@lingxiteam/assets 0.7.30-alpha.31 → 0.7.30-alpha.34

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/es/security/fetch.d.ts +1 -0
  2. package/es/security/fetch.js +9 -2
  3. package/es/security/httpEncryption.js +2 -1
  4. package/es/security/index.d.ts +2 -0
  5. package/es/security/index.js +1 -1
  6. package/es/security/sign.d.ts +1 -0
  7. package/es/security/sign.js +88 -15
  8. package/package.json +8 -3
package/es/security/fetch.d.ts CHANGED
@@ -1,4 +1,5 @@
1
1
  declare const fetch: (url: any, fetchOptions?: any, config?: {
2
2
  mode: string;
3
+ signKeyOptions: any;
3
4
  }) => Promise<Response>;
4
5
  export default fetch;
package/es/security/fetch.js CHANGED
@@ -6,6 +6,11 @@ function _defineProperty(obj, key, value) { if (key in obj) { Object.definePrope
6
6
 
7
7
  import { createHttpSignStr } from './sign';
8
8
  var originFetch = window.fetch;
9
+ var defaultSignKey = 'X-SIGN';
10
+ var MODE = {
11
+ SIGN_KEY: 'signKey' // 参数签名
12
+
13
+ };
9
14
  var envKey = process.env.LING_XI_HTTP_SIGN_HEADER_KEY || process.env.REACT_APP_HTTP_SIGN_HEADER_KEY || process.env.UMI_APP_HTTP_SIGN_HEADER_KEY || process.env.FISHX_APP_HTTP_SIGN_HEADER_KEY;
10
15
 
11
16
  var fetch = function fetch(url) {
@@ -14,8 +19,10 @@ var fetch = function fetch(url) {
14
19
 
15
20
  var opts = _objectSpread({}, fetchOptions);
16
21
 
17
- if (!config || !config.mode || config.mode === 'signKey') {
18
- opts.headers = _objectSpread(_objectSpread({}, opts.headers), {}, _defineProperty({}, envKey || 'X-SIGN', createHttpSignStr(url, fetchOptions)));
22
+ if ((!config || !config.mode || config.mode === MODE.SIGN_KEY) && (fetchOptions === null || fetchOptions === void 0 ? void 0 : fetchOptions.disabledSignKey) !== true) {
23
+ var _config$signKeyOption;
24
+
25
+ opts.headers = _objectSpread(_objectSpread({}, opts.headers), {}, _defineProperty({}, (config === null || config === void 0 ? void 0 : (_config$signKeyOption = config.signKeyOptions) === null || _config$signKeyOption === void 0 ? void 0 : _config$signKeyOption.key) || envKey || defaultSignKey, createHttpSignStr(url, fetchOptions)));
19
26
  }
20
27
 
21
28
  return originFetch(url, opts);
package/es/security/httpEncryption.js CHANGED
@@ -34,7 +34,8 @@ function start(_ref) {
34
34
  window.fetch = function (url) {
35
35
  var fetchOptions = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
36
36
  return fetch(url, fetchOptions, {
37
- mode: mode
37
+ mode: mode,
38
+ signKeyOptions: signKeyOptions
38
39
  });
39
40
  };
40
41
  } else {
package/es/security/index.d.ts CHANGED
@@ -7,11 +7,13 @@ declare const _default: {
7
7
  stop: () => void;
8
8
  fetch: (url: any, fetchOptions?: any, config?: {
9
9
  mode: string;
10
+ signKeyOptions: any;
10
11
  } | undefined) => Promise<Response>;
11
12
  createHttpSignStr: (url: string, options: any) => string;
12
13
  };
13
14
  sign: {
14
15
  createHttpSignStr: (url: string, options: any) => string;
16
+ getApiPath: (url: string) => any;
15
17
  };
16
18
  };
17
19
  export default _default;
package/es/security/index.js CHANGED
@@ -1,5 +1,5 @@
1
- import sign from './sign';
2
1
  import httpEncryption from './httpEncryption';
2
+ import sign from './sign';
3
3
  export default {
4
4
  httpEncryption: httpEncryption,
5
5
  sign: sign
package/es/security/sign.d.ts CHANGED
@@ -1,5 +1,6 @@
1
1
  export declare const createHttpSignStr: (url: string, options: any) => string;
2
2
  declare const _default: {
3
3
  createHttpSignStr: (url: string, options: any) => string;
4
+ getApiPath: (url: string) => any;
4
5
  };
5
6
  export default _default;
package/es/security/sign.js CHANGED
@@ -1,5 +1,17 @@
1
1
  function _typeof(obj) { "@babel/helpers - typeof"; return _typeof = "function" == typeof Symbol && "symbol" == typeof Symbol.iterator ? function (obj) { return typeof obj; } : function (obj) { return obj && "function" == typeof Symbol && obj.constructor === Symbol && obj !== Symbol.prototype ? "symbol" : typeof obj; }, _typeof(obj); }
2
2
 
