@cloudbase/node-sdk 3.17.1 → 3.18.0

package/CHANGELOG.md

@@ -1,5 +1,29 @@
 # CHANGELOG
 
+## v3.18.0
+
+- [feat] 添加 API Key 授权支持
+
+## v3.17.0
+
+- [fix] 修复 wx request 响应类型问题
+- [feat] 支持自定义数据库
+
+## v3.16.0
+
+- [feat] 新增 AI 模块支持
+
+## v3.15.0
+
+- [feat] callContainer 支持更多请求方法
+- [feat] 添加 RDB 客户端支持
+
+## v3.14.0
+
+- [feat] 支持配置 region 参数以区分国内和国际区域
+- [feat] 添加 MySQL SDK 支持
+- [feat] 添加 callApis 方法
+
 ## v2.3.4
 
 - [bugfix] 修复geo centerSphere 兼容问题

package/dist/ai/index.js

@@ -0,0 +1,58 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createAI = void 0;
+const ai_1 = require("@cloudbase/ai");
+const request_adapter_1 = require("./request-adapter");
+const tcbopenapiendpoint_1 = require("../utils/tcbopenapiendpoint");
+const symbol_1 = require("../const/symbol");
+const openapicommonrequester = __importStar(require("../utils/tcbopenapicommonrequester"));
+const app_1 = require("@cloudbase/app");
+/**
+ * 创建 AI 实例
+ * @param cloudbase CloudBase 实例
+ * @returns AI 实例
+ */
+function createAI(cloudbase) {
+    const config = cloudbase.config;
+    // 获取环境 ID
+    const envId = config.envName === symbol_1.SYMBOL_CURRENT_ENV ? openapicommonrequester.getEnvIdFromContext() : config.envName;
+    // 构建 AI 基础 URL
+    const baseUrl = (0, tcbopenapiendpoint_1.buildCommonOpenApiUrlWithPath)({
+        serviceUrl: config.serviceUrl,
+        envId,
+        path: '/v1',
+        region: config.region
+    });
+    // 创建请求适配器
+    const requestAdapter = new request_adapter_1.AIRequestAdapter(config, async () => {
+        const credential = await cloudbase.auth().getClientCredential();
+        return credential.access_token;
+    });
+    // 创建 AI 实例
+    const ai = new ai_1.AI(requestAdapter, baseUrl, { t: (s) => s, lang: app_1.LANGS.ZH, LANG_HEADER_KEY: 'Accept-Language' });
+    return ai;
+}
+exports.createAI = createAI;

