npm - @cloudbase/node-sdk - Versions diffs - 3.17.0 → 3.17.1-alpha.0 - Mend

@cloudbase/node-sdk 3.17.0 → 3.17.1-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/dist/auth/index.js +4 -0
package/dist/cloudbase.js +9 -36
package/dist/utils/tcbapirequester.js +11 -3
package/dist/utils/tcbcontext.js +1 -0
package/dist/utils/tcbopenapicommonrequester.js +25 -7
package/dist/utils/tcbopenapirequester.js +26 -5
package/dist/utils/utils.js +73 -1
package/package.json +1 -1
package/src/auth/index.ts +5 -1
package/src/cloudbase.ts +9 -38
package/src/utils/tcbapirequester.ts +11 -4
package/src/utils/tcbcontext.ts +1 -0
package/src/utils/tcbdbapirequester.ts +0 -1
package/src/utils/tcbopenapicommonrequester.ts +22 -8
package/src/utils/tcbopenapirequester.ts +24 -6
package/src/utils/utils.ts +62 -0
package/types/index.d.ts +1 -0

package/dist/auth/index.js CHANGED Viewed

@@ -135,6 +135,10 @@ class Auth {
         });
     }
     async getClientCredential(opts) {
+        // 如果有 accessKey 直接返回 accessKey，不用再去换取 token
+        if (this.cloudbase.config.accessKey) {
+            return this.cloudbase.config.accessKey;
+        }
         return await tcbopenapicommonrequester.request({
             config: this.cloudbase.config,
             method: 'POST',

package/dist/cloudbase.js CHANGED Viewed

@@ -22,17 +22,6 @@ var __importStar = (this && this.__importStar) || function (mod) {
     __setModuleDefault(result, mod);
     return result;
 };
-var __rest = (this && this.__rest) || function (s, e) {
-    var t = {};
-    for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
-        t[p] = s[p];
-    if (s != null && typeof Object.getOwnPropertySymbols === "function")
-        for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
-            if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
-                t[p[i]] = s[p[i]];
-        }
-    return t;
-};
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
@@ -49,14 +38,13 @@ const wx_1 = require("./wx");
 const analytics_1 = require("./analytics");
 const ai_1 = require("./ai");
 const logger_1 = require("./logger");
-const code_1 = require("./const/code");
-const utils = __importStar(require("./utils/utils"));
 const cloudplatform_1 = require("./utils/cloudplatform");
 const tcbcontext_1 = require("./utils/tcbcontext");
 const notification_1 = require("./notification");
 const openapicommonrequester = __importStar(require("./utils/tcbopenapicommonrequester"));
 const tcbopenapiendpoint_1 = require("./utils/tcbopenapiendpoint");
 const symbol_1 = require("./const/symbol");
+const utils_1 = require("./utils/utils");
 class CloudBase {
     static parseContext(context) {
         const parseResult = (0, tcbcontext_1.parseContext)(context);
@@ -70,33 +58,14 @@ class CloudBase {
         this.init(config);
     }
     init(config = {}) {
-        var _a, _b, _c, _d;
         // 预检运行环境，调用与否并不影响后续逻辑
         // 注意：该函数为异步函数，这里并不等待检查结果
         /* eslint-disable-next-line */
         (0, cloudplatform_1.preflightRuntimeCloudPlatform)();
-        const { debug, secretId, secretKey, sessionToken, env, timeout, headers = {} } = config, restConfig = __rest(config, ["debug", "secretId", "secretKey", "sessionToken", "env", "timeout", "headers"]);
-        if (('secretId' in config && !('secretKey' in config)) || (!('secretId' in config) && 'secretKey' in config)) {
-            throw utils.E(Object.assign(Object.assign({}, code_1.ERROR.INVALID_PARAM), { message: 'secretId and secretKey must be a pair' }));
-        }
-        const newConfig = Object.assign(Object.assign({}, restConfig), { debug: !!debug, secretId,
-            secretKey,
-            sessionToken,
-            env, envName: env, headers: Object.assign({}, headers), timeout: timeout || 15000 });
-        if ((_a = config.context) === null || _a === void 0 ? void 0 : _a.extendedContext) {
-            const extendedContext = config.context.extendedContext;
-            if (!newConfig.env) {
-                newConfig.env = extendedContext.envId;
-                newConfig.envName = newConfig.env;
-            }
-            // 从 context 中获取 secret
-            if (!newConfig.secretId && !newConfig.secretKey) {
-                newConfig.secretId = (_b = extendedContext === null || extendedContext === void 0 ? void 0 : extendedContext.tmpSecret) === null || _b === void 0 ? void 0 : _b.secretId;
-                newConfig.secretKey = (_c = extendedContext === null || extendedContext === void 0 ? void 0 : extendedContext.tmpSecret) === null || _c === void 0 ? void 0 : _c.secretKey;
-                newConfig.sessionToken = (_d = extendedContext === null || extendedContext === void 0 ? void 0 : extendedContext.tmpSecret) === null || _d === void 0 ? void 0 : _d.token;
-            }
-        }
-        this.config = newConfig;
+        // 所有的鉴权，参数塑形都在 normalizeConfig 中处理
+        // 后续其他模块获取 config 都通过 CloudBase 实例的 config 获取
+        // 禁止在业务模块中直接修改 config 配置
+        this.config = (0, utils_1.normalizeConfig)(config);
         this.extensionMap = new Map();
         // NOTE：try-catch 为防止 init 报错
         try {
@@ -112,6 +81,10 @@ class CloudBase {
                     method: (_a = options.method) === null || _a === void 0 ? void 0 : _a.toUpperCase(),
                     url: options.url,
                     headers: Object.assign({ 'Content-Type': 'application/json' }, headersInitToRecord(options.headers)),
+                    /**
+                     * 既然 openapicommonrequester.request 的参数里的 token 获取也是通过 openapicommonrequester.request 方法去获取的
+                     * 为什么不把这里的 token 去掉，全部放在 openapicommonrequester.request 中去统一处理 token 获取的逻辑
+                     */
                     token: (await this.auth().getClientCredential()).access_token
                 });
                 return result.body;

