diff --git a/.github/workflows/pop_csharp.yml b/.github/workflows/pop_csharp.yml index 18412455..30889bba 100644 --- a/.github/workflows/pop_csharp.yml +++ b/.github/workflows/pop_csharp.yml @@ -12,14 +12,14 @@ defaults: jobs: build: - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Setup .NET Core - uses: actions/setup-dotnet@v1 + uses: actions/setup-dotnet@v4 with: - dotnet-version: 2.2.207 + dotnet-version: '8.x' - name: install altcover run: cd core/ && dotnet tool install --global altcover.visualizer --version 8.6.14 - name: Install dependencies diff --git a/.github/workflows/pop_java.yml b/.github/workflows/pop_java.yml index b88d433b..1be4083b 100644 --- a/.github/workflows/pop_java.yml +++ b/.github/workflows/pop_java.yml @@ -20,7 +20,7 @@ jobs: matrix: # test against latest update of each major Java version, as well as specific updates of LTS versions: # 20, 21还不支持,报错是Source option 7 is no longer supported. Use 8 or later. - java: [7, 8, 9, 11, 12, 13, 14, 15, 16, 17, 18, 19] + java: [8, 11, 17] fail-fast: false steps: diff --git a/.github/workflows/pop_python.yml b/.github/workflows/pop_python.yml index f9fb086b..9cda599d 100644 --- a/.github/workflows/pop_python.yml +++ b/.github/workflows/pop_python.yml @@ -24,11 +24,7 @@ jobs: with: python-version: ${{ matrix.python-version }} - name: Install dependencies - run: pip install pytest==6.2.5 coverage==5.5 importlib-metadata==1.7.0 zipp==2.2.1 typing-extensions==3.10.0.2 && python setup.py install - if: matrix.python-version == '3.7' - - name: Install dependencies - run: python -m pip install setuptools && python setup.py install && pip install pytest coverage - if: matrix.python-version != '3.7' + run: pip install setuptools urllib3==1.26.20 alibabacloud-tea coverage pytest alibabacloud-credentials==0.3.6 && python setup.py install - name: Test with unittest run: | coverage run --source="./alibabacloud_tea_util" -m pytest tests/test_* diff --git a/alibabacloud-gateway-pop/csharp/core/Client.cs b/alibabacloud-gateway-pop/csharp/core/Client.cs index 24234429..fa30268a 100644 --- a/alibabacloud-gateway-pop/csharp/core/Client.cs +++ b/alibabacloud-gateway-pop/csharp/core/Client.cs @@ -14,13 +14,21 @@ namespace AlibabaCloud.GatewayPop { public class Client : AlibabaCloud.GatewaySpi.Client { + protected string _endpointSuffix; + protected string _signatureTypePrefix; + protected string _signPrefix; protected string _sha256; protected string _sm3; public Client(): base() { - this._sha256 = "ACS4-HMAC-SHA256"; - this._sm3 = "ACS4-HMAC-SM3"; + // CLOUD4- + this._signatureTypePrefix = "ACS4-"; + // cloud_v4 + this._signPrefix = "aliyun_v4"; + this._endpointSuffix = "aliyuncs.com"; + this._sha256 = "" + _signatureTypePrefix + "HMAC-SHA256"; + this._sm3 = "" + _signatureTypePrefix + "HMAC-SM3"; } @@ -28,6 +36,15 @@ public void ModifyConfiguration(AlibabaCloud.GatewaySpi.Models.InterceptorContex { AlibabaCloud.GatewaySpi.Models.InterceptorContext.InterceptorContextRequest request = context.Request; AlibabaCloud.GatewaySpi.Models.InterceptorContext.InterceptorContextConfiguration config = context.Configuration; + Dictionary attributes = attributeMap.Key; + if (!AlibabaCloud.TeaUtil.Common.IsUnset(attributes)) + { + this._signatureTypePrefix = attributes.Get("signatureTypePrefix"); + this._signPrefix = attributes.Get("signPrefix"); + this._endpointSuffix = attributes.Get("endpointSuffix"); + this._sha256 = "" + _signatureTypePrefix + "HMAC-SHA256"; + this._sm3 = "" + _signatureTypePrefix + "HMAC-SM3"; + } config.Endpoint = GetEndpoint(request.ProductId, config.RegionId, config.EndpointRule, config.Network, config.Suffix, config.EndpointMap, config.Endpoint); } @@ -35,6 +52,15 @@ public async Task ModifyConfigurationAsync(AlibabaCloud.GatewaySpi.Models.Interc { AlibabaCloud.GatewaySpi.Models.InterceptorContext.InterceptorContextRequest request = context.Request; AlibabaCloud.GatewaySpi.Models.InterceptorContext.InterceptorContextConfiguration config = context.Configuration; + Dictionary attributes = attributeMap.Key; + if (!AlibabaCloud.TeaUtil.Common.IsUnset(attributes)) + { + this._signatureTypePrefix = attributes.Get("signatureTypePrefix"); + this._signPrefix = attributes.Get("signPrefix"); + this._endpointSuffix = attributes.Get("endpointSuffix"); + this._sha256 = "" + _signatureTypePrefix + "HMAC-SHA256"; + this._sm3 = "" + _signatureTypePrefix + "HMAC-SM3"; + } config.Endpoint = GetEndpoint(request.ProductId, config.RegionId, config.EndpointRule, config.Network, config.Suffix, config.EndpointMap, config.Endpoint); } @@ -106,18 +132,29 @@ public void ModifyRequest(AlibabaCloud.GatewaySpi.Models.InterceptorContext cont {"message", "'config.credential' can not be unset"}, }); } - string authType = credential.GetType(); + Aliyun.Credentials.Models.CredentialModel credentialModel = credential.GetCredential(); + if (!AlibabaCloud.TeaUtil.Common.Empty(credentialModel.ProviderName)) + { + request.Headers["x-acs-credentials-provider"] = credentialModel.ProviderName; + } + string authType = credentialModel.Type; if (AlibabaCloud.TeaUtil.Common.EqualString(authType, "bearer")) { string bearerToken = credential.GetBearerToken(); request.Headers["x-acs-bearer-token"] = bearerToken; + request.Headers["x-acs-signature-type"] = "BEARERTOKEN"; request.Headers["Authorization"] = "Bearer " + bearerToken; } + else if (AlibabaCloud.TeaUtil.Common.EqualString(authType, "id_token")) + { + string idToken = credentialModel.SecurityToken; + request.Headers["x-acs-zero-trust-idtoken"] = idToken; + } else { - string accessKeyId = credential.GetAccessKeyId(); - string accessKeySecret = credential.GetAccessKeySecret(); - string securityToken = credential.GetSecurityToken(); + string accessKeyId = credentialModel.AccessKeyId; + string accessKeySecret = credentialModel.AccessKeySecret; + string securityToken = credentialModel.SecurityToken; if (!AlibabaCloud.TeaUtil.Common.Empty(securityToken)) { request.Headers["x-acs-accesskey-id"] = accessKeyId; @@ -125,7 +162,7 @@ public void ModifyRequest(AlibabaCloud.GatewaySpi.Models.InterceptorContext cont } string dateNew = AlibabaCloud.DarabonbaString.StringUtil.SubString(date, 0, 10); dateNew = AlibabaCloud.DarabonbaString.StringUtil.Replace(dateNew, "-", "", null); - string region = GetRegion(request.ProductId, config.Endpoint); + string region = GetRegion(request.ProductId, config.Endpoint, config.RegionId); byte[] signingkey = GetSigningkey(signatureAlgorithm, accessKeySecret, request.ProductId, region, dateNew); request.Headers["Authorization"] = GetAuthorization(request.Pathname, request.Method, request.Query, request.Headers, signatureAlgorithm, hashedRequestPayload, accessKeyId, signingkey, request.ProductId, region, dateNew); } @@ -200,18 +237,29 @@ public async Task ModifyRequestAsync(AlibabaCloud.GatewaySpi.Models.InterceptorC {"message", "'config.credential' can not be unset"}, }); } - string authType = credential.GetType(); + Aliyun.Credentials.Models.CredentialModel credentialModel = await credential.GetCredentialAsync(); + if (!AlibabaCloud.TeaUtil.Common.Empty(credentialModel.ProviderName)) + { + request.Headers["x-acs-credentials-provider"] = credentialModel.ProviderName; + } + string authType = credentialModel.Type; if (AlibabaCloud.TeaUtil.Common.EqualString(authType, "bearer")) { string bearerToken = credential.GetBearerToken(); request.Headers["x-acs-bearer-token"] = bearerToken; + request.Headers["x-acs-signature-type"] = "BEARERTOKEN"; request.Headers["Authorization"] = "Bearer " + bearerToken; } + else if (AlibabaCloud.TeaUtil.Common.EqualString(authType, "id_token")) + { + string idToken = credentialModel.SecurityToken; + request.Headers["x-acs-zero-trust-idtoken"] = idToken; + } else { - string accessKeyId = await credential.GetAccessKeyIdAsync(); - string accessKeySecret = await credential.GetAccessKeySecretAsync(); - string securityToken = await credential.GetSecurityTokenAsync(); + string accessKeyId = credentialModel.AccessKeyId; + string accessKeySecret = credentialModel.AccessKeySecret; + string securityToken = credentialModel.SecurityToken; if (!AlibabaCloud.TeaUtil.Common.Empty(securityToken)) { request.Headers["x-acs-accesskey-id"] = accessKeyId; @@ -219,7 +267,7 @@ public async Task ModifyRequestAsync(AlibabaCloud.GatewaySpi.Models.InterceptorC } string dateNew = AlibabaCloud.DarabonbaString.StringUtil.SubString(date, 0, 10); dateNew = AlibabaCloud.DarabonbaString.StringUtil.Replace(dateNew, "-", "", null); - string region = GetRegion(request.ProductId, config.Endpoint); + string region = GetRegion(request.ProductId, config.Endpoint, config.RegionId); byte[] signingkey = await GetSigningkeyAsync(signatureAlgorithm, accessKeySecret, request.ProductId, region, dateNew); request.Headers["Authorization"] = await GetAuthorizationAsync(request.Pathname, request.Method, request.Query, request.Headers, signatureAlgorithm, hashedRequestPayload, accessKeyId, signingkey, request.ProductId, region, dateNew); } @@ -369,7 +417,7 @@ public string GetAuthorization(string pathname, string method, Dictionary signedHeaders = GetSignedHeaders(headers); string signedHeadersStr = AlibabaCloud.DarabonbaArray.ArrayUtil.Join(signedHeaders, ";"); - return "" + signatureAlgorithm + " Credential=" + ak + "/" + date + "/" + region + "/" + product + "/aliyun_v4_request,SignedHeaders=" + signedHeadersStr + ",Signature=" + signature; + return "" + signatureAlgorithm + " Credential=" + ak + "/" + date + "/" + region + "/" + product + "/" + _signPrefix + "_request,SignedHeaders=" + signedHeadersStr + ",Signature=" + signature; } public async Task GetAuthorizationAsync(string pathname, string method, Dictionary query, Dictionary headers, string signatureAlgorithm, string payload, string ak, byte[] signingkey, string product, string region, string date) @@ -377,7 +425,7 @@ public async Task GetAuthorizationAsync(string