ksyun-sdk-node 1.0.5 → 1.4.8

package/.claude/settings.local.json

@@ -0,0 +1,12 @@
+{
+  "permissions": {
+    "allow": [
+      "Bash(node example/res.js:*)",
+      "Bash(npm run build:*)",
+      "Bash(npm view:*)",
+      "Bash(npm whoami:*)"
+    ],
+    "deny": [],
+    "ask": []
+  }
+}

package/dist/base/BaseClient.js

@@ -1,30 +1,27 @@
 "use strict";
 
 require("core-js/modules/es.json.stringify.js");
-
-function _defineProperty(obj, key, value) { if (key in obj) { Object.defineProperty(obj, key, { value: value, enumerable: true, configurable: true, writable: true }); } else { obj[key] = value; } return obj; }
-
-const getSignedParams = require('../lib/sign.js').getSignedParams;
-
+require("core-js/modules/esnext.iterator.constructor.js");
+require("core-js/modules/esnext.iterator.for-each.js");
+function _defineProperty(e, r, t) { return (r = _toPropertyKey(r)) in e ? Object.defineProperty(e, r, { value: t, enumerable: !0, configurable: !0, writable: !0 }) : e[r] = t, e; }
+function _toPropertyKey(t) { var i = _toPrimitive(t, "string"); return "symbol" == typeof i ? i : i + ""; }
+function _toPrimitive(t, r) { if ("object" != typeof t || !t) return t; var e = t[Symbol.toPrimitive]; if (void 0 !== e) { var i = e.call(t, r || "default"); if ("object" != typeof i) return i; throw new TypeError("@@toPrimitive must return a primitive value."); } return ("string" === r ? String : Number)(t); }
+const {
+  getSignatureHeaders,
+  getCanonicalizedQuery
+} = require('../lib/signautreV4.js');
 const fetch = require('../lib/fetch.js');
-
 const dayjs = require('dayjs');
-
 const utc = require('dayjs/plugin/utc.js');
-
 const qs = require('qs');
-
 dayjs.extend(utc);
 module.exports = class BaseClient {
   constructor(clientConfig) {
     _defineProperty(this, "_baseConfig", {});
-
     _defineProperty(this, "_apiList", {});
-
     this.ak = clientConfig.credential.secretId, this.sk = clientConfig.credential.secretKey;
     this.region = clientConfig.region;
     this.httpProfile = clientConfig.httpProfile || {};
-
     if (!this.ak || !this.sk) {
       throw new Error('secretId and secretKey are required');
     }
@@ -34,71 +31,155 @@ module.exports = class BaseClient {
    * @param {string} apiAction 接口名
    * @param {object} data 参数 { body, query }
    */
-
-
   request(apiAction, params = {}) {
+    params = this.formatParams(apiAction, params);
     let apiConfig = this._apiList[apiAction];
-    let publicParams = {
-      Accesskey: this.ak,
-      Service: this._baseConfig.config.credentials.service,
-      Action: apiAction,
-      Version: apiConfig.config.query.Version,
-      Timestamp: dayjs().utc().format('YYYY-MM-DDThh:mm:ss') + 'Z',
-      SignatureVersion: '1.0',
-      SignatureMethod: 'HMAC-SHA256',
-      Region: this.region || this._baseConfig.config.credentials.region
-    };
-    let combainParams = { ...publicParams,
-      ...params
-    };
-    let signedParams = getSignedParams(combainParams, this.sk);
     let protocol = this.httpProfile.protocol || this._baseConfig.protocol;
     let endpoint = this.httpProfile.endpoint || this._baseConfig.endpoint;
-    let method = this.httpProfile.method || apiConfig.method;
-    let url = `${protocol}${endpoint}${apiConfig.url}`;
+    let method = (this.httpProfile.method || apiConfig.method).toUpperCase();
+    let region = this.region || this._baseConfig.config.credentials.region;
+    let headers = {
+      ...(this._baseConfig.config.headers || {}),
+      ...(apiConfig.config.headers || {})
+    };
 