package/dist/utils/tcbapirequester.js CHANGED Viewed

@@ -127,9 +127,15 @@ class TcbApiHttpRequester {
         this.tracingInfo = (0, tracing_1.generateTracingInfo)((_b = (_a = args.config) === null || _a === void 0 ? void 0 : _a.context) === null || _b === void 0 ? void 0 : _b.eventID);
     }
     async request() {
-        await this.prepareCredentials();
+        // 如果没有配置 accessKey，则通过密钥获取签名，这里先检查密钥是否存在
+        if (!this.config.accessKey) {
+            // 检查密钥是否存在
+            await this.prepareCredentials();
+        }
         const params = await this.makeParams();
+        // console.log('params', params)
         const opts = this.makeReqOpts(params);
+        // console.log('opts', opts)
         const action = this.getAction();
         const key = {
             functions: 'function_name',
@@ -277,7 +283,7 @@ class TcbApiHttpRequester {
     getHeaders(method, url, params) {
         var _a;
         const config = this.config;
-        const { context, secretId, secretKey } = config;
+        const { context, secretId, secretKey, accessKey } = config;
         const args = this.args;
         const { TCB_SOURCE } = cloudbase_1.CloudBase.getCloudbaseContext();
         // Note: 云函数被调用时可能调用端未传递 SOURCE，TCB_SOURCE 可能为空
@@ -317,7 +323,8 @@ class TcbApiHttpRequester {
             timestamp: second() - 1
         });
         /* eslint-disable @typescript-eslint/dot-notation */
-        requiredHeaders['Authorization'] = authorization;
+        // 优先使用 accessKey，否则使用签名
+        requiredHeaders['Authorization'] = accessKey ? `Bearer ${accessKey}` : authorization;
         requiredHeaders['X-Signature-Expires'] = 600;
         requiredHeaders['X-Timestamp'] = timestamp;
         return Object.assign({}, requiredHeaders);
@@ -334,6 +341,7 @@ const handleWxOpenApiData = (res, err, response, body) => {
     return transformRes;
 };
 async function request(args) {
+    // console.log('args', args)
     if (typeof args.isInternal === 'undefined') {
         args.isInternal = await (0, cloudplatform_1.checkIsInternalAsync)();
     }