3
+ function _slicedToArray(arr, i) { return _arrayWithHoles(arr) || _iterableToArrayLimit(arr, i) || _unsupportedIterableToArray(arr, i) || _nonIterableRest(); }
4
+
5
+ function _nonIterableRest() { throw new TypeError("Invalid attempt to destructure non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method."); }
6
+
7
+ function _unsupportedIterableToArray(o, minLen) { if (!o) return; if (typeof o === "string") return _arrayLikeToArray(o, minLen); var n = Object.prototype.toString.call(o).slice(8, -1); if (n === "Object" && o.constructor) n = o.constructor.name; if (n === "Map" || n === "Set") return Array.from(o); if (n === "Arguments" || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)) return _arrayLikeToArray(o, minLen); }
8
+
9
+ function _arrayLikeToArray(arr, len) { if (len == null || len > arr.length) len = arr.length; for (var i = 0, arr2 = new Array(len); i < len; i++) { arr2[i] = arr[i]; } return arr2; }
10
+
11
+ function _iterableToArrayLimit(arr, i) { var _i = arr == null ? null : typeof Symbol !== "undefined" && arr[Symbol.iterator] || arr["@@iterator"]; if (_i == null) return; var _arr = []; var _n = true; var _d = false; var _s, _e; try { for (_i = _i.call(arr); !(_n = (_s = _i.next()).done); _n = true) { _arr.push(_s.value); if (i && _arr.length === i) break; } } catch (err) { _d = true; _e = err; } finally { try { if (!_n && _i["return"] != null) _i["return"](); } finally { if (_d) throw _e; } } return _arr; }
12
+
13
+ function _arrayWithHoles(arr) { if (Array.isArray(arr)) return arr; }
14
+
3
15
  import { sha256 } from 'js-sha256';
4
16
  import { obj2QueryString } from '../utils/url';
5
17
  var SIGN_KEY = process.env.LING_XI_HTTP_SIGN_KEY || 'zrT5bi2escXilaH1fs653uZiH9RWfzCS'; // 1、签名算法:
@@ -13,7 +25,6 @@ var SIGN_KEY = process.env.LING_XI_HTTP_SIGN_KEY || 'zrT5bi2escXilaH1fs653uZiH9R
13
25
  // ● header :取X-开头的header,或者APP-ID,多个则逗号分隔拼接。比如X-AA=a;APP-ID=88888
14
26
  // ● get 参数:就是url 问号后面的串
15
27
  // ● body:post 请求体
16
- // ● 秘钥固定:zrT5bi2escXilaH1fs653uZiH9RWfzCS
17
28
 
18
29
  /**
19
30
  * 组装X-SIGN请求头
@@ -24,9 +35,54 @@ var SIGN_KEY = process.env.LING_XI_HTTP_SIGN_KEY || 'zrT5bi2escXilaH1fs653uZiH9R
24
35
  // 由于X-B 的规则可能被业务网关使用,并往请求头增加内容,导致前后端加密不一致
25
36
  // 2022.08.09 使用以下3个固定值 + X-LX-*匹配 方式
26
37
 
27
- var hKeys = ['X-B-AUTH', 'X-B-TARGET-ID', 'APP-ID'];
38
+ var hKeys = ['X-B-AUTH', 'X-B-TARGET-ID', 'APP-ID']; // 配置指定接口前缀
39
+
40
+ var apiPrefix = process.env.LING_XI_HTTP_SIGN_API_PERFIX || process.env.REACT_APP_HTTP_SIGN_API_PERFIX || process.env.UMI_APP_HTTP_SIGN_API_PERFIX || process.env.FISHX_APP_HTTP_SIGN_API_PERFIX || 'portal,asset,rhin,lcdp,ncdp,flow'; // 获取接口路径
41
+ // =========================
42
+ // api/a/b/c
43
+ // ../api/a/b/c
44
+ // ../../api/a/b/c
45
+ // /api/a/b/c
46
+ // http://host.com/api/a/b/c
47
+ // https://host.com/api/a/b/c
48
+ // //host.com/api/a/b/c
49
+ // => /api/a/b/c
50
+ // =========================
51
+
52
+ var getApiPath = function getApiPath(url) {
53
+ // 移除host、相对路径部分,保证地址前都是'/'开头
54
+ var fixurl = "/".concat(url.replace(/(^(http:\/\/|https:\/\/|\/\/)[^/]*)|(^\.[./]*)/g, '')).replace('//', '/');
55
+
56
+ if (apiPrefix) {
57
+ // 配了接口前缀规则,通过前缀匹配
58
+ // =========================
59
+ // /api/a/api/b => /api/b
60
+ // api/c => /api/c
61
+ // /lapi/d => ''
62
+ // =========================
63
+ return apiPrefix.split(',').reduce(function (pre, n) {
64
+ var matchPath = fixurl.split("/".concat(n, "/")).pop();
65
+
66
+ if (matchPath !== fixurl) {
67
+ pre.push("/".concat(n, "/").concat(matchPath));
68
+ }
69
+
70
+ return pre;
71
+ }, []).sort(function (a, b) {
72
+ return a.length - b.length;
73
+ })[0] || '';
74
+ } // 没有配置接口前缀,使用接口最后三级路径,不足三级取最大层级路径
75
+ // =========================
76
+ // /a/b/c/d => /b/c/d
77
+ // a/b => /a/b
78
+ // =========================
79
+
80
+
81
+ return "".concat(fixurl.split('/').slice(-3).join('/'));
82
+ };
83
+
28
84
  export var createHttpSignStr = function createHttpSignStr(url, options) {
29
- if (!url || !options) {
85
+ if (!url || !options || !options.method) {
30
86
  return '';
31
87
  }
32
88
 