-    if (['GET', 'DELETE', 'OPTION', 'HEAD'].includes(method.toUpperCase())) {
-      url += `?${qs.stringify(signedParams)}`;
+    // 处理自定义path
+    let customPath = this.httpProfile.path || '';
+    // 清理path中的?参数
+    if (customPath && customPath.includes('?')) {
+      customPath = customPath.split('?')[0];
     }
 
-    let headers = { ...(this._baseConfig.config.headers || {}),
-      ...(apiConfig.config.headers || {}),
-      // 目前kop只支持application/x-www-form-urlencoded类型的签名解析
-      'Content-Type': 'application/x-www-form-urlencoded'
+    // 处理path拼接，避免双斜杠
+    let finalPath = apiConfig.url;
+    if (customPath) {
+      // 清理endpoint末尾的斜杠
+      endpoint = endpoint.replace(/\/+$/, '');
+      // 确保customPath以/开头
+      if (!customPath.startsWith('/')) {
+        customPath = '/' + customPath;
+      }
+      finalPath = customPath;
+    }
+    let query = apiConfig.config.query;
+    if (['GET', 'OPTION', 'HEAD'].includes(method)) {
+      query = {
+        ...query,
+        ...params
+      };
+    }
+    let body = this.getBody(method, headers['Content-Type'], params);
+    let signParams = {
+      path: finalPath,
+      query,
+      body: body || '',
+      headers,
+      host: endpoint,
+      method,
+      region,
+      service: this._baseConfig.config.credentials.service,
+      access_key: this.ak,
+      secret_key: this.sk
     };
-    let body = this.getBody(method, headers['Content-Type'], signedParams);
+    let signHeaders = getSignatureHeaders(signParams);
+    let url = `${protocol}${endpoint}${finalPath}?${getCanonicalizedQuery(query)}`;
     let timeoutSecond = this.httpProfile.timeout || this._baseConfig.config.timeout;
+
+    // 打印 curl 命令
+    this.printCurl(url, method, signHeaders, body);
     return fetch(url, {
       method: method,
       timeout: timeoutSecond * 1000,
-      headers,
+      headers: signHeaders,
       body
     });
   }
+  /**
+   * 格式化参数，对Filter类型做扁平处理
+   * @param {string} apiAction 接口名
+   * @param {object} params 参数值
+   * @returns 格式化后的参数
+   */
+  formatParams(apiAction, params) {
+    let paramsType = this._apiList[apiAction].paramsType;
+    if (!paramsType || params == null) {
+      return params;
+    }
+    let res = {};
+    Object.keys(params).forEach(key => {
+      let type = paramsType[key];
+      // 这些类型不用处理，如果为null、undefined则排除掉
+      if (['String', 'Int', 'Double', 'Long', 'Boolean', 'Array'].includes(type) && params[key] != null) {
+        res[key] = params[key];
+      }
+      if (type == 'Filter' || type == 'Object') {
+        res = {
+          ...res,
+          ...this.formatFilter(key, params[key])
+        };
+      }
+    });
+    return res;
+  }
+  formatFilter(pKey, value) {
+    let res = {};
+    Object.keys(value).forEach(key => {
+      let prefixName = `${pKey}.${key}`;
+      let childValue = value[key];
+      if (typeof childValue == 'object') {
+        res = {
+          ...res,
+          ...this.formatFilter(prefixName, childValue)
+        };
+      } else {
+        res[prefixName] = childValue;
+      }
+    });
+    return res;
+  }
+
   /**
    * 获取body
    * @param {string} method 请求类型
    * @param {string} contentType
-   * @param {object} signedParams 参数对象
+   * @param {object} params 参数对象
    * @returns {string}
    */
-
-
-  getBody(method, contentType, signedParams) {
-    if (!['POST', 'PUT'].includes(method.toUpperCase())) {
-      return undefined;
-    } // 目前只有下面这两种
-
-
+  getBody(method, contentType, params) {
+    if (!['POST', 'PUT'].includes(method) || JSON.stringify(params) == '{}') {
+      return null;
+    }
+    // 目前只有下面这两种
     if (contentType == 'application/x-www-form-urlencoded') {
-      return qs.stringify(signedParams);
+      return qs.stringify(params, {
+        allowDots: true,
+        // 对象转成a.b.c
+        arrayFormat: 'indices' // 数组转成a[0]=b&a[1]=c
+      });
     }
-
     if (contentType == 'application/json') {
-      return JSON.stringify(signedParams);
+      return JSON.stringify(params);
     }
-
-    return JSON.stringify(signedParams);
+    return JSON.stringify(params);
   }
 