package/dist/ai/request-adapter.js

@@ -0,0 +1,259 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AIRequestAdapter = void 0;
+const openapicommonrequester = __importStar(require("../utils/tcbopenapicommonrequester"));
+const web_streams_polyfill_1 = require("web-streams-polyfill");
+const utils_1 = require("../utils/utils");
+class AIRequestAdapter {
+    constructor(config, getAccessToken) {
+        this.config = config;
+        this.getAccessToken = getAccessToken;
+    }
+    async fetch(options) {
+        var _a, _b;
+        const { url, stream = false, timeout, method = 'POST', headers, body } = options;
+        const headersObj = {};
+        if (isHeaders(headers)) {
+            headers.forEach((value, key) => {
+                headersObj[key] = value;
+            });
+        }
+        else if (Array.isArray(headers)) {
+            headers.forEach(([k, v]) => (headersObj[k] = v));
+        }
+        else {
+            Object.assign(headersObj, headers);
+        }
+        let parsedBody;
+        if (typeof body === 'string') {
+            try {
+                parsedBody = JSON.parse(body);
+            }
+            catch (_c) {
+                parsedBody = body;
+            }
+        }
+        else {
+            parsedBody = body;
+        }
+        const token = await this.getAccessToken();
+        const result = await openapicommonrequester.request({
+            config: this.config,
+            data: parsedBody,
+            method: (method === null || method === void 0 ? void 0 : method.toUpperCase()) || 'POST',
+            url,
+            headers: Object.assign({ 'Content-Type': 'application/json' }, headersObj),
+            token,
+            opts: {
+                timeout: timeout || this.config.timeout,
+                stream
+            }
+        });
+        const { body: bodyData, headers: responseHeaders, statusCode } = result;
+        if (statusCode < 200 || statusCode >= 300) {
+            let errorMessage = `Request failed with status code ${statusCode}`;
+            let errorCode = `${statusCode}`;
+            let requestId = '';
+            let errorBody = null;
+            if (typeof bodyData === 'string') {
+                errorBody = bodyData;
+            }
+            else if (Buffer.isBuffer(bodyData)) {
+                errorBody = bodyData.toString('utf-8');
+            }
+            else if (bodyData && typeof bodyData === 'object' && typeof bodyData.on === 'function') {
+                errorBody = await readStreamToString(bodyData);
+            }
+            if (errorBody) {
+                try {
+                    const errorData = JSON.parse(errorBody);
+                    if ((_a = errorData.error) === null || _a === void 0 ? void 0 : _a.message) {
+                        errorMessage = errorData.error.message;
+                    }
+                    else if (errorData.message) {
+                        errorMessage = errorData.message;
+                    }
+                    if ((_b = errorData.error) === null || _b === void 0 ? void 0 : _b.code) {
+                        errorCode = errorData.error.code;
+                    }
+                    else if (errorData.code) {
+                        errorCode = errorData.code;
+                    }
+                    if (errorData.requestId) {
+                        requestId = errorData.requestId;
+                    }
+                }
+                catch (_d) {
+                    errorMessage = errorBody || errorMessage;
+                }
+            }
+            // 从响应头中获取 requestId
+            if (!requestId && responseHeaders) {
+                const headerRequestId = responseHeaders['x-cloudbase-request-id'] || responseHeaders['x-request-id'] || '';
+                requestId = Array.isArray(headerRequestId) ? headerRequestId[0] : headerRequestId;
+            }
+            throw (0, utils_1.E)({
+                code: errorCode,
+                message: errorMessage,
+                requestId
+            });
+        }
+        if (stream) {
+            // 对于流式响应,将 Node.js 原生流转换为 Web ReadableStream
+            let readableStream;
+            if (bodyData && typeof bodyData === 'object' && 'on' in bodyData && typeof bodyData.on === 'function') {
+                const nodeStream = bodyData;
+                // Node 12 兼容: 使用标志位追踪 stream 状态,避免重复 close 导致异常
+                let streamClosed = false;
+                readableStream = new web_streams_polyfill_1.ReadableStream({
+                    start(controller) {
+                        nodeStream.on('data', (chunk) => {
+                            if (streamClosed)
+                                return;
+                            controller.enqueue(new Uint8Array(chunk));
+                        });
+                        nodeStream.on('end', () => {
+                            if (streamClosed)
+                                return;
+                            streamClosed = true;
+                            controller.close();
+                        });
+                        nodeStream.on('error', (err) => {
+                            if (streamClosed)
+                                return;
+                            streamClosed = true;
+                            controller.error(err);
+                        });
+                    },
+                    cancel() {
+                        streamClosed = true;
+                        nodeStream.destroy();
+                    }
+                });
+            }
+            else if (bodyData instanceof Buffer) {
+                readableStream = new web_streams_polyfill_1.ReadableStream({
+                    start(controller) {
+                        controller.enqueue(new Uint8Array(bodyData));
+                        controller.close();
+                    }
+                });
+            }
+            else if (typeof bodyData === 'string') {
+                const encoder = new TextEncoder();
+                readableStream = new web_streams_polyfill_1.ReadableStream({
+                    start(controller) {
+                        controller.enqueue(encoder.encode(bodyData));
+                        controller.close();
+                    }
+                });
+            }
+            else {
+                readableStream = new web_streams_polyfill_1.ReadableStream({
+                    start(controller) {
+                        controller.close();
+                    }
+                });
+            }
+            return {
+                data: readableStream,
+                statusCode,
+                header: responseHeaders
+            };
+        }
+        let responseData;
+        if (typeof bodyData === 'string') {
+            try {
+                responseData = JSON.parse(bodyData);
+            }
+            catch (_e) {
+                responseData = bodyData;
+            }
+        }
+        else if (bodyData instanceof Buffer) {
+            const bodyString = bodyData.toString('utf-8');
+            try {
+                responseData = JSON.parse(bodyString);
+            }
+            catch (_f) {
+                responseData = bodyString;
+            }
+        }
+        else {
+            responseData = bodyData;
+        }
+        return {
+            data: Promise.resolve(responseData),
+            statusCode,
+            header: responseHeaders
+        };
+    }
+    /**
+     * post 方法 - AI 模块可能不使用,但需要实现接口
+     */
+    async post() {
+        throw new Error('post method is not supported in AI module');
+    }
+    /**
+     * upload 方法 - AI 模块可能不使用,但需要实现接口
+     */
+    async upload() {
+        throw new Error('upload method is not supported in AI module');
+    }
+    /**
+     * download 方法 - AI 模块可能不使用,但需要实现接口
+     */
+    async download() {
+        throw new Error('download method is not supported in AI module');
+    }
+}
+exports.AIRequestAdapter = AIRequestAdapter;
+function isHeaders(h) {
+    try {
+        // Node.js 低版本可能没有 Headers
+        return h instanceof Headers;
+    }
+    catch (_) {
+        return false;
+    }
+}
+/**
+ * 从 Node.js 流中读取完整内容为字符串
+ */
+async function readStreamToString(stream) {
+    return await new Promise((resolve, reject) => {
+        const chunks = [];
+        stream.on('data', (chunk) => {
+            chunks.push(chunk);
+        });
+        stream.on('end', () => {
+            resolve(Buffer.concat(chunks).toString('utf-8'));
+        });
+        stream.on('error', (err) => {
+            reject(err);
+        });
+    });
+}

package/dist/auth/index.js

@@ -135,6 +135,10 @@ class Auth {
         });
     }
     async getClientCredential(opts) {
+        // 如果有 accessKey 直接返回 accessKey，不用再去换取 token
+        if (this.cloudbase.config.accessKey) {
+            return this.cloudbase.config.accessKey;
+        }
         return await tcbopenapicommonrequester.request({
             config: this.cloudbase.config,
             method: 'POST',