package/dist/utils/tcbcontext.js CHANGED Viewed

@@ -60,6 +60,7 @@ exports.parseContext = parseContext;
  * 获取当前函数内的所有环境变量(作为获取变量的统一方法，取值来源 process.env 和 context)
  */
 function getCloudbaseContext(context) {
+    // console.log('context', context)
     if ((0, cloudplatform_1.checkIsInScf)()) {
         // 云函数环境下，应该包含以下环境变量，如果没有，后续逻辑可能会有问题
         if (!process.env.TENCENTCLOUD_REGION) {

package/dist/utils/tcbopenapicommonrequester.js CHANGED Viewed

@@ -56,8 +56,13 @@ class TcbOpenApiHttpCommonRequester {
         this.tracingInfo = (0, tracing_1.generateTracingInfo)((_b = (_a = args.config) === null || _a === void 0 ? void 0 : _a.context) === null || _b === void 0 ? void 0 : _b.eventID);
     }
     async request() {
-        await this.prepareCredentials();
+        // 如果没有 accessKey，去检查密钥是否存在，有则直接使用
+        if (!this.config.accessKey) {
+            // 检查密钥是否存在
+            await this.prepareCredentials();
+        }
         const opts = this.makeReqOpts();
+        // console.log('opts', opts)
         const argopts = this.opts;
         const config = this.config;
         // 注意：必须初始化为 null
@@ -140,7 +145,7 @@ class TcbOpenApiHttpCommonRequester {
     buildHeaders(method, url) {
         var _a;
         const config = this.config;
-        const { context, secretId, secretKey, sessionToken } = config;
+        const { context, secretId, secretKey, sessionToken, accessKey } = config;
         const args = this.args;
         const { TCB_SOURCE } = cloudbase_1.CloudBase.getCloudbaseContext();
         // Note: 云函数被调用时可能调用端未传递 SOURCE，TCB_SOURCE 可能为空
@@ -181,12 +186,25 @@ class TcbOpenApiHttpCommonRequester {
             withSignedParams: false,
             isCloudApi: true
         });
+        // console.log('xxxx', authorization)
+        let token = '';
+        // 如果请求参数里面传了 token，优先使用 token
+        if (args.token) {
+            token = makeBearerToken(args.token);
+        }
+        else if (accessKey) {
+            // 如果配置了 API_KEY，优先使用 API_KEY
+            token = makeBearerToken(accessKey);
+        }
+        else if (typeof sessionToken === 'string' && sessionToken !== '') {
+            // 如果配置了 sessionToken，携带 sessionToken
+            token = `${authorization}, Timestamp=${timestamp}, Token=${sessionToken}`;
+        }
+        else {
+            token = `${authorization}, Timestamp=${timestamp}`;
+        }
         /* eslint-disable @typescript-eslint/dot-notation */
-        requiredHeaders['Authorization'] = args.token
-            ? makeBearerToken(args.token)
-            : typeof sessionToken === 'string' && sessionToken !== ''
-                ? `${authorization}, Timestamp=${timestamp}, Token=${sessionToken}`
-                : `${authorization}, Timestamp=${timestamp}`;
+        requiredHeaders['Authorization'] = token;
         return Object.assign({}, requiredHeaders);
     }
 }