+  /**
+   * 打印 curl 命令
+   */
+  printCurl(url, method, headers, body) {
+    let curlCmd = `curl -X ${method} '${url}'`;
+
+    // 添加 headers
+    Object.keys(headers).forEach(key => {
+      curlCmd += ` \\\n  -H '${key}: ${headers[key]}'`;
+    });
+
+    // 添加 body
+    if (body) {
+      curlCmd += ` \\\n  -d '${body}'`;
+    }
+    console.log('\n========== CURL 请求 ==========');
+    console.log(curlCmd);
+    console.log('================================\n');
+  }
 };

package/dist/index.js

@@ -1,13 +1,15 @@
 "use strict";
 
+require("core-js/modules/esnext.iterator.constructor.js");
+require("core-js/modules/esnext.iterator.reduce.js");
 const fs = require('fs');
+const path = require('path');
 
-const path = require('path'); // /xxx/node-sdk/src/service
-
-
-let servicePath = path.resolve(__dirname, './service'); // [Iam, Kec]
-
+// /xxx/node-sdk/src/service
+let servicePath = path.resolve(__dirname, './service');
+// [Iam, Kec]
 let serviceDirs = fs.readdirSync(servicePath);
+
 /**
  * {
  *    Iam: {
@@ -15,27 +17,22 @@ let serviceDirs = fs.readdirSync(servicePath);
  *    }
  * }
  */
-
 module.exports = serviceDirs.reduce((acc, serviceDir) => {
   // /xxx/node-sdk/src/service/iam
   let versionPath = path.resolve(servicePath, serviceDir);
-
   if (fs.statSync(versionPath).isDirectory()) {
     // [v20151101, v20160606]
-    let versionDirs = fs.readdirSync(versionPath); // acc.Iam
-
+    let versionDirs = fs.readdirSync(versionPath);
+    // acc.Iam
     acc[serviceDir] = versionDirs.reduce((accVersion, versionDir) => {
       // /xxx/node-sdk/src/service/iam/v20151101/index.js
       let filePath = path.resolve(versionPath, versionDir, 'index.js');
-
       if (fs.existsSync(filePath)) {
         // accVersion.v20151101
         accVersion[versionDir] = require(filePath);
       }
-
       return accVersion;
     }, {});
   }
-
   return acc;
 }, {});

package/dist/lib/fetch.js

@@ -1,11 +1,12 @@
 "use strict";
 
 const nodeFetch = require('node-fetch');
+const AbortController = require('abort-controller');
+// const HttpsProxyAgent = require('https-proxy-agent')
 
-const AbortController = require('abort-controller'); // const HttpsProxyAgent = require('https-proxy-agent')
+let proxyConfig = {};
 
-
-let proxyConfig = {}; // if (process.env.isKscSdkTest) {
+// if (process.env.isKscSdkTest) {
 // 本地代理
 // proxyConfig = {
 //     agent: new HttpsProxyAgent('http://localhost:9090')
@@ -14,13 +15,11 @@ let proxyConfig = {}; // if (process.env.isKscSdkTest) {
 
 module.exports = function (url, options) {
   const controller = new AbortController();
-
   if (options.timeout) {
     setTimeout(() => {
       controller.abort();
     }, options.timeout);
   }
-
   return nodeFetch(url, {
     signal: controller.signal,
     ...proxyConfig,

package/dist/lib/sign.js

@@ -1,9 +1,11 @@
 "use strict";
 
 require("core-js/modules/es.array.sort.js");
-
-const crypto = require("crypto-js"); // const qs = require("qs")
-
+require("core-js/modules/esnext.iterator.constructor.js");
+require("core-js/modules/esnext.iterator.for-each.js");
+require("core-js/modules/esnext.iterator.map.js");
+const crypto = require("crypto-js");
+// const qs = require("qs")
 