pathname, string method, string signature = await GetSignatureAsync(pathname, method, query, headers, signatureAlgorithm, payload, signingkey); List signedHeaders = await GetSignedHeadersAsync(headers); string signedHeadersStr = AlibabaCloud.DarabonbaArray.ArrayUtil.Join(signedHeaders, ";"); - return "" + signatureAlgorithm + " Credential=" + ak + "/" + date + "/" + region + "/" + product + "/aliyun_v4_request,SignedHeaders=" + signedHeadersStr + ",Signature=" + signature; + return "" + signatureAlgorithm + " Credential=" + ak + "/" + date + "/" + region + "/" + product + "/" + _signPrefix + "_request,SignedHeaders=" + signedHeadersStr + ",Signature=" + signature; } public string GetSignature(string pathname, string method, Dictionary query, Dictionary headers, string signatureAlgorithm, string payload, byte[] signingkey) @@ -436,7 +484,7 @@ public async Task GetSignatureAsync(string pathname, string method, Dict public byte[] GetSigningkey(string signatureAlgorithm, string secret, string product, string region, string date) { - string sc1 = "aliyun_v4" + secret; + string sc1 = "" + _signPrefix + secret; byte[] sc2 = AlibabaCloud.TeaUtil.Common.ToBytes(""); if (AlibabaCloud.TeaUtil.Common.EqualString(signatureAlgorithm, _sha256)) { @@ -467,18 +515,18 @@ public byte[] GetSigningkey(string signatureAlgorithm, string secret, string pro byte[] hmac = AlibabaCloud.TeaUtil.Common.ToBytes(""); if (AlibabaCloud.TeaUtil.Common.EqualString(signatureAlgorithm, _sha256)) { - hmac = AlibabaCloud.DarabonbaSignatureUtil.Signer.HmacSHA256SignByBytes("aliyun_v4_request", sc4); + hmac = AlibabaCloud.DarabonbaSignatureUtil.Signer.HmacSHA256SignByBytes("" + _signPrefix + "_request", sc4); } else if (AlibabaCloud.TeaUtil.Common.EqualString(signatureAlgorithm, _sm3)) { - hmac = AlibabaCloud.DarabonbaSignatureUtil.Signer.HmacSM3SignByBytes("aliyun_v4_request", sc4); + hmac = AlibabaCloud.DarabonbaSignatureUtil.Signer.HmacSM3SignByBytes("" + _signPrefix + "_request", sc4); } return hmac; } public async Task GetSigningkeyAsync(string signatureAlgorithm, string secret, string product, string region, string date) { - string sc1 = "aliyun_v4" + secret; + string sc1 = "" + _signPrefix + secret; byte[] sc2 = AlibabaCloud.TeaUtil.Common.ToBytes(""); if (AlibabaCloud.TeaUtil.Common.EqualString(signatureAlgorithm, _sha256)) { @@ -509,17 +557,21 @@ public async Task GetSigningkeyAsync(string signatureAlgorithm, string s byte[] hmac = AlibabaCloud.TeaUtil.Common.ToBytes(""); if (AlibabaCloud.TeaUtil.Common.EqualString(signatureAlgorithm, _sha256)) { - hmac = AlibabaCloud.DarabonbaSignatureUtil.Signer.HmacSHA256SignByBytes("aliyun_v4_request", sc4); + hmac = AlibabaCloud.DarabonbaSignatureUtil.Signer.HmacSHA256SignByBytes("" + _signPrefix + "_request", sc4); } else if (AlibabaCloud.TeaUtil.Common.EqualString(signatureAlgorithm, _sm3)) { - hmac = AlibabaCloud.DarabonbaSignatureUtil.Signer.HmacSM3SignByBytes("aliyun_v4_request", sc4); + hmac = AlibabaCloud.DarabonbaSignatureUtil.Signer.HmacSM3SignByBytes("" + _signPrefix + "_request", sc4); } return hmac; } - public string GetRegion(string product, string endpoint) + public string GetRegion(string product, string endpoint, string regionId) { + if (!AlibabaCloud.TeaUtil.Common.Empty(regionId)) + { + return regionId; + } string region = "center"; if (AlibabaCloud.TeaUtil.Common.Empty(product) || AlibabaCloud.TeaUtil.Common.Empty(endpoint)) { @@ -527,7 +579,7 @@ public string GetRegion(string product, string endpoint) } List strs = AlibabaCloud.DarabonbaString.StringUtil.Split(endpoint, ":", null); string withoutPort = strs[0]; - string preRegion = AlibabaCloud.DarabonbaString.StringUtil.Replace(withoutPort, ".aliyuncs.com", "", null); + string preRegion = AlibabaCloud.DarabonbaString.StringUtil.Replace(withoutPort, "." + _endpointSuffix, "", null); List nodes = AlibabaCloud.DarabonbaString.StringUtil.Split(preRegion, ".", null); if (AlibabaCloud.TeaUtil.Common.EqualNumber(AlibabaCloud.DarabonbaArray.ArrayUtil.Size(nodes), 2)) { diff --git a/alibabacloud-gateway-pop/csharp/core/Properties/AssemblyInfo.cs b/alibabacloud-gateway-pop/csharp/core/Properties/AssemblyInfo.cs index 39e4a816..8c3b2f90 100644 --- a/alibabacloud-gateway-pop/csharp/core/Properties/AssemblyInfo.cs +++ b/alibabacloud-gateway-pop/csharp/core/Properties/AssemblyInfo.cs @@ -29,5 +29,5 @@ // Build Number // Revision // -[assembly: AssemblyVersion("0.0.5.0")] -[assembly: AssemblyFileVersion("0.0.5.0")] +[assembly: AssemblyVersion("0.0.6.0")] +[assembly: AssemblyFileVersion("0.0.6.0")] diff --git a/alibabacloud-gateway-pop/csharp/core/client.csproj b/alibabacloud-gateway-pop/csharp/core/client.csproj index 52ccecc0..6d16f8a7 100644 --- a/alibabacloud-gateway-pop/csharp/core/client.csproj +++ b/alibabacloud-gateway-pop/csharp/core/client.csproj @@ -41,7 +41,7 @@ runtime; build; native; contentfiles; analyzers - + @@ -50,6 +50,6 @@ - + \ No newline at end of file diff --git a/alibabacloud-gateway-pop/csharp/tests/UnitTest.cs b/alibabacloud-gateway-pop/csharp/tests/UnitTest.cs index fbfff5bf..d494ef8f 100644 --- a/alibabacloud-gateway-pop/csharp/tests/UnitTest.cs +++ b/alibabacloud-gateway-pop/csharp/tests/UnitTest.cs @@ -11,24 +11,25 @@ public class UnitTest public void Test_GetRegion() { Client client = new Client(); - Assert.Equal("center", client.GetRegion(null, null)); - Assert.Equal("center", client.GetRegion("", "")); - Assert.Equal("center", client.GetRegion("test", "test")); - Assert.Equal("center", client.GetRegion("test", "test.alibaba.api.com")); - Assert.Equal("center", client.GetRegion("test", "test.aliyuncs.com")); - Assert.Equal("center", client.GetRegion("test", "test-dualstack.aliyuncs.com")); - Assert.Equal("center", client.GetRegion("test", "test-inner.aliyuncs.com")); - Assert.Equal("center", client.GetRegion("test", "test-vpc.aliyuncs.com")); - Assert.Equal("center", client.GetRegion("test", "test-share.aliyuncs.com")); - Assert.Equal("center", client.GetRegion("test", "test-cn-hangzhou.aliyuncs.com")); - Assert.Equal("cn-hangzhou", client.GetRegion("test", "test.cn-hangzhou.aliyuncs.com")); - Assert.Equal("cn-hangzhou", client.GetRegion("test", "test-inner.cn-hangzhou.aliyuncs.com")); - Assert.Equal("cn-hangzhou", client.GetRegion("test", "test-vpc.cn-hangzhou.aliyuncs.com")); - Assert.Equal("cn-hangzhou", client.GetRegion("test", "test-share.cn-hangzhou.aliyuncs.com")); - Assert.Equal("cn-hangzhou", client.GetRegion("test", "test-dualstack.cn-hangzhou.aliyuncs.com")); - Assert.Equal("cn-hangzhou", client.GetRegion("test", "test-proxy.cn-hangzhou.aliyuncs.com")); - Assert.Equal("cn-hangzhou-acdr-ut-1", client.GetRegion("test", "test-inner.cn-hangzhou-acdr-ut-1.aliyuncs.com")); - Assert.Equal("cn-edge-1", client.GetRegion("test", "test-inner.cn-edge-1.aliyuncs.com")); + Assert.Equal("center", client.GetRegion(null, null, null)); + Assert.Equal("cn-hangzhou", client.GetRegion(null, null, "cn-hangzhou")); + Assert.Equal("center", client.GetRegion("", "", null)); + Assert.Equal("center", client.GetRegion("test", "test", null)); + Assert.Equal("center", client.GetRegion("test", "test.alibaba.api.com", null)); + Assert.Equal("center", client.GetRegion("test", "test.aliyuncs.com", null)); + Assert.Equal("center", client.GetRegion("test", "test-dualstack.aliyuncs.com", null)); + Assert.Equal("center", client.GetRegion("test", "test-inner.aliyuncs.com", null)); + Assert.Equal("center", client.GetRegion("test", "test-vpc.aliyuncs.com", null)); + Assert.Equal("center", client.GetRegion("test", "test-share.aliyuncs.com", null)); + Assert.Equal("center", client.GetRegion("test", "test-cn-hangzhou.aliyuncs.com", null)); + Assert.Equal("cn-hangzhou", client.GetRegion("test", "test.cn-hangzhou.aliyuncs.com", null)); + Assert.Equal("cn-hangzhou", client.GetRegion("test", "test-inner.cn-hangzhou.aliyuncs.com", null)); + Assert.Equal("cn-hangzhou", client.GetRegion("test", "test-vpc.cn-hangzhou.aliyuncs.com", null)); + Assert.Equal("cn-hangzhou", client.GetRegion("test", "test-share.cn-hangzhou.aliyuncs.com", null)); + Assert.Equal("cn-hangzhou", client.GetRegion("test", "test-dualstack.cn-hangzhou.aliyuncs.com", null)); + Assert.Equal("cn-hangzhou", client.GetRegion("test", "test-proxy.cn-hangzhou.aliyuncs.com", null)); + Assert.Equal("cn-hangzhou-acdr-ut-1", client.GetRegion("test", "test-inner.cn-hangzhou-acdr-ut-1.aliyuncs.com", null)); + Assert.Equal("cn-edge-1", client.GetRegion("test", "test-inner.cn-edge-1.aliyuncs.com", null)); } } } diff --git a/alibabacloud-gateway-pop/csharp/tests/tests.csproj b/alibabacloud-gateway-pop/csharp/tests/tests.csproj index 0fd5d3c5..c010b468 100644 --- a/alibabacloud-gateway-pop/csharp/tests/tests.csproj +++ b/alibabacloud-gateway-pop/csharp/tests/tests.csproj @@ -1,7 +1,7 @@ - netcoreapp2.2 + netcoreapp2.0 false diff --git a/alibabacloud-gateway-pop/golang/client/client.go b/alibabacloud-gateway-pop/golang/client/client.go index 7c958ab4..bd6483c5 100644 --- a/alibabacloud-gateway-pop/golang/client/client.go +++ b/alibabacloud-gateway-pop/golang/client/client.go @@ -16,8 +16,11 @@ import ( type Client struct { spi.Client - Sha256 *string - Sm3 *string + EndpointSuffix *string + SignatureTypePrefix *string + SignPrefix *string + Sha256 *string + Sm3 *string } func NewClient() (*Client, error) { @@ -31,14 +34,28 @@ func (client *Client) Init() (_err error) { if _err != nil { return _err } - client.Sha256 = tea.String("ACS4-HMAC-SHA256") - client.Sm3 = tea.String("ACS4-HMAC-SM3") + // CLOUD4- + client.SignatureTypePrefix = tea.String("ACS4-") + // cloud_v4 + client.SignPrefix = tea.String("aliyun_v4") + client.EndpointSuffix = tea.String("aliyuncs.com") + client.Sha256 = tea.String(tea.StringValue(client.SignatureTypePrefix) + "HMAC-SHA256") + client.Sm3 = tea.String(tea.StringValue(client.SignatureTypePrefix) + "HMAC-SM3") return nil } func (client *Client) ModifyConfiguration(context *spi.InterceptorContext, attributeMap *spi.AttributeMap) (_err error) { request := context.Request config := context.Configuration + attributes := attributeMap.Key + if !tea.BoolValue(util.IsUnset(attributes)) { + client.SignatureTypePrefix = attributes["signatureTypePrefix"] + client.SignPrefix = attributes["signPrefix"] + client.EndpointSuffix = attributes["endpointSuffix"] + client.Sha256 = tea.String(tea.StringValue(client.SignatureTypePrefix) + "HMAC-SHA256") + client.Sm3 = tea.String(tea.StringValue(client.SignatureTypePrefix) + "HMAC-SM3") + } + config.Endpoint, _err = client.GetEndpoint(request.ProductId, config.RegionId, config.EndpointRule, config.Network, config.Suffix, config.EndpointMap, config.Endpoint) if _err != nil { return _err @@ -110,27 +127,28 @@ func (client *Client) ModifyRequest(context *spi.InterceptorContext, attributeMa return _err } - authType := credential.GetType() + credentialModel, _err := credential.GetCredential() + if _err != nil { + return _err + } + + if !tea.BoolValue(util.Empty(credentialModel.ProviderName)) { + request.Headers["x-acs-credentials-provider"] = credentialModel.ProviderName + } + + authType := credentialModel.Type if tea.BoolValue(util.EqualString(authType, tea.String("bearer"))) { bearerToken := credential.GetBearerToken() request.Headers["x-acs-bearer-token"] = bearerToken + request.Headers["x-acs-signature-type"] = tea.String("BEARERTOKEN") request.Headers["Authorization"] = tea.String("Bearer " + tea.StringValue(bearerToken)) + } else if tea.BoolValue(util.EqualString(authType, tea.String("id_token"))) { + idToken := credentialModel.SecurityToken + request.Headers["x-acs-zero-trust-idtoken"] = idToken } else { - accessKeyId, _err := credential.GetAccessKeyId() - if _err != nil { - return _err - } - - accessKeySecret, _err := credential.GetAccessKeySecret() - if _err != nil { - return _err - } - - securityToken, _err := credential.GetSecurityToken() - if _err != nil { - return _err - } - + accessKeyId := credentialModel.AccessKeyId + accessKeySecret := credentialModel.AccessKeySecret + securityToken := credentialModel.SecurityToken if !tea.BoolValue(util.Empty(securityToken)) { request.Headers["x-acs-accesskey-id"] = accessKeyId request.Headers["x-acs-security-token"] = securityToken @@ -138,7 +156,7 @@ func (client *Client) ModifyRequest(context *spi.InterceptorContext, attributeMa dateNew := string_.SubString(date, tea.Int(0), tea.Int(10)) dateNew = string_.Replace(dateNew, tea.String("-"), tea.String(""), nil) - region := client.GetRegion(request.ProductId, config.Endpoint) + region := client.GetRegion(request.ProductId, config.Endpoint, config.RegionId) signingkey, _err := client.GetSigningkey(signatureAlgorithm, accessKeySecret, request.ProductId, region, dateNew) if _err != nil { return _err @@ -278,7 +296,7 @@ func (client *Client) GetAuthorization(pathname *string, method *string, query m } signedHeadersStr := array.Join(signedHeaders, tea.String(";")) - _result = tea.String(tea.StringValue(signatureAlgorithm) + " Credential=" + tea.StringValue(ak) + "/" + tea.StringValue(date) + "/" + tea.StringValue(region) + "/" + tea.StringValue(product) + "/aliyun_v4_request,SignedHeaders=" + tea.StringValue(signedHeadersStr) + ",Signature=" + tea.StringValue(signature)) + _result = tea.String(tea.StringValue(signatureAlgorithm) + " Credential=" + tea.StringValue(ak) + "/" + tea.StringValue(date) + "/" + tea.StringValue(region) + "/" + tea.StringValue(product) + "/" + tea.StringValue(client.SignPrefix) + "_request,SignedHeaders=" + tea.StringValue(signedHeadersStr) + ",Signature=" + tea.StringValue(signature)) return _result, _err } @@ -321,7 +339,7 @@ func (client *Client) GetSignature(pathname *string, method *string, query map[s } func (client *Client) GetSigningkey(signatureAlgorithm *string, secret *string, product *string, region *string, date *string) (_result []byte, _err error) { - sc1 := tea.String("aliyun_v4" + tea.StringValue(secret)) + sc1 := tea.String(tea.StringValue(client.SignPrefix) + tea.StringValue(secret)) sc2 := util.ToBytes(tea.String("")) if tea.BoolValue(util.EqualString(signatureAlgorithm, client.Sha256)) { sc2 = signatureutil.HmacSHA256Sign(date, sc1) @@ -345,16 +363,21 @@ func (client *Client) GetSigningkey(signatureAlgorithm *string, secret *string, hmac := util.ToBytes(tea.String("")) if tea.BoolValue(util.EqualString(signatureAlgorithm, client.Sha256)) { - hmac = signatureutil.HmacSHA256SignByBytes(tea.String("aliyun_v4_request"), sc4) + hmac = signatureutil.HmacSHA256SignByBytes(tea.String(tea.StringValue(client.SignPrefix)+"_request"), sc4) } else if tea.BoolValue(util.EqualString(signatureAlgorithm, client.Sm3)) { - hmac = signatureutil.HmacSM3SignByBytes(tea.String("aliyun_v4_request"), sc4) + hmac = signatureutil.HmacSM3SignByBytes(tea.String(tea.StringValue(client.SignPrefix)+"_request"), sc4) } _result = hmac return _result, _err } -func (client *Client) GetRegion(product *string, endpoint *string) (_result *string) { +func (client *Client) GetRegion(product *string, endpoint *string, regionId *string) (_result *string) { + if !tea.BoolValue(util.Empty(regionId)) { + _result = regionId + return _result + } + region := tea.String("center") if tea.BoolValue(util.Empty(product)) || tea.BoolValue(util.Empty(endpoint)) { _result = region @@ -363,7 +386,7 @@ func (client *Client) GetRegion(product *string, endpoint *string) (_result *str strs := string_.Split(endpoint, tea.String(":"), nil) withoutPort := strs[0] - preRegion := string_.Replace(withoutPort, tea.String(".aliyuncs.com"), tea.String(""), nil) + preRegion := string_.Replace(withoutPort, tea.String("."+tea.StringValue(client.EndpointSuffix)), tea.String(""), nil) nodes := string_.Split(preRegion, tea.String("."), nil) if tea.BoolValue(util.EqualNumber(array.Size(nodes), tea.Int(2))) { region = nodes[1] diff --git a/alibabacloud-gateway-pop/golang/client/client_test.go b/alibabacloud-gateway-pop/golang/client/client_test.go index b2fa41cd..0cacc9bd 100644 --- a/alibabacloud-gateway-pop/golang/client/client_test.go +++ b/alibabacloud-gateway-pop/golang/client/client_test.go @@ -8,23 +8,25 @@ import ( ) func Test_GetRegion(t *testing.T) { - client := &Client{} - utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(nil, nil))) - utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(tea.String(""), tea.String("")))) - utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test")))) - utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test.alibaba.api.com")))) - utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test.aliyuncs.com")))) - utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-dualstack.aliyuncs.com")))) - utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-inner.aliyuncs.com")))) - utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-vpc.aliyuncs.com")))) - utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-share.aliyuncs.com")))) - utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-cn-hangzhou.aliyuncs.com")))) - utils.AssertEqual(t, "cn-hangzhou", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test.cn-hangzhou.aliyuncs.com")))) - utils.AssertEqual(t, "cn-hangzhou", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-inner.cn-hangzhou.aliyuncs.com")))) - utils.AssertEqual(t, "cn-hangzhou", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-vpc.cn-hangzhou.aliyuncs.com")))) - utils.AssertEqual(t, "cn-hangzhou", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-share.cn-hangzhou.aliyuncs.com")))) - utils.AssertEqual(t, "cn-hangzhou", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-dualstack.cn-hangzhou.aliyuncs.com")))) - utils.AssertEqual(t, "cn-hangzhou", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-proxy.cn-hangzhou.aliyuncs.com")))) - utils.AssertEqual(t, "cn-hangzhou-acdr-ut-1", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-inner.cn-hangzhou-acdr-ut-1.aliyuncs.com")))) - utils.AssertEqual(t, "cn-edge-1", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-inner.cn-edge-1.aliyuncs.com")))) + client, err := NewClient() + utils.AssertNil(t, err) + utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(nil, nil, nil))) + utils.AssertEqual(t, "cn-hangzhou", tea.StringValue(client.GetRegion(nil, nil, tea.String("cn-hangzhou")))) + utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(tea.String(""), tea.String(""), nil))) + utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test"), nil))) + utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test.alibaba.api.com"), nil))) + utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test.aliyuncs.com"), nil))) + utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-dualstack.aliyuncs.com"), nil))) + utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-inner.aliyuncs.com"), nil))) + utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-vpc.aliyuncs.com"), nil))) + utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-share.aliyuncs.com"), nil))) + utils.AssertEqual(t, "center", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-cn-hangzhou.aliyuncs.com"), nil))) + utils.AssertEqual(t, "cn-hangzhou", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test.cn-hangzhou.aliyuncs.com"), nil))) + utils.AssertEqual(t, "cn-hangzhou", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-inner.cn-hangzhou.aliyuncs.com"), nil))) + utils.AssertEqual(t, "cn-hangzhou", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-vpc.cn-hangzhou.aliyuncs.com"), nil))) + utils.AssertEqual(t, "cn-hangzhou", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-share.cn-hangzhou.aliyuncs.com"), nil))) + utils.AssertEqual(t, "cn-hangzhou", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-dualstack.cn-hangzhou.aliyuncs.com"), nil))) + utils.AssertEqual(t, "cn-hangzhou", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-proxy.cn-hangzhou.aliyuncs.com"), nil))) + utils.AssertEqual(t, "cn-hangzhou-acdr-ut-1", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-inner.cn-hangzhou-acdr-ut-1.aliyuncs.com"), nil))) + utils.AssertEqual(t, "cn-edge-1", tea.StringValue(client.GetRegion(tea.String("test"), tea.String("test-inner.cn-edge-1.aliyuncs.com"), nil))) } diff --git a/alibabacloud-gateway-pop/golang/go.mod b/alibabacloud-gateway-pop/golang/go.mod index f387518d..f77c41e4 100644 --- a/alibabacloud-gateway-pop/golang/go.mod +++ b/alibabacloud-gateway-pop/golang/go.mod @@ -11,9 +11,9 @@ require ( github.com/alibabacloud-go/darabonba-string v1.0.2 github.com/alibabacloud-go/endpoint-util v1.1.0 github.com/alibabacloud-go/openapi-util v0.1.1 - github.com/alibabacloud-go/tea v1.1.20 + github.com/alibabacloud-go/tea v1.2.2 github.com/alibabacloud-go/tea-utils/v2 v2.0.6 - github.com/aliyun/credentials-go v1.3.10 // indirect + github.com/aliyun/credentials-go v1.4.5 // indirect github.com/json-iterator/go v1.1.12 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect golang.org/x/net v0.23.0 // indirect diff --git a/alibabacloud-gateway-pop/golang/go.sum b/alibabacloud-gateway-pop/golang/go.sum index 26578535..1d4bfbfd 100644 --- a/alibabacloud-gateway-pop/golang/go.sum +++ b/alibabacloud-gateway-pop/golang/go.sum @@ -2,6 +2,8 @@ cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.4 h1:iC9YFYKDGEy3n/FtqJnOkZsene9olVspKmkX5A2YBEo= github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.4/go.mod h1:sCavSAvdzOjul4cEqeVtvlSaSScfNsTQ+46HwlTL1hc= +github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.5 h1:zE8vH9C7JiZLNJJQ5OwjU9mSi4T9ef9u3BURT6LCLC8= +github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.5/go.mod h1:tWnyE9AjF8J8qqLk645oUmVUnFybApTQWklQmi5tY6g= github.com/alibabacloud-go/darabonba-array v0.1.0 h1:vR8s7b1fWAQIjEjWnuF0JiKsCvclSRTfDzZHTYqfufY= github.com/alibabacloud-go/darabonba-array v0.1.0/go.mod h1:BLKxr0brnggqOJPqT09DFJ8g3fsDshapUD3C3aOEFaI= github.com/alibabacloud-go/darabonba-encode-util v0.0.2 h1:1uJGrbsGEVqWcWxrS9MyC2NG0Ax+GpOM5gtupki31XE= @@ -14,10 +16,15 @@ github.com/alibabacloud-go/darabonba-string v1.0.2 h1:E714wms5ibdzCqGeYJ9JCFywE5 github.com/alibabacloud-go/darabonba-string v1.0.2/go.mod h1:93cTfV3vuPhhEwGGpKKqhVW4jLe7tDpo3LUM0i0g6mA= github.com/alibabacloud-go/debug v0.0.0-20190504072949-9472017b5c68 h1:NqugFkGxx1TXSh/pBcU00Y6bljgDPaFdh5MUSeJ7e50= github.com/alibabacloud-go/debug v0.0.0-20190504072949-9472017b5c68/go.mod h1:6pb/Qy8c+lqua8cFpEy7g39NRRqOWc3rOwAy8m5Y2BY= +github.com/alibabacloud-go/debug v1.0.0/go.mod h1:8gfgZCCAC3+SCzjWtY053FrOcd4/qlH6IHTI4QyICOc= +github.com/alibabacloud-go/debug v1.0.1 h1:MsW9SmUtbb1Fnt3ieC6NNZi6aEwrXfDksD4QA6GSbPg= +github.com/alibabacloud-go/debug v1.0.1/go.mod h1:8gfgZCCAC3+SCzjWtY053FrOcd4/qlH6IHTI4QyICOc= github.com/alibabacloud-go/endpoint-util v1.1.0 h1:r/4D3VSw888XGaeNpP994zDUaxdgTSHBbVfZlzf6b5Q= github.com/alibabacloud-go/endpoint-util v1.1.0/go.mod h1:O5FuCALmCKs2Ff7JFJMudHs0I5EBgecXXxZRyswlEjE= github.com/alibabacloud-go/openapi-util v0.1.0 h1:0z75cIULkDrdEhkLWgi9tnLe+KhAFE/r5Pb3312/eAY= github.com/alibabacloud-go/openapi-util v0.1.0/go.mod h1:sQuElr4ywwFRlCCberQwKRFhRzIyG4QTP/P4y1CJ6Ws= +github.com/alibabacloud-go/openapi-util v0.1.1 h1:ujGErJjG8ncRW6XtBBMphzHTvCxn4DjrVw4m04HsS28= +github.com/alibabacloud-go/openapi-util v0.1.1/go.mod h1:/UehBSE2cf1gYT43GV4E+RxTdLRzURImCYY0aRmlXpw= github.com/alibabacloud-go/tea v1.1.0/go.mod h1:IkGyUSX4Ba1V+k4pCtJUc6jDpZLFph9QMy2VUPTwukg= github.com/alibabacloud-go/tea v1.1.7/go.mod h1:/tmnEaQMyb4Ky1/5D+SE1BAsa5zj/KeGOFfwYm3N/p4= github.com/alibabacloud-go/tea v1.1.8/go.mod h1:/tmnEaQMyb4Ky1/5D+SE1BAsa5zj/KeGOFfwYm3N/p4= @@ -25,13 +32,20 @@ github.com/alibabacloud-go/tea v1.1.11/go.mod h1:/tmnEaQMyb4Ky1/5D+SE1BAsa5zj/Ke github.com/alibabacloud-go/tea v1.1.17/go.mod h1:nXxjm6CIFkBhwW4FQkNrolwbfon8Svy6cujmKFUq98A= github.com/alibabacloud-go/tea v1.1.20 h1:wFK4xEbvGYMtzTyHhIju9D7ecWxvSUdoLO6y4vDLFik= github.com/alibabacloud-go/tea v1.1.20/go.mod h1:nXxjm6CIFkBhwW4FQkNrolwbfon8Svy6cujmKFUq98A= +github.com/alibabacloud-go/tea v1.2.2 h1:aTsR6Rl3ANWPfqeQugPglfurloyBJY85eFy7Gc1+8oU= +github.com/alibabacloud-go/tea v1.2.2/go.mod h1:CF3vOzEMAG+bR4WOql8gc2G9H3EkH3ZLAQdpmpXMgwk= github.com/alibabacloud-go/tea-utils v1.3.1 h1:iWQeRzRheqCMuiF3+XkfybB3kTgUXkXX+JMrqfLeB2I= github.com/alibabacloud-go/tea-utils v1.3.1/go.mod h1:EI/o33aBfj3hETm4RLiAxF/ThQdSngxrpF8rKUDJjPE= github.com/alibabacloud-go/tea-utils/v2 v2.0.5 h1:EUakYEUAwr6L3wLT0vejIw2rc0IA1RSXDwLnIb3f2vU= github.com/alibabacloud-go/tea-utils/v2 v2.0.5/go.mod h1:dL6vbUT35E4F4bFTHL845eUloqaerYBYPsdWR2/jhe4= +github.com/alibabacloud-go/tea-utils/v2 v2.0.6 h1:ZkmUlhlQbaDC+Eba/GARMPy6hKdCLiSke5RsN5LcyQ0= +github.com/alibabacloud-go/tea-utils/v2 v2.0.6/go.mod h1:qxn986l+q33J5VkialKMqT/TTs3E+U9MJpd001iWQ9I= github.com/aliyun/credentials-go v1.1.2/go.mod h1:ozcZaMR5kLM7pwtCMEpVmQ242suV6qTJya2bDq4X1Tw= github.com/aliyun/credentials-go v1.3.1 h1:uq/0v7kWrxmoLGpqjx7vtQ/s03f0zR//0br/xWDTE28= github.com/aliyun/credentials-go v1.3.1/go.mod h1:8jKYhQuDawt8x2+fusqa1Y6mPxemTsBEN04dgcAcYz0= +github.com/aliyun/credentials-go v1.3.6/go.mod h1:1LxUuX7L5YrZUWzBrRyk0SwSdH4OmPrib8NVePL3fxM= +github.com/aliyun/credentials-go v1.4.5 h1:O76WYKgdy1oQYYiJkERjlA2dxGuvLRrzuO2ScrtGWSk= +github.com/aliyun/credentials-go v1.4.5/go.mod h1:Jm6d+xIgwJVLVWT561vy67ZRP4lPTQxMbEYRuT2Ti1U= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= @@ -100,6 +114,7 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20201012173705-84dcc777aaee/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= +golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -124,6 +139,7 @@ golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= +golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= @@ -148,6 +164,7 @@ golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= @@ -155,6 +172,7 @@ golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuX golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= +golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= diff --git a/alibabacloud-gateway-pop/java/pom.xml b/alibabacloud-gateway-pop/java/pom.xml index 04f030cc..16b340ca 100644 --- a/alibabacloud-gateway-pop/java/pom.xml +++ b/alibabacloud-gateway-pop/java/pom.xml @@ -75,17 +75,17 @@ com.aliyun credentials-java - 0.3.10 + 1.0.1 com.aliyun darabonba-encode-util - 0.0.2 + 0.0.3 com.aliyun darabonba-signature-util - 0.0.4 + 0.0.5 com.aliyun diff --git a/alibabacloud-gateway-pop/java/src/main/java/com/aliyun/gateway/pop/Client.java b/alibabacloud-gateway-pop/java/src/main/java/com/aliyun/gateway/pop/Client.java index 83a9ebaf..8cf3db92 100644 --- a/alibabacloud-gateway-pop/java/src/main/java/com/aliyun/gateway/pop/Client.java +++ b/alibabacloud-gateway-pop/java/src/main/java/com/aliyun/gateway/pop/Client.java @@ -5,18 +5,35 @@ public class Client extends com.aliyun.gateway.spi.Client { + public String _endpointSuffix; + public String _signatureTypePrefix; + public String _signPrefix; public String _sha256; public String _sm3; public Client() throws Exception { super(); - this._sha256 = "ACS4-HMAC-SHA256"; - this._sm3 = "ACS4-HMAC-SM3"; + // CLOUD4- + this._signatureTypePrefix = "ACS4-"; + // cloud_v4 + this._signPrefix = "aliyun_v4"; + this._endpointSuffix = "aliyuncs.com"; + this._sha256 = "" + _signatureTypePrefix + "HMAC-SHA256"; + this._sm3 = "" + _signatureTypePrefix + "HMAC-SM3"; } public void modifyConfiguration(com.aliyun.gateway.spi.models.InterceptorContext context, com.aliyun.gateway.spi.models.AttributeMap attributeMap) throws Exception { com.aliyun.gateway.spi.models.InterceptorContext.InterceptorContextRequest request = context.request; com.aliyun.gateway.spi.models.InterceptorContext.InterceptorContextConfiguration config = context.configuration; + java.util.Map attributes = attributeMap.key; + if (!com.aliyun.teautil.Common.isUnset(attributes)) { + this._signatureTypePrefix = attributes.get("signatureTypePrefix"); + this._signPrefix = attributes.get("signPrefix"); + this._endpointSuffix = attributes.get("endpointSuffix"); + this._sha256 = "" + _signatureTypePrefix + "HMAC-SHA256"; + this._sm3 = "" + _signatureTypePrefix + "HMAC-SM3"; + } + config.endpoint = this.getEndpoint(request.productId, config.regionId, config.endpointRule, config.network, config.suffix, config.endpointMap, config.endpoint); } @@ -77,15 +94,24 @@ public void modifyRequest(com.aliyun.gateway.spi.models.InterceptorContext conte )); } - String authType = credential.getType(); + com.aliyun.credentials.models.CredentialModel credentialModel = credential.getCredential(); + if (!com.aliyun.teautil.Common.empty(credentialModel.providerName)) { + request.headers.put("x-acs-credentials-provider", credentialModel.providerName); + } + + String authType = credentialModel.type; if (com.aliyun.teautil.Common.equalString(authType, "bearer")) { String bearerToken = credential.getBearerToken(); request.headers.put("x-acs-bearer-token", bearerToken); + request.headers.put("x-acs-signature-type", "BEARERTOKEN"); request.headers.put("Authorization", "Bearer " + bearerToken + ""); + } else if (com.aliyun.teautil.Common.equalString(authType, "id_token")) { + String idToken = credentialModel.securityToken; + request.headers.put("x-acs-zero-trust-idtoken", idToken); } else { - String accessKeyId = credential.getAccessKeyId(); - String accessKeySecret = credential.getAccessKeySecret(); - String securityToken = credential.getSecurityToken(); + String accessKeyId = credentialModel.accessKeyId; + String accessKeySecret = credentialModel.accessKeySecret; + String securityToken = credentialModel.securityToken; if (!com.aliyun.teautil.Common.empty(securityToken)) { request.headers.put("x-acs-accesskey-id", accessKeyId); request.headers.put("x-acs-security-token", securityToken); @@ -93,7 +119,7 @@ public void modifyRequest(com.aliyun.gateway.spi.models.InterceptorContext