ', url, body)
|
|
88
|
+
true.should == Qiniu::Auth.authenticate_callback_request(auth_str, url, body)
|
|
89
|
+
true.should == Qiniu::Auth.authenticate_callback_request(acctoken, url, body)
|
|
90
|
+
end
|
|
91
|
+
end
|
|
72
92
|
end # module Auth
|
|
73
93
|
|
|
74
94
|
module Exception_Auth
|
data/spec/qiniu/image_spec.rb
CHANGED
|
@@ -59,14 +59,18 @@ module Qiniu
|
|
|
59
59
|
end
|
|
60
60
|
end
|
|
61
61
|
|
|
62
|
-
=begin
|
|
63
62
|
context ".exif" do
|
|
64
63
|
it "should works" do
|
|
65
|
-
|
|
64
|
+
result = Qiniu.get(@bucket, 'gogopher.jpg')
|
|
65
|
+
result["url"].should_not be_empty
|
|
66
|
+
puts result.inspect
|
|
67
|
+
|
|
68
|
+
code, data, headers = Qiniu::Fop::Image.exif(result["url"])
|
|
69
|
+
code.should == 200
|
|
66
70
|
puts data.inspect
|
|
71
|
+
puts headers.inspect
|
|
67
72
|
end
|
|
68
73
|
end
|
|
69
|
-
=end
|
|
70
74
|
|
|
71
75
|
context ".mogrify_preview_url" do
|
|
72
76
|
it "should works" do
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: qiniu
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 6.5.
|
|
4
|
+
version: 6.5.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- why404
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: bin
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2015-
|
|
12
|
+
date: 2015-09-24 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: rake
|