package/dist/cloudbase.js

@@ -22,17 +22,6 @@ var __importStar = (this && this.__importStar) || function (mod) {
     __setModuleDefault(result, mod);
     return result;
 };
-var __rest = (this && this.__rest) || function (s, e) {
-    var t = {};
-    for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
-        t[p] = s[p];
-    if (s != null && typeof Object.getOwnPropertySymbols === "function")
-        for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
-            if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
-                t[p[i]] = s[p[i]];
-        }
-    return t;
-};
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
@@ -49,14 +38,13 @@ const wx_1 = require("./wx");
 const analytics_1 = require("./analytics");
 const ai_1 = require("./ai");
 const logger_1 = require("./logger");
-const code_1 = require("./const/code");
-const utils = __importStar(require("./utils/utils"));
 const cloudplatform_1 = require("./utils/cloudplatform");
 const tcbcontext_1 = require("./utils/tcbcontext");
 const notification_1 = require("./notification");
 const openapicommonrequester = __importStar(require("./utils/tcbopenapicommonrequester"));
 const tcbopenapiendpoint_1 = require("./utils/tcbopenapiendpoint");
 const symbol_1 = require("./const/symbol");
+const utils_1 = require("./utils/utils");
 class CloudBase {
     static parseContext(context) {
         const parseResult = (0, tcbcontext_1.parseContext)(context);
@@ -70,33 +58,14 @@ class CloudBase {
         this.init(config);
     }
     init(config = {}) {
-        var _a, _b, _c, _d;
         // 预检运行环境，调用与否并不影响后续逻辑
         // 注意：该函数为异步函数，这里并不等待检查结果
         /* eslint-disable-next-line */
         (0, cloudplatform_1.preflightRuntimeCloudPlatform)();
-        const { debug, secretId, secretKey, sessionToken, env, timeout, headers = {} } = config, restConfig = __rest(config, ["debug", "secretId", "secretKey", "sessionToken", "env", "timeout", "headers"]);
-        if (('secretId' in config && !('secretKey' in config)) || (!('secretId' in config) && 'secretKey' in config)) {
-            throw utils.E(Object.assign(Object.assign({}, code_1.ERROR.INVALID_PARAM), { message: 'secretId and secretKey must be a pair' }));
-        }
-        const newConfig = Object.assign(Object.assign({}, restConfig), { debug: !!debug, secretId,
-            secretKey,
-            sessionToken,
-            env, envName: env, headers: Object.assign({}, headers), timeout: timeout || 15000 });
-        if ((_a = config.context) === null || _a === void 0 ? void 0 : _a.extendedContext) {
-            const extendedContext = config.context.extendedContext;
-            if (!newConfig.env) {
-                newConfig.env = extendedContext.envId;
-                newConfig.envName = newConfig.env;
-            }
-            // 从 context 中获取 secret
-            if (!newConfig.secretId && !newConfig.secretKey) {
-                newConfig.secretId = (_b = extendedContext === null || extendedContext === void 0 ? void 0 : extendedContext.tmpSecret) === null || _b === void 0 ? void 0 : _b.secretId;
-                newConfig.secretKey = (_c = extendedContext === null || extendedContext === void 0 ? void 0 : extendedContext.tmpSecret) === null || _c === void 0 ? void 0 : _c.secretKey;
-                newConfig.sessionToken = (_d = extendedContext === null || extendedContext === void 0 ? void 0 : extendedContext.tmpSecret) === null || _d === void 0 ? void 0 : _d.token;
-            }
-        }
-        this.config = newConfig;
+        // 所有的鉴权，参数塑形都在 normalizeConfig 中处理
+        // 后续其他模块获取 config 都通过 CloudBase 实例的 config 获取
+        // 禁止在业务模块中直接修改 config 配置
+        this.config = (0, utils_1.normalizeConfig)(config);
         this.extensionMap = new Map();
         // NOTE：try-catch 为防止 init 报错
         try {
@@ -112,6 +81,10 @@ class CloudBase {
                     method: (_a = options.method) === null || _a === void 0 ? void 0 : _a.toUpperCase(),
                     url: options.url,
                     headers: Object.assign({ 'Content-Type': 'application/json' }, headersInitToRecord(options.headers)),
+                    /**
+                     * 既然 openapicommonrequester.request 的参数里的 token 获取也是通过 openapicommonrequester.request 方法去获取的
+                     * 为什么不把这里的 token 去掉，全部放在 openapicommonrequester.request 中去统一处理 token 获取的逻辑
+                     */
                     token: (await this.auth().getClientCredential()).access_token
                 });
                 return result.body;

package/dist/utils/tcbapirequester.js

@@ -127,9 +127,15 @@ class TcbApiHttpRequester {
         this.tracingInfo = (0, tracing_1.generateTracingInfo)((_b = (_a = args.config) === null || _a === void 0 ? void 0 : _a.context) === null || _b === void 0 ? void 0 : _b.eventID);
     }
     async request() {
-        await this.prepareCredentials();
+        // 如果没有配置 accessKey，则通过密钥获取签名，这里先检查密钥是否存在
+        if (!this.config.accessKey) {
+            // 检查密钥是否存在
+            await this.prepareCredentials();
+        }
         const params = await this.makeParams();
+        // console.log('params', params)
         const opts = this.makeReqOpts(params);
+        // console.log('opts', opts)
         const action = this.getAction();
         const key = {
             functions: 'function_name',
@@ -278,7 +284,7 @@ class TcbApiHttpRequester {
     getHeaders(method, url, params) {
         var _a;
         const config = this.config;
-        const { context, secretId, secretKey } = config;
+        const { context, secretId, secretKey, accessKey } = config;
         const args = this.args;
         const { TCB_SOURCE } = cloudbase_1.CloudBase.getCloudbaseContext();
         // Note: 云函数被调用时可能调用端未传递 SOURCE，TCB_SOURCE 可能为空
@@ -318,7 +324,8 @@ class TcbApiHttpRequester {
             timestamp: second() - 1
         });
         /* eslint-disable @typescript-eslint/dot-notation */
-        requiredHeaders['Authorization'] = authorization;
+        // 优先使用 accessKey，否则使用签名
+        requiredHeaders['Authorization'] = accessKey ? `Bearer ${accessKey}` : authorization;
         requiredHeaders['X-Signature-Expires'] = 600;
         requiredHeaders['X-Timestamp'] = timestamp;
         return Object.assign({}, requiredHeaders);
@@ -335,6 +342,7 @@ const handleWxOpenApiData = (res, err, response, body) => {
     return transformRes;
 };
 async function request(args) {
+    // console.log('args', args)
     if (typeof args.isInternal === 'undefined') {
         args.isInternal = await (0, cloudplatform_1.checkIsInternalAsync)();
     }