conte String dateNew = com.aliyun.darabonbastring.Client.subString(date, 0, 10); dateNew = com.aliyun.darabonbastring.Client.replace(dateNew, "-", "", null); - String region = this.getRegion(request.productId, config.endpoint); + String region = this.getRegion(request.productId, config.endpoint, config.regionId); byte[] signingkey = this.getSigningkey(signatureAlgorithm, accessKeySecret, request.productId, region, dateNew); request.headers.put("Authorization", this.getAuthorization(request.pathname, request.method, request.query, request.headers, signatureAlgorithm, hashedRequestPayload, accessKeyId, signingkey, request.productId, region, dateNew)); } @@ -170,7 +196,7 @@ public String getAuthorization(String pathname, String method, java.util.Map signedHeaders = this.getSignedHeaders(headers); String signedHeadersStr = com.aliyun.darabonba.array.Client.join(signedHeaders, ";"); - return "" + signatureAlgorithm + " Credential=" + ak + "/" + date + "/" + region + "/" + product + "/aliyun_v4_request,SignedHeaders=" + signedHeadersStr + ",Signature=" + signature + ""; + return "" + signatureAlgorithm + " Credential=" + ak + "/" + date + "/" + region + "/" + product + "/" + _signPrefix + "_request,SignedHeaders=" + signedHeadersStr + ",Signature=" + signature + ""; } public String getSignature(String pathname, String method, java.util.Map query, java.util.Map headers, String signatureAlgorithm, String payload, byte[] signingkey) throws Exception { @@ -198,7 +224,7 @@ public String getSignature(String pathname, String method, java.util.Map strs = com.aliyun.darabonbastring.Client.split(endpoint, ":", null); String withoutPort = strs.get(0); - String preRegion = com.aliyun.darabonbastring.Client.replace(withoutPort, ".aliyuncs.com", "", null); + String preRegion = com.aliyun.darabonbastring.Client.replace(withoutPort, "." + _endpointSuffix + "", "", null); java.util.List nodes = com.aliyun.darabonbastring.Client.split(preRegion, ".", null); if (com.aliyun.teautil.Common.equalNumber(com.aliyun.darabonba.array.Client.size(nodes), 2)) { region = nodes.get(1); diff --git a/alibabacloud-gateway-pop/java/src/test/java/com/aliyun/gateway/pop/UnitTest.java b/alibabacloud-gateway-pop/java/src/test/java/com/aliyun/gateway/pop/UnitTest.java index f4161d4d..34b86e50 100644 --- a/alibabacloud-gateway-pop/java/src/test/java/com/aliyun/gateway/pop/UnitTest.java +++ b/alibabacloud-gateway-pop/java/src/test/java/com/aliyun/gateway/pop/UnitTest.java @@ -7,23 +7,24 @@ public class UnitTest { @Test public void getRegionTest() throws Exception { Client client = new Client(); - Assert.assertEquals("center", client.getRegion(null, null)); - Assert.assertEquals("center", client.getRegion("", "")); - Assert.assertEquals("center", client.getRegion("test", "test")); - Assert.assertEquals("center", client.getRegion("test", "test.alibaba.api.com")); - Assert.assertEquals("center", client.getRegion("test", "test.aliyuncs.com")); - Assert.assertEquals("center", client.getRegion("test", "test-dualstack.aliyuncs.com")); - Assert.assertEquals("center", client.getRegion("test", "test-inner.aliyuncs.com")); - Assert.assertEquals("center", client.getRegion("test", "test-vpc.aliyuncs.com")); - Assert.assertEquals("center", client.getRegion("test", "test-share.aliyuncs.com")); - Assert.assertEquals("center", client.getRegion("test", "test-cn-hangzhou.aliyuncs.com")); - Assert.assertEquals("cn-hangzhou", client.getRegion("test", "test.cn-hangzhou.aliyuncs.com")); - Assert.assertEquals("cn-hangzhou", client.getRegion("test", "test-inner.cn-hangzhou.aliyuncs.com")); - Assert.assertEquals("cn-hangzhou", client.getRegion("test", "test-vpc.cn-hangzhou.aliyuncs.com")); - Assert.assertEquals("cn-hangzhou", client.getRegion("test", "test-share.cn-hangzhou.aliyuncs.com")); - Assert.assertEquals("cn-hangzhou", client.getRegion("test", "test-dualstack.cn-hangzhou.aliyuncs.com")); - Assert.assertEquals("cn-hangzhou", client.getRegion("test", "test-proxy.cn-hangzhou.aliyuncs.com")); - Assert.assertEquals("cn-hangzhou-acdr-ut-1", client.getRegion("test", "test-inner.cn-hangzhou-acdr-ut-1.aliyuncs.com")); - Assert.assertEquals("cn-edge-1", client.getRegion("test", "test-inner.cn-edge-1.aliyuncs.com")); + Assert.assertEquals("center", client.getRegion(null, null, null)); + Assert.assertEquals("cn-hangzhou", client.getRegion(null, null, "cn-hangzhou")); + Assert.assertEquals("center", client.getRegion("", "", null)); + Assert.assertEquals("center", client.getRegion("test", "test", null)); + Assert.assertEquals("center", client.getRegion("test", "test.alibaba.api.com", null)); + Assert.assertEquals("center", client.getRegion("test", "test.aliyuncs.com", null)); + Assert.assertEquals("center", client.getRegion("test", "test-dualstack.aliyuncs.com", null)); + Assert.assertEquals("center", client.getRegion("test", "test-inner.aliyuncs.com", null)); + Assert.assertEquals("center", client.getRegion("test", "test-vpc.aliyuncs.com", null)); + Assert.assertEquals("center", client.getRegion("test", "test-share.aliyuncs.com", null)); + Assert.assertEquals("center", client.getRegion("test", "test-cn-hangzhou.aliyuncs.com", null)); + Assert.assertEquals("cn-hangzhou", client.getRegion("test", "test.cn-hangzhou.aliyuncs.com", null)); + Assert.assertEquals("cn-hangzhou", client.getRegion("test", "test-inner.cn-hangzhou.aliyuncs.com", null)); + Assert.assertEquals("cn-hangzhou", client.getRegion("test", "test-vpc.cn-hangzhou.aliyuncs.com", null)); + Assert.assertEquals("cn-hangzhou", client.getRegion("test", "test-share.cn-hangzhou.aliyuncs.com", null)); + Assert.assertEquals("cn-hangzhou", client.getRegion("test", "test-dualstack.cn-hangzhou.aliyuncs.com", null)); + Assert.assertEquals("cn-hangzhou", client.getRegion("test", "test-proxy.cn-hangzhou.aliyuncs.com", null)); + Assert.assertEquals("cn-hangzhou-acdr-ut-1", client.getRegion("test", "test-inner.cn-hangzhou-acdr-ut-1.aliyuncs.com", null)); + Assert.assertEquals("cn-edge-1", client.getRegion("test", "test-inner.cn-edge-1.aliyuncs.com", null)); } } \ No newline at end of file diff --git a/alibabacloud-gateway-pop/main.tea b/alibabacloud-gateway-pop/main.tea index 84d5736d..7fe3e423 100644 --- a/alibabacloud-gateway-pop/main.tea +++ b/alibabacloud-gateway-pop/main.tea @@ -11,18 +11,34 @@ import Array; extends SPI; +type @endpointSuffix = string +type @signatureTypePrefix = string +type @signPrefix = string type @sha256 = string type @sm3 = string init() { super(); - @sha256 = 'ACS4-HMAC-SHA256'; - @sm3 = 'ACS4-HMAC-SM3'; + // CLOUD4- + @signatureTypePrefix = 'ACS4-'; + // cloud_v4 + @signPrefix = 'aliyun_v4'; + @endpointSuffix = 'aliyuncs.com'; + @sha256 = `${@signatureTypePrefix}HMAC-SHA256`; + @sm3 = `${@signatureTypePrefix}HMAC-SM3`; } async function modifyConfiguration(context: SPI.InterceptorContext, attributeMap: SPI.AttributeMap): void { var request = context.request; var config = context.configuration; + var attributes = attributeMap.key; + if (!Util.isUnset(attributes)) { + @signatureTypePrefix = attributes.signatureTypePrefix; + @signPrefix = attributes.signPrefix; + @endpointSuffix = attributes.endpointSuffix; + @sha256 = `${@signatureTypePrefix}HMAC-SHA256`; + @sm3 = `${@signatureTypePrefix}HMAC-SM3`; + } config.endpoint = getEndpoint(request.productId, config.regionId, config.endpointRule, config.network, config.suffix, config.endpointMap, config.endpoint); } @@ -81,15 +97,24 @@ async function modifyRequest(context: SPI.InterceptorContext, attributeMap: SPI. message = '\'config.credential\' can not be unset' }; } - var authType = credential.getType(); + + var credentialModel = credential.getCredential(); + if (!Util.empty(credentialModel.providerName)) { + request.headers.x-acs-credentials-provider = credentialModel.providerName; + } + var authType = credentialModel.type; if (Util.equalString(authType, 'bearer')) { var bearerToken = credential.getBearerToken(); request.headers.x-acs-bearer-token = bearerToken; + request.headers.x-acs-signature-type = 'BEARERTOKEN'; request.headers.Authorization = `Bearer ${bearerToken}`; + } else if (Util.equalString(authType, 'id_token')) { + var idToken = credentialModel.securityToken; + request.headers.x-acs-zero-trust-idtoken = idToken; } else { - var accessKeyId = credential.getAccessKeyId(); - var accessKeySecret = credential.getAccessKeySecret(); - var securityToken = credential.getSecurityToken(); + var accessKeyId = credentialModel.accessKeyId; + var accessKeySecret = credentialModel.accessKeySecret; + var securityToken = credentialModel.securityToken; if (!Util.empty(securityToken)) { request.headers.x-acs-accesskey-id = accessKeyId; @@ -97,7 +122,7 @@ async function modifyRequest(context: SPI.InterceptorContext, attributeMap: SPI. } var dateNew = String.subString(date, 0, 10); dateNew = String.replace(dateNew, '-', '', null); - var region = getRegion(request.productId, config.endpoint); + var region = getRegion(request.productId, config.endpoint, config.regionId); var signingkey = getSigningkey(signatureAlgorithm, accessKeySecret, request.productId, region, dateNew); request.headers.Authorization = getAuthorization(request.pathname, request.method, request.query, request.headers, signatureAlgorithm, hashedRequestPayload, accessKeyId, signingkey, request.productId, region, dateNew); } @@ -168,7 +193,7 @@ async function getAuthorization(pathname: string, method: string, query: map[str var signature = getSignature(pathname, method, query, headers, signatureAlgorithm, payload, signingkey); var signedHeaders = getSignedHeaders(headers); var signedHeadersStr = Array.join(signedHeaders, ';'); - return `${signatureAlgorithm} Credential=${ak}/${date}/${region}/${product}/aliyun_v4_request,SignedHeaders=${signedHeadersStr},Signature=${signature}`; + return `${signatureAlgorithm} Credential=${ak}/${date}/${region}/${product}/${@signPrefix}_request,SignedHeaders=${signedHeadersStr},Signature=${signature}`; } async