GaoreGo/gaore-common-sdk-go
7
0
Fork 0
Code Releases 90 Activity
develop/ymx/vip
gaore-common-sdk-go/sdk/auth/rpc_signature_composer.go
yuxh c02d5b5201 feat(sdk): 优化签名处理逻辑并添加 msdk 服务支持 
- 修复了当 signer为 nil 时不执行签名逻辑的问题
- 优化了签名处理流程,提高了代码的可读性和性能
- 新增了对 msdk 服务的支持,包括用户归因和设备信息获取功能
- 添加了 md5 加密工具函数和相关测试
2025-07-03 18:06:31 +08:00

129 lines
3.6 KiB
Go
Raw Permalink Blame History

package auth
import (
"bytes"
"errors"
"fmt"
"golib.gaore.com/GaoreGo/gaore-common-sdk-go/sdk/requests"
"golib.gaore.com/GaoreGo/gaore-common-sdk-go/sdk/utils"
"net/http"
"net/url"
"strconv"
"strings"
"time"
)
func signRpcRequest(request requests.AcsRequest, signer Signer) (err error) {
err = completeRpcSignParams(request, signer)
if err != nil {
return
}
if signer != nil {
if _, isContainsSign := request.GetQueryParams()["sign"]; isContainsSign {
delete(request.GetQueryParams(), "sign")
}
stringToSign := buildRpcStringToSign(request)
request.SetStringToSign(stringToSign)
signature := signer.Sign(stringToSign, "&")
request.GetQueryParams()["sign"] = signature
debug("GrSdk sign: %s", signature)
debug("GrSdk sign string: %s", stringToSign)
debug("GrSdk sign: \r\n")
}
return
}
func completeRpcSignParams(request requests.AcsRequest, signer Signer) (err error) {
if signer != nil {
var accessKeyFrom string
if accessKeyFrom, err = signer.GetAccessKeyFrom(); err != nil {
return
}
queryParams := request.GetQueryParams()
queryParams["access_time"] = fmt.Sprintf("%d", time.Now().Unix())
queryParams["access_key"], err = signer.GetAccessKeyId()
queryParams["access_from"] = accessKeyFrom
request.GetHeaders()["Gr-Sdk-From"] = accessKeyFrom
if err != nil {
return
}
}
request.GetHeaders()["Content-type"] = requests.Form
formString := utils.GetUrlFormedMap(request.GetFormParams())
request.SetContent(bytes.NewBufferString(formString).Bytes())
return
}
func buildRpcStringToSign(request requests.AcsRequest) (stringToSign string) {
signParams := make(map[string]string)
for key, value := range request.GetQueryParams() {
signParams[key] = value
}
if strings.ToUpper(request.GetMethod()) == requests.POST {
for key, value := range request.GetFormParams() {
signParams[key] = value
}
}
stringToSign = utils.GetUrlFormedMap(signParams)
stringToSign = strings.Replace(stringToSign, "+", "%20", -1)
stringToSign = strings.Replace(stringToSign, "*", "%2A", -1)
stringToSign = strings.Replace(stringToSign, "%7E", "~", -1)
stringToSign = url.QueryEscape(stringToSign)
stringToSign = request.GetMethod() + "&%2F&" + stringToSign
return
}
func unsignRpcRequest(request *http.Request, signer Signer) (err error) {
signParams := make(map[string]string)
for key, value := range request.URL.Query() {
signParams[key] = value[0]
}
if strings.ToUpper(request.Method) == requests.POST {
for key, value := range request.Form {
signParams[key] = value[0]
}
}
if accessKey, err := signer.GetAccessKeyId(); err != nil {
return err
} else if accessKey == "" {
return errors.New("access key is not allow empty")
} else if accessKey != signParams["access_key"] {
return errors.New("illegal access key")
}
signValue, ok := signParams["sign"]
if !ok {
return errors.New("sign value is not exists")
} else {
delete(signParams, "sign")
}
stringToSign := utils.GetUrlFormedMap(signParams)
stringToSign = strings.Replace(stringToSign, "+", "%20", -1)
stringToSign = strings.Replace(stringToSign, "*", "%2A", -1)
stringToSign = strings.Replace(stringToSign, "%7E", "~", -1)
stringToSign = url.QueryEscape(stringToSign)
stringToSign = request.Method + "&%2F&" + stringToSign
debug("GrSdk sign: %s", stringToSign)
if timestamp, err := strconv.ParseInt(signParams["access_time"], 10, 64); err != nil {
return err
} else {
if time.Unix(timestamp, 0).Before(time.Now().Add(-5 * time.Minute)) {
err = errors.New("sign timeout 5 minute")
}
}
if signer.Sign(stringToSign, "&") != signValue {
return errors.New("sign string is not correct")
}
return
}
View Git Blame Copy Permalink