package/dist/utils/tcbcontext.js

@@ -60,6 +60,7 @@ exports.parseContext = parseContext;
  * 获取当前函数内的所有环境变量(作为获取变量的统一方法，取值来源 process.env 和 context)
  */
 function getCloudbaseContext(context) {
+    // console.log('context', context)
     if ((0, cloudplatform_1.checkIsInScf)()) {
         // 云函数环境下，应该包含以下环境变量，如果没有，后续逻辑可能会有问题
         if (!process.env.TENCENTCLOUD_REGION) {

package/dist/utils/tcbopenapicommonrequester.js

@@ -56,8 +56,13 @@ class TcbOpenApiHttpCommonRequester {
         this.tracingInfo = (0, tracing_1.generateTracingInfo)((_b = (_a = args.config) === null || _a === void 0 ? void 0 : _a.context) === null || _b === void 0 ? void 0 : _b.eventID);
     }
     async request() {
-        await this.prepareCredentials();
+        // 如果没有 accessKey，去检查密钥是否存在，有则直接使用
+        if (!this.config.accessKey) {
+            // 检查密钥是否存在
+            await this.prepareCredentials();
+        }
         const opts = this.makeReqOpts();
+        // console.log('opts', opts)
         const argopts = this.opts;
         const config = this.config;
         // 注意：必须初始化为 null
@@ -140,7 +145,7 @@ class TcbOpenApiHttpCommonRequester {
     buildHeaders(method, url) {
         var _a;
         const config = this.config;
-        const { context, secretId, secretKey, sessionToken } = config;
+        const { context, secretId, secretKey, sessionToken, accessKey } = config;
         const args = this.args;
         const { TCB_SOURCE } = cloudbase_1.CloudBase.getCloudbaseContext();
         // Note: 云函数被调用时可能调用端未传递 SOURCE，TCB_SOURCE 可能为空
@@ -181,12 +186,25 @@ class TcbOpenApiHttpCommonRequester {
             withSignedParams: false,
             isCloudApi: true
         });
+        // console.log('xxxx', authorization)
+        let token = '';
+        // 如果请求参数里面传了 token，优先使用 token
+        if (args.token) {
+            token = makeBearerToken(args.token);
+        }
+        else if (accessKey) {
+            // 如果配置了 API_KEY，优先使用 API_KEY
+            token = makeBearerToken(accessKey);
+        }
+        else if (typeof sessionToken === 'string' && sessionToken !== '') {
+            // 如果配置了 sessionToken，携带 sessionToken
+            token = `${authorization}, Timestamp=${timestamp}, Token=${sessionToken}`;
+        }
+        else {
+            token = `${authorization}, Timestamp=${timestamp}`;
+        }
         /* eslint-disable @typescript-eslint/dot-notation */
-        requiredHeaders['Authorization'] = args.token
-            ? makeBearerToken(args.token)
-            : typeof sessionToken === 'string' && sessionToken !== ''
-                ? `${authorization}, Timestamp=${timestamp}, Token=${sessionToken}`
-                : `${authorization}, Timestamp=${timestamp}`;
+        requiredHeaders['Authorization'] = token;
         return Object.assign({}, requiredHeaders);
     }
 }