package/dist/utils/tcbopenapirequester.js CHANGED Viewed

@@ -56,8 +56,11 @@ class TcbOpenApiHttpRequester {
         this.tracingInfo = (0, tracing_1.generateTracingInfo)((_b = (_a = args.config) === null || _a === void 0 ? void 0 : _a.context) === null || _b === void 0 ? void 0 : _b.eventID);
     }
     async request() {
-        await this.prepareCredentials();
+        if (!this.config.accessKey) {
+            await this.prepareCredentials();
+        }
         const opts = this.makeReqOpts();
+        // console.log('opts', opts)
         const argopts = this.opts;
         const config = this.config;
         // 注意：必须初始化为 null
@@ -140,7 +143,7 @@ class TcbOpenApiHttpRequester {
     buildHeaders(method, url) {
         var _a;
         const config = this.config;
-        const { context, secretId, secretKey, sessionToken } = config;
+        const { context, secretId, secretKey, sessionToken, accessKey } = config;
         const args = this.args;
         const { TCB_SOURCE } = cloudbase_1.CloudBase.getCloudbaseContext();
         // Note: 云函数被调用时可能调用端未传递 SOURCE，TCB_SOURCE 可能为空
@@ -186,10 +189,24 @@ class TcbOpenApiHttpRequester {
             withSignedParams: false,
             isCloudApi: true
         });
+        let token = '';
+        // 如果请求参数里面传了 token，优先使用 token
+        if (args.token) {
+            token = makeBearerToken(args.token);
+        }
+        else if (accessKey) {
+            // 如果配置了 API_KEY，优先使用 API_KEY
+            token = makeBearerToken(accessKey);
+        }
+        else if (typeof sessionToken === 'string' && sessionToken !== '') {
+            // 如果配置了 sessionToken，使用 sessionToken
+            token = `${authorization}, Timestamp=${timestamp}, Token=${sessionToken}`;
+        }
+        else {
+            token = `${authorization}, Timestamp=${timestamp}`;
+        }
         /* eslint-disable @typescript-eslint/dot-notation */
-        requiredHeaders['Authorization'] = typeof sessionToken === 'string' && sessionToken !== ''
-            ? `${authorization}, Timestamp=${timestamp}, Token=${sessionToken}`
-            : `${authorization}, Timestamp=${timestamp}`;
+        requiredHeaders['Authorization'] = token;
         return Object.assign({}, requiredHeaders);
     }
 }
@@ -204,3 +221,7 @@ async function request(args) {
     return await requester.request();
 }
 exports.request = request;
+function makeBearerToken(token) {
+    const trimmed = token.trim();
+    return trimmed.startsWith('Bearer ') ? trimmed : `Bearer ${trimmed}`;
+}

package/dist/utils/utils.js CHANGED Viewed

@@ -1,6 +1,31 @@
 "use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.isValidEnvFormat = exports.isPageModuleName = exports.processReturn = exports.setThrowOnCode = exports.second = exports.isNonEmptyString = exports.E = exports.filterUndefined = exports.filterValue = exports.isAppId = exports.TcbError = void 0;
+exports.normalizeConfig = exports.isValidEnvFormat = exports.isPageModuleName = exports.processReturn = exports.setThrowOnCode = exports.second = exports.isNonEmptyString = exports.E = exports.filterUndefined = exports.filterValue = exports.isAppId = exports.TcbError = void 0;
+const utils = __importStar(require("../utils/utils"));
+const code_1 = require("../const/code");
 class TcbError extends Error {
     constructor(error) {
         super(error.message);
@@ -72,3 +97,50 @@ function isValidEnvFormat(env = '') {
     return typeof env === 'string' && kEnvRuleReg.test(env);
 }
 exports.isValidEnvFormat = isValidEnvFormat;
+function normalizeConfig(config) {
+    var _a, _b, _c, _d;
+    const { debug = false, secretId, secretKey, env, timeout = 15000, headers = {}, accessKey } = config;
+    // 检查用户显示配置的 secretId 和 secretKey 是否成对出现，要么都有，要么都没有
+    if (!secretId !== !secretKey) {
+        throw utils.E(Object.assign(Object.assign({}, code_1.ERROR.INVALID_PARAM), { message: 'secretId and secretKey must be a pair' }));
+    }
+    const cloudbaseConfigBase = Object.assign(Object.assign({}, config), { debug,
+        // secretId,
+        // secretKey,
+        envName: env, headers: Object.assign({}, headers), // 结构用户传进来的 headers，防止用户修改原对象
+        timeout
+        // accessKey: accessKey || process.env.CLOUDBASE_APIKEY
+     });
+    const { TENCENTCLOUD_SECRETID, TENCENTCLOUD_SECRETKEY, TENCENTCLOUD_SESSIONTOKEN, CLOUDBASE_APIKEY } = process.env;
+    // 如果用户显示配置了accessKey，取用户显示配置的 accessKey,优先级最高
+    if (accessKey) {
+        return Object.assign(cloudbaseConfigBase, { secretId: undefined, secretKey: undefined, accessKey });
+    }
+    // 显示配置了 secretId, secretKey，取 secretId, secretKey
+    if (secretId && secretKey) {
+        return Object.assign(cloudbaseConfigBase, { secretId, secretKey, accessKey: undefined });
+    }
+    // 下面从环境变量取 secretId, secretKey, accessKey
+    if (CLOUDBASE_APIKEY) {
+        return Object.assign(cloudbaseConfigBase, { secretId: undefined, secretKey: undefined, accessKey: CLOUDBASE_APIKEY });
+    }
+    if (TENCENTCLOUD_SECRETID && TENCENTCLOUD_SECRETKEY) {
+        return Object.assign(cloudbaseConfigBase, { secretId: TENCENTCLOUD_SECRETID, secretKey: TENCENTCLOUD_SECRETKEY, sessionToken: TENCENTCLOUD_SESSIONTOKEN, accessKey: undefined });
+    }
+    if ((_a = config.context) === null || _a === void 0 ? void 0 : _a.extendedContext) {
+        const extendedContext = config.context.extendedContext;
+        if (!cloudbaseConfigBase.env) {
+            cloudbaseConfigBase.env = extendedContext.envId;
+            cloudbaseConfigBase.envName = extendedContext.envId;
+        }
+        // 从 context 中获取 secret
+        if (!cloudbaseConfigBase.secretId && !cloudbaseConfigBase.secretKey) {
+            cloudbaseConfigBase.secretId = (_b = extendedContext === null || extendedContext === void 0 ? void 0 : extendedContext.tmpSecret) === null || _b === void 0 ? void 0 : _b.secretId;
+            cloudbaseConfigBase.secretKey = (_c = extendedContext === null || extendedContext === void 0 ? void 0 : extendedContext.tmpSecret) === null || _c === void 0 ? void 0 : _c.secretKey;
+            cloudbaseConfigBase.sessionToken = (_d = extendedContext === null || extendedContext === void 0 ? void 0 : extendedContext.tmpSecret) === null || _d === void 0 ? void 0 : _d.token;
+        }
+    }
+    // 都没有配置，返回原始的配置
+    return cloudbaseConfigBase;
+}
+exports.normalizeConfig = normalizeConfig;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@cloudbase/node-sdk",
-  "version": "3.17.0",
+  "version": "3.17.1-alpha.0",
   "description": "tencent cloud base server sdk for node.js",
   "main": "dist/index.js",
   "typings": "types/index.d.ts",