 module.exports = {
   getSignedParams,
@@ -13,31 +15,32 @@ module.exports = {
   getFormatParams,
   isArrayOrObjectNotNull
 };
+
 /**
  * 简化版签名算法
  * @param {*} params 参数
  * @param {*} sk
  */
-
 function getSignedParams(params, sk) {
   if (!sk) {
     throw new Error('need sk');
-  } // 第零点一步：参数扁平化处理
-
-
-  let flatParams = getFlatParams(params); // 第零点二步：去除值为null的参数, boolean转字符串
-
-  flatParams = getFormatParams(flatParams); // 第一步：请求参数排序 请求参数包括公共参数和业务参数，不包含公共参数Signature。 排序规则以参数名按照字典排序.
-
-  let sortParamKeys = Object.keys(flatParams).sort(); // 第二步：请求参数编码
+  }
+  // 第零点一步：参数扁平化处理
+  let flatParams = getFlatParams(params);
+  // 第零点二步：去除值为null的参数, boolean转字符串
+  flatParams = getFormatParams(flatParams);
+  // 第一步：请求参数排序 请求参数包括公共参数和业务参数，不包含公共参数Signature。 排序规则以参数名按照字典排序.
+  let sortParamKeys = Object.keys(flatParams).sort();
+  // 第二步：请求参数编码
   // 使用UTF-8字符集按照RFC3986规则编码请求参数和参数取值
   // 第三步：请求参数拼接成CanonicalizedQueryString
   // 每对URLEncode后的参数名称和参数值，用=进行连接。每对之间使用&进行连接。得到规范化请求字符串CanonicalizedQueryString
-
   let canonicalizedQueryString = sortParamKeys.map(key => {
     let value = flatParams[key];
     return `${fixedEncodeURIComponent(key)}=${fixedEncodeURIComponent(value)}`;
-  }).join('&'); // 参见源码得qs的处理顺序-符合流程：1. 去除null 2. 排序、3. 编码 4. 按照url参数拼接
+  }).join('&');
+
+  // 参见源码得qs的处理顺序-符合流程：1. 去除null 2. 排序、3. 编码 4. 按照url参数拼接
   // let canonicalizedQueryString = qs.stringify(flatParams, {
   //     sort: (a, b) => a.localeCompare(b),
   //     format : 'RFC3986',
@@ -45,28 +48,30 @@ function getSignedParams(params, sk) {
   //     arrayFormat: 'indices', // 数组转成a[0]
   //     allowDots: true, // 对象转成a.b.c
   //  } )
-  // 计算签名。
 
-  let sign = crypto.HmacSHA256(canonicalizedQueryString, sk).toString(); // 添加到请求参数
+  // 计算签名。
+  let sign = crypto.HmacSHA256(canonicalizedQueryString, sk).toString();
 
-  return { ...flatParams,
+  // 添加到请求参数
+  return {
+    ...flatParams,
     Signature: sign
   };
 }
+
 /**
  * RFC 3986
  * https://developer.mozilla.org/zh-CN/docs/Web/JavaScript/Reference/Global_Objects/encodeURIComponent
  * @param {*} str
  * @returns
  */
-
-
 function fixedEncodeURIComponent(str) {
   // encodeURIComponent比RFC 3986少了!'()*这个几个字符的转义
   return encodeURIComponent(str).replace(/[!'()*]/g, function (c) {
     return '%' + c.charCodeAt(0).toString(16).toUpperCase();
   });
 }
+
 /**
  * 格式化参数，对Array,Filter(Object),Object类型做扁平处理
  * @example
@@ -76,15 +81,13 @@ function fixedEncodeURIComponent(str) {
  * @param {object} params 参数值
  * @returns 格式化后的参数
  */
-
-
 function getFlatParams(params) {
   let res = {};
   Object.keys(params).forEach(key => {
     let value = params[key];
-
     if (isArrayOrObjectNotNull(value)) {
-      res = { ...res,
+      res = {
+        ...res,
         ...flatObj(key, params[key])
       };
     } else {
@@ -93,14 +96,13 @@ function getFlatParams(params) {
   });
   return res;
 }
+
 /**
  * 扁平化对象
  * @param {string} pKey key
  * @param {*} value 对象或者数组，非null
  * @returns
  */
-
-
 function flatObj(pKey, value) {
   let res = {};
   let prefixName = '';
@@ -110,11 +112,10 @@ function flatObj(pKey, value) {
     } else {
       prefixName = `${pKey}.${key}`;
     }
-
     let childValue = value[key];
-
     if (isArrayOrObjectNotNull(childValue)) {
-      res = { ...res,
+      res = {
+        ...res,
         ...flatObj(prefixName, childValue)
       };
     } else {
@@ -123,33 +124,30 @@ function flatObj(pKey, value) {
   });
   return res;
 }
+
 /**
  * 1. 剔除null、undefined,
  * 2. boolean转字符串
  * @param {object} params 参数对象
  * @returns {object}
  */
-
-
 function getFormatParams(params) {
   Object.keys(params).forEach(key => {
     if (params[key] == null) {
       delete params[key];
     }
-
     if (Object.prototype.toString.call(params[key]) == '[object Boolean]') {
       params[key] = params[key].toString();
     }
   });
   return params;
 }
+
 /**
  * 是否为数组或者对象，非null
  * @param {any} value
  * @returns {boolean}
  */
-
-
 function isArrayOrObjectNotNull(value) {
   return Array.isArray(value) || Object.prototype.toString.call(value) == '[object Object]';
 }