@@ -41,32 +97,49 @@ export var createHttpSignStr = function createHttpSignStr(url, options) {
41
97
  mixUrl += (url.indexOf('?') !== -1 ? '&' : '?') + obj2QueryString(search);
42
98
  }
43
99
 
44
- var apiName = mixUrl.split('?')[0].split('/').pop(); // 获取参数2: 请求头部参数
100
+ var _mixUrl$split = mixUrl.split('?'),
101
+ _mixUrl$split2 = _slicedToArray(_mixUrl$split, 2),
102
+ urlPath = _mixUrl$split2[0],
103
+ _mixUrl$split2$ = _mixUrl$split2[1],
104
+ urlSearch = _mixUrl$split2$ === void 0 ? '' : _mixUrl$split2$;
105
+
106
+ var apiPath = getApiPath(urlPath); // 获取参数2: 请求头部参数
45
107
 
46
108
  var headerParams = '';
47
109
  var headersKeyArr = [];
48
- Object.keys(headers).forEach(function (key) {
49
- if (key.startsWith('X-LX-') || hKeys.includes(key)) {
50
- headersKeyArr.push("".concat(key.toLowerCase(), "=").concat(headers[key]));
51
- }
52
- });
110
+
111
+ if (headers) {
112
+ Object.keys(headers).forEach(function (key) {
113
+ if (key.startsWith('X-LX-') || hKeys.includes(key)) {
114
+ headersKeyArr.push("".concat(key.toLowerCase(), "=").concat(headers[key]));
115
+ }
116
+ });
117
+ }
118
+
53
119
  headerParams = headersKeyArr.sort().join(';'); // 获取参数3: 请求参数
54
120
 
55
121
  var params = '';
56
122
 
57
123
  if (method.toLowerCase() === 'get') {
58
- params = mixUrl.split('?')[1] || '';
124
+ params = urlSearch;
59
125
  } else {
60
126
  params = _typeof(body) === 'object' ? JSON.stringify(body) : body;
61
- }
127
+ } // 组装加密字符串
128
+
129
+
130
+ var str = [apiPath, headerParams, params, SIGN_KEY].join('#');
62
131
 
63
- if (window.signDebug) {
64
- console.log('sign', [apiName, headerParams, params, SIGN_KEY].join('#'));
132
+ if (typeof window !== 'undefined' && (window.signDebug || window.localStorage.getItem('signDebug'))) {
133
+ console.log(' --- signDebug ---');
134
+ console.log('url', url);
135
+ console.log('str', str);
136
+ console.log('sign', sha256(str));
65
137
  } // 生成约定签名
66
138
 
67
139
 
68
- return sha256([apiName, headerParams, params, SIGN_KEY].join('#'));
140
+ return sha256(str);
69
141
  };
70
142
  export default {
71
- createHttpSignStr: createHttpSignStr
143
+ createHttpSignStr: createHttpSignStr,
144
+ getApiPath: getApiPath
72
145
  };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@lingxiteam/assets",
3
- "version": "0.7.30-alpha.31",
3
+ "version": "0.7.30-alpha.34",
4
4
  "description": "灵犀低代码平台移动端 - 工具类",
5
5
  "main": "lib/index.js",
6
6
  "module": "es/index.js",
@@ -19,14 +19,19 @@
19
19
  "exports": "node ./scripts/exports.js",
20
20
  "prebuild-component": "npm run exports",
21
21
  "build-component": "father-build",
22
- "watch": "father-build -w"
22
+ "watch": "father-build -w",
23
+ "test": "cross-env TS_NODE_COMPILER_OPTIONS='{\"module\": \"commonjs\" }' mocha"
23
24
  },
24
25
  "keywords": [],
25
26
  "peerDependencies": {
26
27
  "react": ">=16.8.6"
27
28
  },
28
29
  "devDependencies": {
29
- "father-build": "1.20.4"
30
+ "babel-preset-env": "^1.7.0",
31
+ "babel-register": "^6.26.0",
32
+ "father-build": "1.20.4",
33
+ "mocha": "^10.0.0",
34
+ "ts-node": "^10.9.1"
30
35
  },
31
36
  "gitHead": "bcd338198e2c14459538542d10600ab03abc92f2",
32
37
  "dependencies": {