package/src/auth/index.ts CHANGED Viewed

@@ -147,6 +147,10 @@ export class Auth {
   }
   public async getClientCredential(opts?: ICustomReqOpts): Promise<any> {
+    // 如果有 accessKey 直接返回 accessKey，不用再去换取 token
+    if (this.cloudbase.config.accessKey) {
+      return this.cloudbase.config.accessKey
+    }
     return await tcbopenapicommonrequester.request({
       config: this.cloudbase.config,
       method: 'POST',
@@ -183,7 +187,7 @@ export class Auth {
       throw E({
         ...ERROR.INVALID_PARAM,
         message:
-                    '当前私钥未包含env_id 信息， 请前往腾讯云云开发控制台，获取自定义登录最新私钥'
+          '当前私钥未包含env_id 信息， 请前往腾讯云云开发控制台，获取自定义登录最新私钥'
       })
     }

package/src/cloudbase.ts CHANGED Viewed

@@ -63,7 +63,7 @@ import { IFetchOptions } from '@cloudbase/adapter-interface'
 import { buildCommonOpenApiUrlWithPath } from './utils/tcbopenapiendpoint'
 import { SYMBOL_CURRENT_ENV } from './const/symbol'
 import { IncomingHttpHeaders } from 'http'
+import { normalizeConfig } from './utils/utils'
 export class CloudBase {
   public static scfContext: ISCFContext
@@ -100,43 +100,10 @@ export class CloudBase {
     /* eslint-disable-next-line */
     preflightRuntimeCloudPlatform()
-    const { debug, secretId, secretKey, sessionToken, env, timeout, headers = {}, ...restConfig } = config
-    if (('secretId' in config && !('secretKey' in config)) || (!('secretId' in config) && 'secretKey' in config)) {
-      throw utils.E({
-        ...ERROR.INVALID_PARAM,
-        message: 'secretId and secretKey must be a pair'
-      })
-    }
-    const newConfig: ICloudBaseConfig = {
-      ...restConfig,
-      debug: !!debug,
-      secretId,
-      secretKey,
-      sessionToken,
-      env,
-      envName: env,
-      headers: { ...headers },
-      timeout: timeout || 15000
-    }
-    if (config.context?.extendedContext) {
-      const extendedContext = config.context.extendedContext
-      if (!newConfig.env) {
-        newConfig.env = extendedContext.envId
-        newConfig.envName = newConfig.env
-      }
-      // 从 context 中获取 secret
-      if (!newConfig.secretId && !newConfig.secretKey) {
-        newConfig.secretId = extendedContext?.tmpSecret?.secretId
-        newConfig.secretKey = extendedContext?.tmpSecret?.secretKey
-        newConfig.sessionToken = extendedContext?.tmpSecret?.token
-      }
-    }
-    this.config = newConfig
+    // 所有的鉴权，参数塑形都在 normalizeConfig 中处理
+    // 后续其他模块获取 config 都通过 CloudBase 实例的 config 获取
+    // 禁止在业务模块中直接修改 config 配置
+    this.config = normalizeConfig(config)
     this.extensionMap = new Map()
     // NOTE：try-catch 为防止 init 报错
@@ -155,6 +122,10 @@ export class CloudBase {
             'Content-Type': 'application/json',
             ...headersInitToRecord(options.headers)
           },
+          /**
+           * 既然 openapicommonrequester.request 的参数里的 token 获取也是通过 openapicommonrequester.request 方法去获取的
+           * 为什么不把这里的 token 去掉，全部放在 openapicommonrequester.request 中去统一处理 token 获取的逻辑
+           */
           token: (await this.auth().getClientCredential()).access_token
         })
         return result.body