package/dist/utils/tcbopenapirequester.js

@@ -56,8 +56,11 @@ class TcbOpenApiHttpRequester {
         this.tracingInfo = (0, tracing_1.generateTracingInfo)((_b = (_a = args.config) === null || _a === void 0 ? void 0 : _a.context) === null || _b === void 0 ? void 0 : _b.eventID);
     }
     async request() {
-        await this.prepareCredentials();
+        if (!this.config.accessKey) {
+            await this.prepareCredentials();
+        }
         const opts = this.makeReqOpts();
+        // console.log('opts', opts)
         const argopts = this.opts;
         const config = this.config;
         // 注意：必须初始化为 null
@@ -140,7 +143,7 @@ class TcbOpenApiHttpRequester {
     buildHeaders(method, url) {
         var _a;
         const config = this.config;
-        const { context, secretId, secretKey, sessionToken } = config;
+        const { context, secretId, secretKey, sessionToken, accessKey } = config;
         const args = this.args;
         const { TCB_SOURCE } = cloudbase_1.CloudBase.getCloudbaseContext();
         // Note: 云函数被调用时可能调用端未传递 SOURCE，TCB_SOURCE 可能为空
@@ -186,10 +189,24 @@ class TcbOpenApiHttpRequester {
             withSignedParams: false,
             isCloudApi: true
         });
+        let token = '';
+        // 如果请求参数里面传了 token，优先使用 token
+        if (args.token) {
+            token = makeBearerToken(args.token);
+        }
+        else if (accessKey) {
+            // 如果配置了 API_KEY，优先使用 API_KEY
+            token = makeBearerToken(accessKey);
+        }
+        else if (typeof sessionToken === 'string' && sessionToken !== '') {
+            // 如果配置了 sessionToken，使用 sessionToken
+            token = `${authorization}, Timestamp=${timestamp}, Token=${sessionToken}`;
+        }
+        else {
+            token = `${authorization}, Timestamp=${timestamp}`;
+        }
         /* eslint-disable @typescript-eslint/dot-notation */
-        requiredHeaders['Authorization'] = typeof sessionToken === 'string' && sessionToken !== ''
-            ? `${authorization}, Timestamp=${timestamp}, Token=${sessionToken}`
-            : `${authorization}, Timestamp=${timestamp}`;
+        requiredHeaders['Authorization'] = token;
         return Object.assign({}, requiredHeaders);
     }
 }
@@ -204,3 +221,7 @@ async function request(args) {
     return await requester.request();
 }
 exports.request = request;
+function makeBearerToken(token) {
+    const trimmed = token.trim();
+    return trimmed.startsWith('Bearer ') ? trimmed : `Bearer ${trimmed}`;
+}

package/dist/utils/utils.js

@@ -1,6 +1,31 @@
 "use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.isValidEnvFormat = exports.isPageModuleName = exports.processReturn = exports.setThrowOnCode = exports.second = exports.isNonEmptyString = exports.E = exports.filterUndefined = exports.filterValue = exports.isAppId = exports.TcbError = void 0;
+exports.normalizeConfig = exports.isValidEnvFormat = exports.isPageModuleName = exports.processReturn = exports.setThrowOnCode = exports.second = exports.isNonEmptyString = exports.E = exports.filterUndefined = exports.filterValue = exports.isAppId = exports.TcbError = void 0;
+const utils = __importStar(require("../utils/utils"));
+const code_1 = require("../const/code");
 class TcbError extends Error {
     constructor(error) {
         super(error.message);
@@ -72,3 +97,50 @@ function isValidEnvFormat(env = '') {
     return typeof env === 'string' && kEnvRuleReg.test(env);
 }
 exports.isValidEnvFormat = isValidEnvFormat;
+function normalizeConfig(config) {
+    var _a, _b, _c, _d;
+    const { debug = false, secretId, secretKey, env, timeout = 15000, headers = {}, accessKey } = config;
+    // 检查用户显示配置的 secretId 和 secretKey 是否成对出现，要么都有，要么都没有
+    if (!secretId !== !secretKey) {
+        throw utils.E(Object.assign(Object.assign({}, code_1.ERROR.INVALID_PARAM), { message: 'secretId and secretKey must be a pair' }));
+    }
+    const cloudbaseConfigBase = Object.assign(Object.assign({}, config), { debug, 
+        // secretId,
+        // secretKey,
+        envName: env, headers: Object.assign({}, headers), // 结构用户传进来的 headers，防止用户修改原对象
+        timeout
+        // accessKey: accessKey || process.env.CLOUDBASE_APIKEY
+     });
+    const { TENCENTCLOUD_SECRETID, TENCENTCLOUD_SECRETKEY, TENCENTCLOUD_SESSIONTOKEN, CLOUDBASE_APIKEY } = process.env;
+    // 如果用户显示配置了accessKey，取用户显示配置的 accessKey,优先级最高
+    if (accessKey) {
+        return Object.assign(cloudbaseConfigBase, { secretId: undefined, secretKey: undefined, accessKey });
+    }
+    // 显示配置了 secretId, secretKey，取 secretId, secretKey
+    if (secretId && secretKey) {
+        return Object.assign(cloudbaseConfigBase, { secretId, secretKey, accessKey: undefined });
+    }
+    // 下面从环境变量取 secretId, secretKey, accessKey
+    if (CLOUDBASE_APIKEY) {
+        return Object.assign(cloudbaseConfigBase, { secretId: undefined, secretKey: undefined, accessKey: CLOUDBASE_APIKEY });
+    }
+    if (TENCENTCLOUD_SECRETID && TENCENTCLOUD_SECRETKEY) {
+        return Object.assign(cloudbaseConfigBase, { secretId: TENCENTCLOUD_SECRETID, secretKey: TENCENTCLOUD_SECRETKEY, sessionToken: TENCENTCLOUD_SESSIONTOKEN, accessKey: undefined });
+    }
+    if ((_a = config.context) === null || _a === void 0 ? void 0 : _a.extendedContext) {
+        const extendedContext = config.context.extendedContext;
+        if (!cloudbaseConfigBase.env) {
+            cloudbaseConfigBase.env = extendedContext.envId;
+            cloudbaseConfigBase.envName = extendedContext.envId;
+        }
+        // 从 context 中获取 secret
+        if (!cloudbaseConfigBase.secretId && !cloudbaseConfigBase.secretKey) {
+            cloudbaseConfigBase.secretId = (_b = extendedContext === null || extendedContext === void 0 ? void 0 : extendedContext.tmpSecret) === null || _b === void 0 ? void 0 : _b.secretId;
+            cloudbaseConfigBase.secretKey = (_c = extendedContext === null || extendedContext === void 0 ? void 0 : extendedContext.tmpSecret) === null || _c === void 0 ? void 0 : _c.secretKey;
+            cloudbaseConfigBase.sessionToken = (_d = extendedContext === null || extendedContext === void 0 ? void 0 : extendedContext.tmpSecret) === null || _d === void 0 ? void 0 : _d.token;
+        }
+    }
+    // 都没有配置，返回原始的配置
+    return cloudbaseConfigBase;
+}
+exports.normalizeConfig = normalizeConfig;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@cloudbase/node-sdk",
-  "version": "3.17.1",
+  "version": "3.18.0",
   "description": "tencent cloud base server sdk for node.js",
   "main": "dist/index.js",
   "typings": "types/index.d.ts",

