|
|
@@ -2,10 +2,13 @@ package auth |
|
|
|
|
|
|
|
import ( |
|
|
|
"bytes" |
|
|
|
"errors" |
|
|
|
"fmt" |
|
|
|
"golib.gaore.com/GaoreGo/gaore-common-sdk-go/sdk/requests" |
|
|
|
"golib.gaore.com/GaoreGo/gaore-common-sdk-go/sdk/utils" |
|
|
|
"net/http" |
|
|
|
"net/url" |
|
|
|
"strconv" |
|
|
|
"strings" |
|
|
|
"time" |
|
|
|
) |
|
|
@@ -54,8 +57,11 @@ func buildRpcStringToSign(request requests.AcsRequest) (stringToSign string) { |
|
|
|
for key, value := range request.GetQueryParams() { |
|
|
|
signParams[key] = value |
|
|
|
} |
|
|
|
for key, value := range request.GetFormParams() { |
|
|
|
signParams[key] = value |
|
|
|
|
|
|
|
if strings.ToUpper(request.GetMethod()) == requests.POST { |
|
|
|
for key, value := range request.GetFormParams() { |
|
|
|
signParams[key] = value |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
stringToSign = utils.GetUrlFormedMap(signParams) |
|
|
@@ -66,3 +72,41 @@ func buildRpcStringToSign(request requests.AcsRequest) (stringToSign string) { |
|
|
|
stringToSign = request.GetMethod() + "&%2F&" + stringToSign |
|
|
|
return |
|
|
|
} |
|
|
|
|
|
|
|
func unsignRpcRequest(request *http.Request, signer Signer) (err error) { |
|
|
|
signParams := make(map[string]string) |
|
|
|
for key, value := range request.URL.Query() { |
|
|
|
signParams[key] = value[0] |
|
|
|
} |
|
|
|
|
|
|
|
if strings.ToUpper(request.Method) == requests.POST { |
|
|
|
for key, value := range request.Form { |
|
|
|
signParams[key] = value[0] |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
signValue, ok := signParams["sign"] |
|
|
|
if !ok { |
|
|
|
return errors.New("sign value is not exists") |
|
|
|
} |
|
|
|
|
|
|
|
stringToSign := utils.GetUrlFormedMap(signParams) |
|
|
|
stringToSign = strings.Replace(stringToSign, "+", "%20", -1) |
|
|
|
stringToSign = strings.Replace(stringToSign, "*", "%2A", -1) |
|
|
|
stringToSign = strings.Replace(stringToSign, "%7E", "~", -1) |
|
|
|
stringToSign = url.QueryEscape(stringToSign) |
|
|
|
stringToSign = request.Method + "&%2F&" + stringToSign |
|
|
|
|
|
|
|
if timestamp, err := strconv.ParseInt(signParams["access_time"], 10, 64); err != nil { |
|
|
|
return err |
|
|
|
} else { |
|
|
|
if time.Unix(timestamp, 0).Before(time.Now().Add(-5 * time.Minute)) { |
|
|
|
err = errors.New("sign timeout 5 minute") |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
if signer.Sign(stringToSign, "&") != signValue { |
|
|
|
return errors.New("sign string is not correct") |
|
|
|
} |
|
|
|
return |
|
|
|
} |