package/src/utils/tcbapirequester.ts CHANGED Viewed

@@ -147,10 +147,15 @@ export class TcbApiHttpRequester {
   }
   public async request(): Promise<any> {
-    await this.prepareCredentials()
+    // 如果没有配置 accessKey，则通过密钥获取签名，这里先检查密钥是否存在
+    if (!this.config.accessKey) {
+      // 检查密钥是否存在
+      await this.prepareCredentials()
+    }
     const params = await this.makeParams()
+    // console.log('params', params)
     const opts = this.makeReqOpts(params)
+    // console.log('opts', opts)
     const action = this.getAction()
     const key = {
       functions: 'function_name',
@@ -320,7 +325,7 @@ export class TcbApiHttpRequester {
   private getHeaders(method: string, url: string, params: any): any {
     const config = this.config
-    const { context, secretId, secretKey } = config
+    const { context, secretId, secretKey, accessKey } = config
     const args = this.args
     const { TCB_SOURCE } = CloudBase.getCloudbaseContext()
@@ -370,7 +375,8 @@ export class TcbApiHttpRequester {
     })
     /* eslint-disable @typescript-eslint/dot-notation */
-    requiredHeaders['Authorization'] = authorization
+    // 优先使用 accessKey，否则使用签名
+    requiredHeaders['Authorization'] = accessKey ? `Bearer ${accessKey}` : authorization
     requiredHeaders['X-Signature-Expires'] = 600
     requiredHeaders['X-Timestamp'] = timestamp
@@ -389,6 +395,7 @@ const handleWxOpenApiData = (res: any, err: any, response: any, body: any): any
 }
 export async function request(args: IRequestInfo): Promise<any> {
+  // console.log('args', args)
   if (typeof args.isInternal === 'undefined') {
     args.isInternal = await checkIsInternalAsync()
   }

package/src/utils/tcbcontext.ts CHANGED Viewed

@@ -76,6 +76,7 @@ export function parseContext(context: IContextParam): ISCFContext {
  * 获取当前函数内的所有环境变量(作为获取变量的统一方法，取值来源 process.env 和 context)
  */
 export function getCloudbaseContext(context?: IContextParam): ICompleteCloudbaseContext {
+  // console.log('context', context)
   if (checkIsInScf()) {
     // 云函数环境下，应该包含以下环境变量，如果没有，后续逻辑可能会有问题
     if (!process.env.TENCENTCLOUD_REGION) {

package/src/utils/tcbdbapirequester.ts CHANGED Viewed

@@ -17,7 +17,6 @@ export class TcbDBApiHttpRequester {
   public async send(api: string, data: any, opts?: ICustomReqOpts): Promise<any> {
     const { instance, database, ...config } = this.config
     const params = { ...data, action: api, instance, database }
     return await tcbapicaller.request({
       config,
       params,