package/src/auth/index.ts

@@ -147,6 +147,10 @@ export class Auth {
   }
 
   public async getClientCredential(opts?: ICustomReqOpts): Promise<any> {
+    // 如果有 accessKey 直接返回 accessKey，不用再去换取 token
+    if (this.cloudbase.config.accessKey) {
+      return this.cloudbase.config.accessKey
+    }
     return await tcbopenapicommonrequester.request({
       config: this.cloudbase.config,
       method: 'POST',
@@ -183,7 +187,7 @@ export class Auth {
       throw E({
         ...ERROR.INVALID_PARAM,
         message:
-                    '当前私钥未包含env_id 信息， 请前往腾讯云云开发控制台，获取自定义登录最新私钥'
+          '当前私钥未包含env_id 信息， 请前往腾讯云云开发控制台，获取自定义登录最新私钥'
       })
     }
 

package/src/cloudbase.ts

@@ -63,7 +63,7 @@ import { IFetchOptions } from '@cloudbase/adapter-interface'
 import { buildCommonOpenApiUrlWithPath } from './utils/tcbopenapiendpoint'
 import { SYMBOL_CURRENT_ENV } from './const/symbol'
 import { IncomingHttpHeaders } from 'http'
-
+import { normalizeConfig } from './utils/utils'
 export class CloudBase {
   public static scfContext: ISCFContext
 
@@ -100,43 +100,10 @@ export class CloudBase {
     /* eslint-disable-next-line */
     preflightRuntimeCloudPlatform()
 
-    const { debug, secretId, secretKey, sessionToken, env, timeout, headers = {}, ...restConfig } = config
-
-    if (('secretId' in config && !('secretKey' in config)) || (!('secretId' in config) && 'secretKey' in config)) {
-      throw utils.E({
-        ...ERROR.INVALID_PARAM,
-        message: 'secretId and secretKey must be a pair'
-      })
-    }
-
-    const newConfig: ICloudBaseConfig = {
-      ...restConfig,
-      debug: !!debug,
-      secretId,
-      secretKey,
-      sessionToken,
-      env,
-      envName: env,
-      headers: { ...headers },
-      timeout: timeout || 15000
-    }
-
-    if (config.context?.extendedContext) {
-      const extendedContext = config.context.extendedContext
-      if (!newConfig.env) {
-        newConfig.env = extendedContext.envId
-        newConfig.envName = newConfig.env
-      }
-
-      // 从 context 中获取 secret
-      if (!newConfig.secretId && !newConfig.secretKey) {
-        newConfig.secretId = extendedContext?.tmpSecret?.secretId
-        newConfig.secretKey = extendedContext?.tmpSecret?.secretKey
-        newConfig.sessionToken = extendedContext?.tmpSecret?.token
-      }
-    }
-
-    this.config = newConfig
+    // 所有的鉴权，参数塑形都在 normalizeConfig 中处理
+    // 后续其他模块获取 config 都通过 CloudBase 实例的 config 获取
+    // 禁止在业务模块中直接修改 config 配置
+    this.config = normalizeConfig(config)
     this.extensionMap = new Map()
 
     // NOTE：try-catch 为防止 init 报错
@@ -155,6 +122,10 @@ export class CloudBase {
             'Content-Type': 'application/json',
             ...headersInitToRecord(options.headers)
           },
+          /**
+           * 既然 openapicommonrequester.request 的参数里的 token 获取也是通过 openapicommonrequester.request 方法去获取的
+           * 为什么不把这里的 token 去掉，全部放在 openapicommonrequester.request 中去统一处理 token 获取的逻辑
+           */
           token: (await this.auth().getClientCredential()).access_token
         })
         return result.body

package/src/utils/tcbapirequester.ts

@@ -147,10 +147,15 @@ export class TcbApiHttpRequester {
   }
 
   public async request(): Promise<any> {
-    await this.prepareCredentials()
+    // 如果没有配置 accessKey，则通过密钥获取签名，这里先检查密钥是否存在
+    if (!this.config.accessKey) {
+      // 检查密钥是否存在
+      await this.prepareCredentials()
+    }
     const params = await this.makeParams()
-
+    // console.log('params', params)
     const opts = this.makeReqOpts(params)
+    // console.log('opts', opts)
     const action = this.getAction()
     const key = {
       functions: 'function_name',
@@ -321,7 +326,7 @@ export class TcbApiHttpRequester {
 
   private getHeaders(method: string, url: string, params: any): any {
     const config = this.config
-    const { context, secretId, secretKey } = config
+    const { context, secretId, secretKey, accessKey } = config
     const args = this.args
 
     const { TCB_SOURCE } = CloudBase.getCloudbaseContext()
@@ -371,7 +376,8 @@ export class TcbApiHttpRequester {
     })
 