package/dist/lib/signautreV4.js

@@ -0,0 +1,167 @@
+"use strict";
+
+require("core-js/modules/es.array.sort.js");
+require("core-js/modules/esnext.iterator.constructor.js");
+require("core-js/modules/esnext.iterator.filter.js");
+require("core-js/modules/esnext.iterator.for-each.js");
+require("core-js/modules/esnext.iterator.map.js");
+const crypto = require("crypto-js");
+const dayjs = require('dayjs');
+const utc = require('dayjs/plugin/utc.js');
+dayjs.extend(utc);
+const HEADERS_TO_IGNORE = {
+  'cache-control': true,
+  'content-type': true,
+  'content-length': true,
+  'expect': true,
+  'max-forwards': true,
+  'pragma': true,
+  'range': true,
+  'te': true,
+  'if-match': true,
+  'if-none-match': true,
+  'if-modified-since': true,
+  'if-unmodified-since': true,
+  'if-range': true,
+  'accept': true,
+  'authorization': true,
+  'proxy-authorization': true,
+  'from': true,
+  'referer': true,
+  'user-agent': true
+};
+function getSignatureKey(key, dateStamp, regionName, serviceName) {
+  var kDate = crypto.HmacSHA256(dateStamp, "AWS4" + key);
+  var kRegion = crypto.HmacSHA256(regionName, kDate);
+  var kService = crypto.HmacSHA256(serviceName, kRegion);
+  var kSigning = crypto.HmacSHA256("aws4_request", kService);
+  return kSigning;
+}
+
+/**
+ * 编码
+ * @param {*} str 
+ * @returns 
+ */
+function encodeRfc3986Full(str) {
+  // This function assumes the string has already been percent encoded
+  function encodeRfc3986(urlEncodedString) {
+    return urlEncodedString.replace(/[!'()*]/g, function (c) {
+      return '%' + c.charCodeAt(0).toString(16).toUpperCase();
+    });
+  }
+  return encodeRfc3986(encodeURIComponent(str));
+}
+
+/**
+ * 
+ * @param {*} path 
+ * @returns 
+ */
+function createCanonicalizedPath(path) {
+  return encodeRfc3986Full(path).replace(/%2F/g, '/');
+}
+function getCanonicalHeaders(headers) {
+  function trimAll(header) {
+    return header.toString().trim().replace(/\s+/g, ' ');
+  }
+  return Object.keys(headers).filter(function (key) {
+    return HEADERS_TO_IGNORE[key.toLowerCase()] == null;
+  }).sort(function (a, b) {
+    return a.toLowerCase() < b.toLowerCase() ? -1 : 1;
+  }).map(function (key) {
+    return key.toLowerCase() + ':' + trimAll(headers[key]);
+  }).join('\n') + '\n';
+}
+function getSignedHeaders(headers) {
+  return Object.keys(headers).map(function (key) {
+    return key.toLowerCase();
+  }).filter(function (key) {
+    return HEADERS_TO_IGNORE[key] == null;
+  }).sort().join(';');
+}
+function getCanonicalizedQuery(query) {
+  if (!query) {
+    return '';
+  }
+  delete query['X-Amz-Signature']; // php项目里有这句
+  let res = [];