package/src/utils/tcbopenapicommonrequester.ts CHANGED Viewed

@@ -54,9 +54,14 @@ export class TcbOpenApiHttpCommonRequester {
   }
   public async request() {
-    await this.prepareCredentials()
+    // 如果没有 accessKey，去检查密钥是否存在，有则直接使用
+    if (!this.config.accessKey) {
+      // 检查密钥是否存在
+      await this.prepareCredentials()
+    }
     const opts = this.makeReqOpts()
+    // console.log('opts', opts)
     const argopts: any = this.opts
     const config = this.config
@@ -144,7 +149,7 @@ export class TcbOpenApiHttpCommonRequester {
   private buildHeaders(method: string, url: string): any {
     const config = this.config
-    const { context, secretId, secretKey, sessionToken } = config
+    const { context, secretId, secretKey, sessionToken, accessKey } = config
     const args = this.args
     const { TCB_SOURCE } = CloudBase.getCloudbaseContext()
@@ -194,13 +199,22 @@ export class TcbOpenApiHttpCommonRequester {
       withSignedParams: false,
       isCloudApi: true
     })
+    // console.log('xxxx', authorization)
+    let token = ''
+    // 如果请求参数里面传了 token，优先使用 token
+    if (args.token) {
+      token = makeBearerToken(args.token)
+    } else if (accessKey) {
+      // 如果配置了 API_KEY，优先使用 API_KEY
+      token = makeBearerToken(accessKey)
+    } else if (typeof sessionToken === 'string' && sessionToken !== '') {
+      // 如果配置了 sessionToken，携带 sessionToken
+      token = `${authorization}, Timestamp=${timestamp}, Token=${sessionToken}`
+    } else {
+      token = `${authorization}, Timestamp=${timestamp}`
+    }
     /* eslint-disable @typescript-eslint/dot-notation */
-    requiredHeaders['Authorization'] = args.token
-      ? makeBearerToken(args.token)
-      : typeof sessionToken === 'string' && sessionToken !== ''
-        ? `${authorization}, Timestamp=${timestamp}, Token=${sessionToken}`
-        : `${authorization}, Timestamp=${timestamp}`
+    requiredHeaders['Authorization'] = token
     return { ...requiredHeaders }
   }

package/src/utils/tcbopenapirequester.ts CHANGED Viewed

@@ -30,6 +30,7 @@ export function getEnvIdFromContext(): string {
 type ICallContainerRequestInfo = Omit<IRequestInfo, 'params'> & {
   path: string
   data: any
+  token?: string
   cloudrun: {
     name: string
     // version: string
@@ -56,9 +57,12 @@ export class TcbOpenApiHttpRequester {
   }
   public async request(): Promise<any> {
-    await this.prepareCredentials()
+    if (!this.config.accessKey) {
+      await this.prepareCredentials()
+    }
     const opts = this.makeReqOpts()
+    // console.log('opts', opts)
     const argopts: any = this.opts
     const config = this.config
@@ -147,7 +151,7 @@ export class TcbOpenApiHttpRequester {
   private buildHeaders(method: string, url: string): any {
     const config = this.config
-    const { context, secretId, secretKey, sessionToken } = config
+    const { context, secretId, secretKey, sessionToken, accessKey } = config
     const args = this.args
     const { TCB_SOURCE } = CloudBase.getCloudbaseContext()
@@ -204,11 +208,21 @@ export class TcbOpenApiHttpRequester {
       withSignedParams: false,
       isCloudApi: true
     })
+    let token = ''
+    // 如果请求参数里面传了 token，优先使用 token
+    if (args.token) {
+      token = makeBearerToken(args.token)
+    } else if (accessKey) {
+      // 如果配置了 API_KEY，优先使用 API_KEY
+      token = makeBearerToken(accessKey)
+    } else if (typeof sessionToken === 'string' && sessionToken !== '') {
+      // 如果配置了 sessionToken，使用 sessionToken
+      token = `${authorization}, Timestamp=${timestamp}, Token=${sessionToken}`
+    } else {
+      token = `${authorization}, Timestamp=${timestamp}`
+    }
     /* eslint-disable @typescript-eslint/dot-notation */
-    requiredHeaders['Authorization'] = typeof sessionToken === 'string' && sessionToken !== ''
-      ? `${authorization}, Timestamp=${timestamp}, Token=${sessionToken}`
-      : `${authorization}, Timestamp=${timestamp}`
+    requiredHeaders['Authorization'] = token
     return { ...requiredHeaders }
   }
@@ -225,3 +239,7 @@ export async function request(args: ICallContainerRequestInfo & { path: string }
   return await requester.request()
 }
+function makeBearerToken(token: string): string {
+  const trimmed = token.trim()
+  return trimmed.startsWith('Bearer ') ? trimmed : `Bearer ${trimmed}`
+}