     /* eslint-disable @typescript-eslint/dot-notation */
-    requiredHeaders['Authorization'] = authorization
+    // 优先使用 accessKey，否则使用签名
+    requiredHeaders['Authorization'] = accessKey ? `Bearer ${accessKey}` : authorization
     requiredHeaders['X-Signature-Expires'] = 600
     requiredHeaders['X-Timestamp'] = timestamp
 
@@ -390,6 +396,7 @@ const handleWxOpenApiData = (res: any, err: any, response: any, body: any): any
 }
 
 export async function request(args: IRequestInfo): Promise<any> {
+  // console.log('args', args)
   if (typeof args.isInternal === 'undefined') {
     args.isInternal = await checkIsInternalAsync()
   }

package/src/utils/tcbcontext.ts

@@ -76,6 +76,7 @@ export function parseContext(context: IContextParam): ISCFContext {
  * 获取当前函数内的所有环境变量(作为获取变量的统一方法，取值来源 process.env 和 context)
  */
 export function getCloudbaseContext(context?: IContextParam): ICompleteCloudbaseContext {
+  // console.log('context', context)
   if (checkIsInScf()) {
     // 云函数环境下，应该包含以下环境变量，如果没有，后续逻辑可能会有问题
     if (!process.env.TENCENTCLOUD_REGION) {

package/src/utils/tcbdbapirequester.ts

@@ -17,7 +17,6 @@ export class TcbDBApiHttpRequester {
   public async send(api: string, data: any, opts?: ICustomReqOpts): Promise<any> {
     const { instance, database, ...config } = this.config
     const params = { ...data, action: api, instance, database }
-
     return await tcbapicaller.request({
       config,
       params,

package/src/utils/tcbopenapicommonrequester.ts

@@ -54,9 +54,14 @@ export class TcbOpenApiHttpCommonRequester {
   }
 
   public async request() {
-    await this.prepareCredentials()
+    // 如果没有 accessKey，去检查密钥是否存在，有则直接使用
+    if (!this.config.accessKey) {
+      // 检查密钥是否存在
+      await this.prepareCredentials()
+    }
 
     const opts = this.makeReqOpts()
+    // console.log('opts', opts)
 
     const argopts: any = this.opts
     const config = this.config
@@ -144,7 +149,7 @@ export class TcbOpenApiHttpCommonRequester {
 
   private buildHeaders(method: string, url: string): any {
     const config = this.config
-    const { context, secretId, secretKey, sessionToken } = config
+    const { context, secretId, secretKey, sessionToken, accessKey } = config
     const args = this.args
 
     const { TCB_SOURCE } = CloudBase.getCloudbaseContext()
@@ -194,13 +199,22 @@ export class TcbOpenApiHttpCommonRequester {
       withSignedParams: false,
       isCloudApi: true
     })
-
+    // console.log('xxxx', authorization)
+    let token = ''
+    // 如果请求参数里面传了 token，优先使用 token
+    if (args.token) {
+      token = makeBearerToken(args.token)
+    } else if (accessKey) {
+      // 如果配置了 API_KEY，优先使用 API_KEY
+      token = makeBearerToken(accessKey)
+    } else if (typeof sessionToken === 'string' && sessionToken !== '') {
+      // 如果配置了 sessionToken，携带 sessionToken
+      token = `${authorization}, Timestamp=${timestamp}, Token=${sessionToken}`
+    } else {
+      token = `${authorization}, Timestamp=${timestamp}`
+    }
     /* eslint-disable @typescript-eslint/dot-notation */
-    requiredHeaders['Authorization'] = args.token
-      ? makeBearerToken(args.token)
-      : typeof sessionToken === 'string' && sessionToken !== ''
-        ? `${authorization}, Timestamp=${timestamp}, Token=${sessionToken}`
-        : `${authorization}, Timestamp=${timestamp}`
+    requiredHeaders['Authorization'] = token
 
     return { ...requiredHeaders }
   }

package/src/utils/tcbopenapirequester.ts

@@ -30,6 +30,7 @@ export function getEnvIdFromContext(): string {
 type ICallContainerRequestInfo = Omit<IRequestInfo, 'params'> & {
   path: string
   data: any
+  token?: string
   cloudrun: {
     name: string
     // version: string
@@ -56,9 +57,12 @@ export class TcbOpenApiHttpRequester {
   }
 
   public async request(): Promise<any> {
-    await this.prepareCredentials()
+    if (!this.config.accessKey) {
+      await this.prepareCredentials()
+    }
 
     const opts = this.makeReqOpts()
+    // console.log('opts', opts)
 
     const argopts: any = this.opts
     const config = this.config
@@ -147,7 +151,7 @@ export class TcbOpenApiHttpRequester {
 
   private buildHeaders(method: string, url: string): any {
     const config = this.config
-    const { context, secretId, secretKey, sessionToken } = config
+    const { context, secretId, secretKey, sessionToken, accessKey } = config
     const args = this.args
 