+  let sortKeys = Object.keys(query).sort();
+  sortKeys.forEach(key => {
+    if (!Array.isArray(query[key])) {
+      res.push(encodeRfc3986Full(key) + '=' + encodeRfc3986Full(query[key]));
+    } else {
+      query[key].map(encodeRfc3986Full).sort().forEach(val => {
+        res.push(encodeRfc3986Full(key) + '=' + encodeRfc3986Full(val));
+      });
+    }
+  });
+  return res.join('&');
+}
+
+// 签名步骤摘要
+// 要创建已签名的请求，请完成以下操作：
+
+/**
+ * 获取包含签名的头，含之前的头
+ * AWS Version 4
+ * https://docs.aws.amazon.com/zh_cn/general/latest/gr/sigv4_signing.html
+ * @param {string} path
+ * @param {string} query
+ */
+function getSignatureHeaders({
+  path,
+  query,
+  body,
+  headers,
+  host,
+  method,
+  region,
+  service,
+  secret_key,
+  access_key
+}) {
+  let now = dayjs().utc();
+  let amzdate = now.format(`YYYYMMDDTHHmmssZ`);
+  let datestamp = now.format('YYYYMMDD');
+
+  // 任务 1：针对签名版本 4 创建规范请求
+  // 将请求的内容（主体、操作、标头等）组织为标准（规范）格式。规范请求是用于创建待签字符串的输入之一。
+
+  let canonical_uri = createCanonicalizedPath(path);
+  let canonical_querystring = getCanonicalizedQuery(query);
+  let allHeaders = {
+    ...headers,
+    host,
+    'x-amz-date': amzdate
+  };
+  let canonical_headers = getCanonicalHeaders(allHeaders);
+  let signed_headers = getSignedHeaders(allHeaders);
+  let payload_hash = headers['X-Amz-Content-Sha256'] || headers['x-amz-content-sha256'] || crypto.SHA256(body || '').toString();
+  let canonical_request = method + '\n' + canonical_uri + '\n' + canonical_querystring + '\n' + canonical_headers + '\n' + signed_headers + '\n' + payload_hash;
+
+  // 任务 2：创建签名版本 4 的待签字符串
+  // 使用规范请求和额外信息（例如算法、请求日期、凭证范围和规范请求的摘要（哈希））创建待签字符串。
+  let algorithm = 'AWS4-HMAC-SHA256';
+  let credential_scope = datestamp + '/' + region + '/' + service + '/' + 'aws4_request';
+  let string_to_sign = algorithm + '\n' + amzdate + '\n' + credential_scope + '\n' + crypto.SHA256(canonical_request).toString();
+
+  // 任务 3：为AWS签名版本 4 计算签名
+  // 使用AWS秘密访问密钥作为初始哈希操作的密钥，对请求日期、区域和服务执行一系列加密哈希操作（HMAC 操作），从而派生签名密钥。在派生签名密钥后，通过对待签字符串执行加密哈希操作来计算签名。使用派生的签名密钥作为此操作的哈希密钥。
+  let signing_key = getSignatureKey(secret_key, datestamp, region, service);
+  let signature = crypto.HmacSHA256(string_to_sign, signing_key).toString();
+
+  // 任务 4：将签名添加到 HTTP 请求
+  // 在计算签名后，将其添加到请求的 HTTP 标头或查询字符串中。
+  let authorization_header = algorithm + ' ' + 'Credential=' + access_key + '/' + credential_scope + ', ' + 'SignedHeaders=' + signed_headers + ', ' + 'Signature=' + signature;
+  let res = {
+    ...headers
+  };
+  res['x-amz-date'] = amzdate;
+  res['Authorization'] = authorization_header;
+  return res;
+}
+module.exports = {
+  getCanonicalizedQuery,
+  getSignatureHeaders
+};