package/src/utils/utils.ts CHANGED Viewed

@@ -1,3 +1,7 @@
+import { ICloudBaseConfig } from '../../types'
+import * as utils from '../utils/utils'
+import { ERROR } from '../const/code'
 interface IErrorInfo {
   requestId?: string
   code?: string
@@ -81,3 +85,61 @@ const kEnvRuleReg = /^[a-z0-9_-]{1,40}$/
 export function isValidEnvFormat(env = '') {
   return typeof env === 'string' && kEnvRuleReg.test(env)
 }
+export function normalizeConfig(config: ICloudBaseConfig) {
+  const { debug = false, secretId, secretKey, env, timeout = 15000, headers = {}, accessKey } = config
+  // 检查用户显示配置的 secretId 和 secretKey 是否成对出现，要么都有，要么都没有
+  if (!secretId !== !secretKey) {
+    throw utils.E({
+      ...ERROR.INVALID_PARAM,
+      message: 'secretId and secretKey must be a pair'
+    })
+  }
+  const cloudbaseConfigBase: ICloudBaseConfig = {
+    ...config,
+    debug,
+    // secretId,
+    // secretKey,
+    envName: env,
+    headers: { ...headers }, // 结构用户传进来的 headers，防止用户修改原对象
+    timeout
+    // accessKey: accessKey || process.env.CLOUDBASE_APIKEY
+  }
+  const {
+    TENCENTCLOUD_SECRETID,
+    TENCENTCLOUD_SECRETKEY,
+    TENCENTCLOUD_SESSIONTOKEN,
+    CLOUDBASE_APIKEY
+  } = process.env
+  // 如果用户显示配置了accessKey，取用户显示配置的 accessKey,优先级最高
+  if (accessKey) {
+    return Object.assign(cloudbaseConfigBase, { secretId: undefined, secretKey: undefined, accessKey })
+  }
+  // 显示配置了 secretId, secretKey，取 secretId, secretKey
+  if (secretId && secretKey) {
+    return Object.assign(cloudbaseConfigBase, { secretId, secretKey, accessKey: undefined })
+  }
+  // 下面从环境变量取 secretId, secretKey, accessKey
+  if (CLOUDBASE_APIKEY) {
+    return Object.assign(cloudbaseConfigBase, { secretId: undefined, secretKey: undefined, accessKey: CLOUDBASE_APIKEY })
+  }
+  if (TENCENTCLOUD_SECRETID && TENCENTCLOUD_SECRETKEY) {
+    return Object.assign(cloudbaseConfigBase, { secretId: TENCENTCLOUD_SECRETID, secretKey: TENCENTCLOUD_SECRETKEY, sessionToken: TENCENTCLOUD_SESSIONTOKEN, accessKey: undefined })
+  }
+  if (config.context?.extendedContext) {
+    const extendedContext = config.context.extendedContext
+    if (!cloudbaseConfigBase.env) {
+      cloudbaseConfigBase.env = extendedContext.envId
+      cloudbaseConfigBase.envName = extendedContext.envId
+    }
+    // 从 context 中获取 secret
+    if (!cloudbaseConfigBase.secretId && !cloudbaseConfigBase.secretKey) {
+      cloudbaseConfigBase.secretId = extendedContext?.tmpSecret?.secretId
+      cloudbaseConfigBase.secretKey = extendedContext?.tmpSecret?.secretKey
+      cloudbaseConfigBase.sessionToken = extendedContext?.tmpSecret?.token
+    }
+  }
+  // 都没有配置，返回原始的配置
+  return cloudbaseConfigBase
+}

package/types/index.d.ts CHANGED Viewed

@@ -196,6 +196,7 @@ export interface ICloudBaseConfig extends IKeyValue {
   version?: string
   credentials?: ICredentialsInfo
   region?: string
+  accessKey?: string
   // @cloudbase/functions-framework 函数上下文，只要求部分字段
   context?: Readonly<{