     const { TCB_SOURCE } = CloudBase.getCloudbaseContext()
@@ -204,11 +208,21 @@ export class TcbOpenApiHttpRequester {
       withSignedParams: false,
       isCloudApi: true
     })
-
+    let token = ''
+    // 如果请求参数里面传了 token，优先使用 token
+    if (args.token) {
+      token = makeBearerToken(args.token)
+    } else if (accessKey) {
+      // 如果配置了 API_KEY，优先使用 API_KEY
+      token = makeBearerToken(accessKey)
+    } else if (typeof sessionToken === 'string' && sessionToken !== '') {
+      // 如果配置了 sessionToken，使用 sessionToken
+      token = `${authorization}, Timestamp=${timestamp}, Token=${sessionToken}`
+    } else {
+      token = `${authorization}, Timestamp=${timestamp}`
+    }
     /* eslint-disable @typescript-eslint/dot-notation */
-    requiredHeaders['Authorization'] = typeof sessionToken === 'string' && sessionToken !== ''
-      ? `${authorization}, Timestamp=${timestamp}, Token=${sessionToken}`
-      : `${authorization}, Timestamp=${timestamp}`
+    requiredHeaders['Authorization'] = token
 
     return { ...requiredHeaders }
   }
@@ -225,3 +239,7 @@ export async function request(args: ICallContainerRequestInfo & { path: string }
 
   return await requester.request()
 }
+function makeBearerToken(token: string): string {
+  const trimmed = token.trim()
+  return trimmed.startsWith('Bearer ') ? trimmed : `Bearer ${trimmed}`
+}

package/src/utils/utils.ts

@@ -1,3 +1,7 @@
+import { ICloudBaseConfig } from '../../types'
+import * as utils from '../utils/utils'
+import { ERROR } from '../const/code'
+
 interface IErrorInfo {
   requestId?: string
   code?: string
@@ -81,3 +85,61 @@ const kEnvRuleReg = /^[a-z0-9_-]{1,40}$/
 export function isValidEnvFormat(env = '') {
   return typeof env === 'string' && kEnvRuleReg.test(env)
 }
+export function normalizeConfig(config: ICloudBaseConfig) {
+  const { debug = false, secretId, secretKey, env, timeout = 15000, headers = {}, accessKey } = config
+
+  // 检查用户显示配置的 secretId 和 secretKey 是否成对出现，要么都有，要么都没有
+  if (!secretId !== !secretKey) {
+    throw utils.E({
+      ...ERROR.INVALID_PARAM,
+      message: 'secretId and secretKey must be a pair'
+    })
+  }
+  const cloudbaseConfigBase: ICloudBaseConfig = {
+    ...config,
+    debug,
+    // secretId,
+    // secretKey,
+    envName: env,
+    headers: { ...headers }, // 结构用户传进来的 headers，防止用户修改原对象
+    timeout
+    // accessKey: accessKey || process.env.CLOUDBASE_APIKEY
+  }
+  const {
+    TENCENTCLOUD_SECRETID,
+    TENCENTCLOUD_SECRETKEY,
+    TENCENTCLOUD_SESSIONTOKEN,
+    CLOUDBASE_APIKEY
+  } = process.env
+  // 如果用户显示配置了accessKey，取用户显示配置的 accessKey,优先级最高
+  if (accessKey) {
+    return Object.assign(cloudbaseConfigBase, { secretId: undefined, secretKey: undefined, accessKey })
+  }
+  // 显示配置了 secretId, secretKey，取 secretId, secretKey
+  if (secretId && secretKey) {
+    return Object.assign(cloudbaseConfigBase, { secretId, secretKey, accessKey: undefined })
+  }
+  // 下面从环境变量取 secretId, secretKey, accessKey
+  if (CLOUDBASE_APIKEY) {
+    return Object.assign(cloudbaseConfigBase, { secretId: undefined, secretKey: undefined, accessKey: CLOUDBASE_APIKEY })
+  }
+  if (TENCENTCLOUD_SECRETID && TENCENTCLOUD_SECRETKEY) {
+    return Object.assign(cloudbaseConfigBase, { secretId: TENCENTCLOUD_SECRETID, secretKey: TENCENTCLOUD_SECRETKEY, sessionToken: TENCENTCLOUD_SESSIONTOKEN, accessKey: undefined })
+  }
+  if (config.context?.extendedContext) {
+    const extendedContext = config.context.extendedContext
+    if (!cloudbaseConfigBase.env) {
+      cloudbaseConfigBase.env = extendedContext.envId
+      cloudbaseConfigBase.envName = extendedContext.envId
+    }
+
+    // 从 context 中获取 secret
+    if (!cloudbaseConfigBase.secretId && !cloudbaseConfigBase.secretKey) {
+      cloudbaseConfigBase.secretId = extendedContext?.tmpSecret?.secretId
+      cloudbaseConfigBase.secretKey = extendedContext?.tmpSecret?.secretKey
+      cloudbaseConfigBase.sessionToken = extendedContext?.tmpSecret?.token
+    }
+  }
+  // 都没有配置，返回原始的配置
+  return cloudbaseConfigBase
+}

package/types/index.d.ts

@@ -197,6 +197,7 @@ export interface ICloudBaseConfig extends IKeyValue {
   version?: string
   credentials?: ICredentialsInfo
   region?: string
+  accessKey?: string
 
   // @cloudbase/functions-framework 函数上下文，只要求部分字段
   context?: Readonly<{