function getSignature(pathname: string, method: string, query: map[string]string, headers: map[string]string, signatureAlgorithm: string, payload: string, signingkey: bytes): string { @@ -194,7 +219,7 @@ async function getSignature(pathname: string, method: string, query: map[string] } async function getSigningkey(signatureAlgorithm: string, secret: string, product: string, region: string, date: string): bytes { - var sc1 = `aliyun_v4${secret}`; + var sc1 = `${@signPrefix}${secret}`; var sc2 = Util.toBytes(''); if (Util.equalString(signatureAlgorithm, @sha256)) { sc2 = SignatureUtil.HmacSHA256Sign(date, sc1); @@ -215,21 +240,24 @@ async function getSigningkey(signatureAlgorithm: string, secret: string, product } var hmac = Util.toBytes(''); if (Util.equalString(signatureAlgorithm, @sha256)) { - hmac = SignatureUtil.HmacSHA256SignByBytes('aliyun_v4_request', sc4); + hmac = SignatureUtil.HmacSHA256SignByBytes(`${@signPrefix}_request`, sc4); } else if (Util.equalString(signatureAlgorithm, @sm3)) { - hmac = SignatureUtil.HmacSM3SignByBytes('aliyun_v4_request', sc4); + hmac = SignatureUtil.HmacSM3SignByBytes(`${@signPrefix}_request`, sc4); } return hmac; } -function getRegion(product: string, endpoint: string): string { +function getRegion(product: string, endpoint: string, regionId: string): string { + if (!Util.empty(regionId)) { + return regionId; + } var region = 'center'; if (Util.empty(product) || Util.empty(endpoint)) { return region; } var strs : [string] = String.split(endpoint, ':', null); var withoutPort : string = strs[0]; - var preRegion: string = String.replace(withoutPort, '.aliyuncs.com', '', null); + var preRegion: string = String.replace(withoutPort, `.${@endpointSuffix}`, '', null); var nodes = String.split(preRegion, '.', null); if (Util.equalNumber(Array.size(nodes), 2)) { region = nodes[1]; diff --git a/alibabacloud-gateway-pop/php/composer.json b/alibabacloud-gateway-pop/php/composer.json index 3b88870e..a9ff4382 100644 --- a/alibabacloud-gateway-pop/php/composer.json +++ b/alibabacloud-gateway-pop/php/composer.json @@ -12,7 +12,7 @@ "require": { "php": ">5.5", "alibabacloud/gateway-spi": "^1", - "alibabacloud/credentials": "^1.1", + "alibabacloud/credentials": "^1.2.2", "alibabacloud/tea-utils": "^0.2.21", "alibabacloud/openapi-util": "^0.1.10|^0.2.1", "alibabacloud/endpoint-util": "^0.1.0", diff --git a/alibabacloud-gateway-pop/php/src/Client.php b/alibabacloud-gateway-pop/php/src/Client.php index 7fc35a6d..593a54b2 100644 --- a/alibabacloud-gateway-pop/php/src/Client.php +++ b/alibabacloud-gateway-pop/php/src/Client.php @@ -4,10 +4,10 @@ namespace Darabonba\GatewayPop; use Darabonba\GatewaySpi\Client as DarabonbaGatewaySpiClient; +use AlibabaCloud\Tea\Utils\Utils; use AlibabaCloud\Tea\Exception\TeaError; use AlibabaCloud\OpenApiUtil\OpenApiUtilClient; use AlibabaCloud\Tea\Tea; -use AlibabaCloud\Tea\Utils\Utils; use AlibabaCloud\Darabonba\EncodeUtil\EncodeUtil; use AlibabaCloud\Darabonba\String\StringUtil; use AlibabaCloud\Endpoint\Endpoint; @@ -18,15 +18,28 @@ use Darabonba\GatewaySpi\Models\InterceptorContext; use Darabonba\GatewaySpi\Models\AttributeMap; -class Client extends DarabonbaGatewaySpiClient { +class Client extends DarabonbaGatewaySpiClient +{ + protected $_endpointSuffix; + + protected $_signatureTypePrefix; + + protected $_signPrefix; + protected $_sha256; protected $_sm3; - public function __construct(){ + public function __construct() + { parent::__construct(); - $this->_sha256 = "ACS4-HMAC-SHA256"; - $this->_sm3 = "ACS4-HMAC-SM3"; + // CLOUD4- + $this->_signatureTypePrefix = "ACS4-"; + // cloud_v4 + $this->_signPrefix = "aliyun_v4"; + $this->_endpointSuffix = "aliyuncs.com"; + $this->_sha256 = "" . $this->_signatureTypePrefix . "HMAC-SHA256"; + $this->_sm3 = "" . $this->_signatureTypePrefix . "HMAC-SM3"; } /** @@ -34,9 +47,18 @@ public function __construct(){ * @param AttributeMap $attributeMap * @return void */ - public function modifyConfiguration($context, $attributeMap){ + public function modifyConfiguration($context, $attributeMap) + { $request = $context->request; $config = $context->configuration; + $attributes = $attributeMap->key; + if (!Utils::isUnset($attributes)) { + $this->_signatureTypePrefix = @$attributes["signatureTypePrefix"]; + $this->_signPrefix = @$attributes["signPrefix"]; + $this->_endpointSuffix = @$attributes["endpointSuffix"]; + $this->_sha256 = "" . $this->_signatureTypePrefix . "HMAC-SHA256"; + $this->_sm3 = "" . $this->_signatureTypePrefix . "HMAC-SM3"; + } $config->endpoint = $this->getEndpoint($request->productId, $config->regionId, $config->endpointRule, $config->network, $config->suffix, $config->endpointMap, $config->endpoint); } @@ -46,7 +68,8 @@ public function modifyConfiguration($context, $attributeMap){ * @return void * @throws TeaError */ - public function modifyRequest($context, $attributeMap){ + public function modifyRequest($context, $attributeMap) + { $request = $context->request; $config = $context->configuration; $date = OpenApiUtilClient::getTimestamp(); @@ -66,16 +89,14 @@ public function modifyRequest($context, $attributeMap){ $hashedRequestPayload = EncodeUtil::hexEncode(EncodeUtil::hash($tmp, $signatureAlgorithm)); $request->stream = $tmp; $request->headers["content-type"] = "application/octet-stream"; - } - else { + } else { if (!Utils::isUnset($request->body)) { if (Utils::equalString($request->reqBodyType, "json")) { $jsonObj = Utils::toJSONString($request->body); $hashedRequestPayload = EncodeUtil::hexEncode(EncodeUtil::hash(Utils::toBytes($jsonObj), $signatureAlgorithm)); $request->stream = $jsonObj; $request->headers["content-type"] = "application/json; charset=utf-8"; - } - else { + } else { $m = Utils::assertAsMap($request->body); $formObj = OpenApiUtilClient::toForm($m); $hashedRequestPayload = EncodeUtil::hexEncode(EncodeUtil::hash(Utils::toBytes($formObj), $signatureAlgorithm)); @@ -86,8 +107,7 @@ public function modifyRequest($context, $attributeMap){ } if (Utils::equalString($signatureAlgorithm, $this->_sm3)) { $request->headers["x-acs-content-sm3"] = $hashedRequestPayload; - } - else { + } else { $request->headers["x-acs-content-sha256"] = $hashedRequestPayload; } if (!Utils::equalString($request->authType, "Anonymous")) { @@ -98,23 +118,30 @@ public function modifyRequest($context, $attributeMap){ "message" => "'config.credential' can not be unset" ]); } - $authType = $credential->getType(); + $credentialModel = $credential->getCredential(); + if (!Utils::empty_($credentialModel->providerName)) { + $request->headers["x-acs-credentials-provider"] = $credentialModel->providerName; + } + $authType = $credentialModel->type; if (Utils::equalString($authType, "bearer")) { $bearerToken = $credential->getBearerToken(); $request->headers["x-acs-bearer-token"] = $bearerToken; + $request->headers["x-acs-signature-type"] = "BEARERTOKEN"; $request->headers["Authorization"] = "Bearer " . $bearerToken . ""; - } - else { - $accessKeyId = $credential->getAccessKeyId(); - $accessKeySecret = $credential->getAccessKeySecret(); - $securityToken = $credential->getSecurityToken(); + } else if (Utils::equalString($authType, "id_token")) { + $idToken = $credentialModel->securityToken; + $request->headers["x-acs-zero-trust-idtoken"] = $idToken; + } else { + $accessKeyId = $credentialModel->accessKeyId; + $accessKeySecret = $credentialModel->accessKeySecret; + $securityToken = $credentialModel->securityToken; if (!Utils::empty_($securityToken)) { $request->headers["x-acs-accesskey-id"] = $accessKeyId; $request->headers["x-acs-security-token"] = $securityToken; } $dateNew = StringUtil::subString($date, 0, 10); $dateNew = StringUtil::replace($dateNew, "-", "", null); - $region = $this->getRegion($request->productId, $config->endpoint); + $region = $this->getRegion($request->productId, $config->endpoint, $config->regionId); $signingkey = $this->getSigningkey($signatureAlgorithm, $accessKeySecret, $request->productId, $region, $dateNew); $request->headers["Authorization"] = $this->getAuthorization($request->pathname, $request->method, $request->query, $request->headers, $signatureAlgorithm, $hashedRequestPayload, $accessKeyId, $signingkey, $request->productId, $region, $dateNew); } @@ -127,7 +154,8 @@ public function modifyRequest($context, $attributeMap){ * @return void * @throws TeaError */ - public function modifyResponse($context, $attributeMap){ + public function modifyResponse($context, $attributeMap) + { $request = $context->request; $response = $context->response; if (Utils::is4xx($response->statusCode) || Utils::is5xx($response->statusCode)) { @@ -148,28 +176,22 @@ public function modifyResponse($context, $attributeMap){ } if (Utils::equalNumber($response->statusCode, 204)) { Utils::readAsString($response->body); - } - else if (Utils::equalString($request->bodyType, "binary")) { + } else if (Utils::equalString($request->bodyType, "binary")) { $response->deserializedBody = $response->body; - } - else if (Utils::equalString($request->bodyType, "byte")) { + } else if (Utils::equalString($request->bodyType, "byte")) { $byt = Utils::readAsBytes($response->body); $response->deserializedBody = $byt; - } - else if (Utils::equalString($request->bodyType, "string")) { + } else if (Utils::equalString($request->bodyType, "string")) { $str = Utils::readAsString($response->body); $response->deserializedBody = $str; - } - else if (Utils::equalString($request->bodyType, "json")) { + } else if (Utils::equalString($request->bodyType, "json")) { $obj = Utils::readAsJSON($response->body); $res = Utils::assertAsMap($obj); $response->deserializedBody = $res; - } - else if (Utils::equalString($request->bodyType, "array")) { + } else if (Utils::equalString($request->bodyType, "array")) { $arr = Utils::readAsJSON($response->body); $response->deserializedBody = $arr; - } - else { + } else { $response->deserializedBody = Utils::readAsString($response->body); } } @@ -184,7 +206,8 @@ public function modifyResponse($context, $attributeMap){ * @param string $endpoint * @return string */ - public function getEndpoint($productId, $regionId, $endpointRule, $network, $suffix, $endpointMap, $endpoint){ + public function getEndpoint($productId, $regionId, $endpointRule, $network, $suffix, $endpointMap, $endpoint) + { if (!Utils::empty_($endpoint)) { return $endpoint; } @@ -199,7 +222,8 @@ public function getEndpoint($productId, $regionId, $endpointRule, $network, $suf * @param mixed $defaultValue * @return any */ - public function defaultAny($inputValue, $defaultValue){ + public function defaultAny($inputValue, $defaultValue) + { if (Utils::isUnset($inputValue)) { return $defaultValue; } @@ -220,11 +244,12 @@ public function defaultAny($inputValue, $defaultValue){ * @param string $date * @return string */ - public function getAuthorization($pathname, $method, $query, $headers, $signatureAlgorithm, $payload, $ak, $signingkey, $product, $region, $date){ + public function getAuthorization($pathname, $method, $query, $headers, $signatureAlgorithm, $payload, $ak, $signingkey, $product, $region, $date) + { $signature = $this->getSignature($pathname, $method, $query, $headers, $signatureAlgorithm, $payload, $signingkey); $signedHeaders = $this->getSignedHeaders($headers); $signedHeadersStr = ArrayUtil::join($signedHeaders, ";"); - return "" . $signatureAlgorithm . " Credential=" . $ak . "/" . $date . "/" . $region . "/" . $product . "/aliyun_v4_request,SignedHeaders=" . $signedHeadersStr . ",Signature=" . $signature . ""; + return "" . $signatureAlgorithm . " Credential=" . $ak . "/" . $date . "/" . $region . "/" . $product . "/" . $this->_signPrefix . "_request,SignedHeaders=" . $signedHeadersStr . ",Signature=" . $signature . ""; } /** @@ -237,7 +262,8 @@ public function getAuthorization($pathname, $method, $query, $headers, $signatur * @param int[] $signingkey * @return string */ - public function getSignature($pathname, $method, $query, $headers, $signatureAlgorithm, $payload, $signingkey){ + public function getSignature($pathname, $method, $query, $headers, $signatureAlgorithm, $payload, $signingkey) + { $canonicalURI = "/"; if (!Utils::empty_($pathname)) { $canonicalURI = $pathname; @@ -253,8 +279,7 @@ public function getSignature($pathname, $method, $query, $headers, $signatureAlg $signature = Utils::toBytes(""); if (Utils::equalString($signatureAlgorithm, $this->_sha256)) { $signature = SignatureUtil::HmacSHA256SignByBytes($stringToSign, $signingkey); - } - else if (Utils::equalString($signatureAlgorithm, $this->_sm3)) { + } else if (Utils::equalString($signatureAlgorithm, $this->_sm3)) { $signature = SignatureUtil::HmacSM3SignByBytes($stringToSign, $signingkey); } return EncodeUtil::hexEncode($signature); @@ -268,35 +293,32 @@ public function getSignature($pathname, $method, $query, $headers, $signatureAlg * @param string $date * @return array */ - public function getSigningkey($signatureAlgorithm, $secret, $product, $region, $date){ - $sc1 = "aliyun_v4" . $secret . ""; + public function getSigningkey($signatureAlgorithm, $secret, $product, $region, $date) + { + $sc1 = "" . $this->_signPrefix . "" . $secret . ""; $sc2 = Utils::toBytes(""); if (Utils::equalString($signatureAlgorithm, $this->_sha256)) { $sc2 = SignatureUtil::HmacSHA256Sign($date, $sc1); - } - else if (Utils::equalString($signatureAlgorithm, $this->_sm3)) { + } else if (Utils::equalString($signatureAlgorithm, $this->_sm3)) { $sc2 = SignatureUtil::HmacSM3Sign($date, $sc1); } $sc3 = Utils::toBytes(""); if (Utils::equalString($signatureAlgorithm, $this->_sha256)) { $sc3 = SignatureUtil::HmacSHA256SignByBytes($region, $sc2); - } - else if (Utils::equalString($signatureAlgorithm, $this->_sm3)) { + } else if (Utils::equalString($signatureAlgorithm, $this->_sm3)) { $sc3 = SignatureUtil::HmacSM3SignByBytes($region, $sc2); } $sc4 = Utils::toBytes(""); if (Utils::equalString($signatureAlgorithm, $this->_sha256)) { $sc4 = SignatureUtil::HmacSHA256SignByBytes($product, $sc3); - } - else if (Utils::equalString($signatureAlgorithm, $this->_sm3)) { + } else if (Utils::equalString($signatureAlgorithm, $this->_sm3)) { $sc4 = SignatureUtil::HmacSM3SignByBytes($product, $sc3); } $hmac = Utils::toBytes(""); if (Utils::equalString($signatureAlgorithm, $this->_sha256)) { - $hmac = SignatureUtil::HmacSHA256SignByBytes("aliyun_v4_request", $sc4); - } - else if (Utils::equalString($signatureAlgorithm, $this->_sm3)) { - $hmac = SignatureUtil::HmacSM3SignByBytes("aliyun_v4_request", $sc4); + $hmac = SignatureUtil::HmacSHA256SignByBytes("" . $this->_signPrefix . "_request", $sc4); + } else if (Utils::equalString($signatureAlgorithm, $this->_sm3)) { + $hmac = SignatureUtil::HmacSM3SignByBytes("" . $this->_signPrefix . "_request", $sc4); } return $hmac; } @@ -304,16 +326,21 @@ public function getSigningkey($signatureAlgorithm, $secret, $product, $region, $ /** * @param string $product * @param string $endpoint + * @param string $regionId * @return string */ - public function getRegion($product, $endpoint){ + public function getRegion($product, $endpoint, $regionId) + { + if (!Utils::empty_($regionId)) { + return $regionId; + } $region = "center"; if (Utils::empty_($product) || Utils::empty_($endpoint)) { return $region; } $strs = StringUtil::split($endpoint, ":", null); $withoutPort = @$strs[0]; - $preRegion = StringUtil::replace($withoutPort, ".aliyuncs.com", "", null); + $preRegion = StringUtil::replace($withoutPort, "." . $this->_endpointSuffix . "", "", null); $nodes = StringUtil::split($preRegion, ".", null); if (Utils::equalNumber(ArrayUtil::size($nodes), 2)) { $region = @$nodes[1]; @@ -325,13 +352,14 @@ public function getRegion($product, $endpoint){ * @param string[] $query * @return string */ - public function buildCanonicalizedResource($query){ + public function buildCanonicalizedResource($query) + { $canonicalizedResource = ""; if (!Utils::isUnset($query)) { $queryArray = MapUtil::keySet($query); $sortedQueryArray = ArrayUtil::ascSort($queryArray); $separator = ""; - foreach($sortedQueryArray as $key){ + foreach ($sortedQueryArray as $key) { $canonicalizedResource = "" . $canonicalizedResource . "" . $separator . "" . EncodeUtil::percentEncode($key) . ""; if (!Utils::empty_(@$query[$key])) { $canonicalizedResource = "" . $canonicalizedResource . "=" . EncodeUtil::percentEncode(@$query[$key]) . ""; @@ -346,10 +374,11 @@ public function buildCanonicalizedResource($query){ * @param string[] $headers * @return string */ - public function buildCanonicalizedHeaders($headers){ + public function buildCanonicalizedHeaders($headers) + { $canonicalizedHeaders = ""; $sortedHeaders = $this->getSignedHeaders($headers); - foreach($sortedHeaders as $header){ + foreach ($sortedHeaders as $header) { $canonicalizedHeaders = "" . $canonicalizedHeaders . "" . $header . ":" . StringUtil::trim(@$headers[$header]) . "\n"; } return $canonicalizedHeaders; @@ -359,12 +388,13 @@ public function buildCanonicalizedHeaders($headers){ * @param string[] $headers * @return array */ - public function getSignedHeaders($headers){ + public function getSignedHeaders($headers) + { $headersArray = MapUtil::keySet($headers); $sortedHeadersArray = ArrayUtil::ascSort($headersArray); $tmp = ""; $separator = ""; - foreach($sortedHeadersArray as $key){ + foreach ($sortedHeadersArray as $key) { $lowerKey = StringUtil::toLower($key); if (StringUtil::hasPrefix($lowerKey, "x-acs-") || StringUtil::equals($lowerKey, "host") || StringUtil::equals($lowerKey, "content-type")) { if (!StringUtil::contains($tmp, $lowerKey)) { diff --git a/alibabacloud-gateway-pop/php/tests/UnitTest.php b/alibabacloud-gateway-pop/php/tests/UnitTest.php index 23354e62..9df543f4 100644 --- a/alibabacloud-gateway-pop/php/tests/UnitTest.php +++ b/alibabacloud-gateway-pop/php/tests/UnitTest.php @@ -15,24 +15,25 @@ final class UnitTest extends TestCase public function testGetRegion() { $client = new Client(); - $this->assertEquals("center", $client->getRegion(null, null)); - $this->assertEquals("center", $client->getRegion("", "")); - $this->assertEquals("center", $client->getRegion("test", "test")); - $this->assertEquals("center", $client->getRegion("test", "test.alibaba.api.com")); - $this->assertEquals("center", $client->getRegion("test", "test.aliyuncs.com")); - $this->assertEquals("center", $client->getRegion("test", "test-dualstack.aliyuncs.com")); - $this->assertEquals("center", $client->getRegion("test", "test-inner.aliyuncs.com")); - $this->assertEquals("center", $client->getRegion("test", "test-vpc.aliyuncs.com")); - $this->assertEquals("center", $client->getRegion("test", "test-share.aliyuncs.com")); - $this->assertEquals("center", $client->getRegion("test", "test-cn-hangzhou.aliyuncs.com")); - $this->assertEquals("cn-hangzhou", $client->getRegion("test", "test.cn-hangzhou.aliyuncs.com")); - $this->assertEquals("cn-hangzhou", $client->getRegion("test", "test-inner.cn-hangzhou.aliyuncs.com")); - $this->assertEquals("cn-hangzhou", $client->getRegion("test", "test-vpc.cn-hangzhou.aliyuncs.com")); - $this->assertEquals("cn-hangzhou", $client->getRegion("test", "test-share.cn-hangzhou.aliyuncs.com")); - $this->assertEquals("cn-hangzhou", $client->getRegion("test", "test-dualstack.cn-hangzhou.aliyuncs.com")); - $this->assertEquals("cn-hangzhou", $client->getRegion("test", "test-proxy.cn-hangzhou.aliyuncs.com")); - $this->assertEquals("cn-hangzhou-acdr-ut-1", $client->getRegion("test", "test-inner.cn-hangzhou-acdr-ut-1.aliyuncs.com")); - $this->assertEquals("cn-edge-1", $client->getRegion("test", "test-inner.cn-edge-1.aliyuncs.com")); + $this->assertEquals("center", $client->getRegion(null, null, null)); + $this->assertEquals("cn-hangzhou", $client->getRegion(null, null, "cn-hangzhou")); + $this->assertEquals("center", $client->getRegion("", "", null)); + $this->assertEquals("center", $client->getRegion("test", "test", null)); + $this->assertEquals("center", $client->getRegion("test", "test.alibaba.api.com", null)); + $this->assertEquals("center", $client->getRegion("test", "test.aliyuncs.com", null)); + $this->assertEquals("center", $client->getRegion("test", "test-dualstack.aliyuncs.com", null)); + $this->assertEquals("center", $client->getRegion("test", "test-inner.aliyuncs.com", null)); + $this->assertEquals("center", $client->getRegion("test", "test-vpc.aliyuncs.com", null)); + $this->assertEquals("center", $client->getRegion("test", "test-share.aliyuncs.com", null)); + $this->assertEquals("center", $client->getRegion("test", "test-cn-hangzhou.aliyuncs.com", null)); + $this->assertEquals("cn-hangzhou", $client->getRegion("test", "test.cn-hangzhou.aliyuncs.com", null)); + $this->assertEquals("cn-hangzhou", $client->getRegion("test", "test-inner.cn-hangzhou.aliyuncs.com", null)); + $this->assertEquals("cn-hangzhou", $client->getRegion("test", "test-vpc.cn-hangzhou.aliyuncs.com", null)); + $this->assertEquals("cn-hangzhou", $client->getRegion("test", "test-share.cn-hangzhou.aliyuncs.com", null)); + $this->assertEquals("cn-hangzhou", $client->getRegion("test", "test-dualstack.cn-hangzhou.aliyuncs.com", null)); + $this->assertEquals("cn-hangzhou", $client->getRegion("test", "test-proxy.cn-hangzhou.aliyuncs.com", null)); + $this->assertEquals("cn-hangzhou-acdr-ut-1", $client->getRegion("test", "test-inner.cn-hangzhou-acdr-ut-1.aliyuncs.com", null)); + $this->assertEquals("cn-edge-1", $client->getRegion("test", "test-inner.cn-edge-1.aliyuncs.com", null)); } } diff --git a/alibabacloud-gateway-pop/python/alibabacloud_gateway_pop/client.py b/alibabacloud-gateway-pop/python/alibabacloud_gateway_pop/client.py index e0ed0d1f..add62b80 100644 --- a/alibabacloud-gateway-pop/python/alibabacloud_gateway_pop/client.py +++ b/alibabacloud-gateway-pop/python/alibabacloud_gateway_pop/client.py @@ -8,8 +8,8 @@ from alibabacloud_gateway_spi.client import Client as SPIClient from alibabacloud_gateway_spi import models as spi_models -from alibabacloud_openapi_util.client import Client as OpenApiUtilClient from alibabacloud_tea_util.client import Client as UtilClient +from alibabacloud_openapi_util.client import Client as OpenApiUtilClient from alibabacloud_darabonba_string.client import Client as StringClient from alibabacloud_endpoint_util.client import Client as EndpointUtilClient from alibabacloud_darabonba_array.client import Client as ArrayClient @@ -17,13 +17,21 @@ class Client(SPIClient): + _endpoint_suffix: str = None + _signature_type_prefix: str = None + _sign_prefix: str = None _sha_256: str = None _sm_3: str = None def __init__(self): super().__init__() - self._sha_256 = 'ACS4-HMAC-SHA256' - self._sm_3 = 'ACS4-HMAC-SM3' + # CLOUD4-\ + self._signature_type_prefix = 'ACS4-' + # cloud_v4 + self._sign_prefix = 'aliyun_v4' + self._endpoint_suffix = 'aliyuncs.com' + self._sha_256 = f'{self._signature_type_prefix}HMAC-SHA256' + self._sm_3 = f'{self._signature_type_prefix}HMAC-SM3' def modify_configuration( self, @@ -32,6 +40,13 @@ def modify_configuration( ) -> None: request = context.request config = context.configuration + attributes = attribute_map.key + if not UtilClient.is_unset(attributes): + self._signature_type_prefix = attributes.get('signatureTypePrefix') + self._sign_prefix = attributes.get('signPrefix') + self._endpoint_suffix = attributes.get('endpointSuffix') + self._sha_256 = f'{self._signature_type_prefix}HMAC-SHA256' + self._sm_3 = f'{self._signature_type_prefix}HMAC-SM3' config.endpoint = self.get_endpoint(request.product_id, config.region_id, config.endpoint_rule, config.network, config.suffix, config.endpoint_map, config.endpoint) async def modify_configuration_async( @@ -41,6 +56,13 @@ async def modify_configuration_async( ) -> None: request = context.request config = context.configuration + attributes = attribute_map.key + if not UtilClient.is_unset(attributes): + self._signature_type_prefix = attributes.get('signatureTypePrefix') + self._sign_prefix = attributes.get('signPrefix') + self._endpoint_suffix = attributes.get('endpointSuffix') + self._sha_256 = f'{self._signature_type_prefix}HMAC-SHA256' + self._sm_3 = f'{self._signature_type_prefix}HMAC-SM3' config.endpoint = self.get_endpoint(request.product_id, config.region_id, config.endpoint_rule, config.network, config.suffix, config.endpoint_map, config.endpoint) def modify_request( @@ -91,21 +113,28 @@ def modify_request( 'code': 'ParameterMissing', 'message': "'config.credential' can not be unset" }) - auth_type = credential.get_type() + credential_model = credential.get_credential() + if not UtilClient.empty(credential_model.provider_name): + request.headers['x-acs-credentials-provider'] = credential_model.provider_name + auth_type = credential_model.type if UtilClient.equal_string(auth_type, 'bearer'): bearer_token = credential.get_bearer_token() request.headers['x-acs-bearer-token'] = bearer_token + request.headers['x-acs-signature-type'] = 'BEARERTOKEN' request.headers['Authorization'] = f'Bearer {bearer_token}' + elif UtilClient.equal_string(auth_type, 'id_token'): + id_token = credential_model.security_token + request.headers['x-acs-zero-trust-idtoken'] = id_token else: - access_key_id = credential.get_access_key_id() - access_key_secret = credential.get_access_key_secret() - security_token = credential.get_security_token() + access_key_id = credential_model.access_key_id + access_key_secret = credential_model.access_key_secret + security_token = credential_model.security_token if not UtilClient.empty(security_token): request.headers['x-acs-accesskey-id'] = access_key_id request.headers['x-acs-security-token'] = security_token date_new = StringClient.sub_string(date, 0, 10) date_new = StringClient.replace(date_new, '-', '', None) - region = self.get_region(request.product_id, config.endpoint) + region = self.get_region(request.product_id, config.endpoint, config.region_id) signingkey = self.get_signingkey(signature_algorithm, access_key_secret, request.product_id, region, date_new) request.headers['Authorization'] = self.get_authorization(request.pathname, request.method, request.query, request.headers, signature_algorithm, hashed_request_payload, access_key_id, signingkey, request.product_id, region, date_new) @@ -157,21 +186,28 @@ async def modify_request_async( 'code': 'ParameterMissing', 'message': "'config.credential' can not be unset" }) - auth_type = credential.get_type() + credential_model = await credential.get_credential_async() + if not UtilClient.empty(credential_model.provider_name): + request.headers['x-acs-credentials-provider'] = credential_model.provider_name + auth_type = credential_model.type if UtilClient.equal_string(auth_type, 'bearer'): bearer_token = credential.get_bearer_token() request.headers['x-acs-bearer-token'] = bearer_token + request.headers['x-acs-signature-type'] = 'BEARERTOKEN' request.headers['Authorization'] = f'Bearer {bearer_token}' + elif UtilClient.equal_string(auth_type, 'id_token'): + id_token = credential_model.security_token + request.headers['x-acs-zero-trust-idtoken'] = id_token else: - access_key_id = await credential.get_access_key_id_async() - access_key_secret = await credential.get_access_key_secret_async() - security_token = await credential.get_security_token_async() + access_key_id = credential_model.access_key_id + access_key_secret = credential_model.access_key_secret + security_token = credential_model.security_token if not UtilClient.empty(security_token): request.headers['x-acs-accesskey-id'] = access_key_id request.headers['x-acs-security-token'] = security_token date_new = StringClient.sub_string(date, 0, 10) date_new = StringClient.replace(date_new, '-', '', None) - region = self.get_region(request.product_id, config.endpoint) + region = self.get_region(request.product_id, config.endpoint, config.region_id) signingkey = await self.get_signingkey_async(signature_algorithm, access_key_secret, request.product_id, region, date_new) request.headers['Authorization'] = await self.get_authorization_async(request.pathname, request.method, request.query, request.headers, signature_algorithm, hashed_request_payload, access_key_id, signingkey, request.product_id, region, date_new) @@ -299,7 +335,7 @@ def get_authorization( signature = self.get_signature(pathname, method, query, headers, signature_algorithm, payload, signingkey) signed_headers = self.get_signed_headers(headers) signed_headers_str = ArrayClient.join(signed_headers, ';') - return f'{signature_algorithm} Credential={ak}/{date}/{region}/{product}/aliyun_v4_request,SignedHeaders={signed_headers_str},Signature={signature}' + return f'{signature_algorithm} Credential={ak}/{date}/{region}/{product}/{self._sign_prefix}_request,SignedHeaders={signed_headers_str},Signature={signature}' async def get_authorization_async( self, @@ -318,7 +354,7 @@ async def get_authorization_async( signature = await self.get_signature_async(pathname, method, query, headers, signature_algorithm, payload, signingkey) signed_headers = await self.get_signed_headers_async(headers) signed_headers_str = ArrayClient.join(signed_headers, ';') - return f'{signature_algorithm} Credential={ak}/{date}/{region}/{product}/aliyun_v4_request,SignedHeaders={signed_headers_str},Signature={signature}' + return f'{signature_algorithm} Credential={ak}/{date}/{region}/{product}/{self._sign_prefix}_request,SignedHeaders={signed_headers_str},Signature={signature}' def get_signature( self, @@ -384,7 +420,7 @@ def get_signingkey( region: str, date: str, ) -> bytes: - sc_1 = f'aliyun_v4{secret}' + sc_1 = f'{self._sign_prefix}{secret}' sc_2 = UtilClient.to_bytes('') if UtilClient.equal_string(signature_algorithm, self._sha_256): sc_2 = Signer.hmac_sha256sign(date, sc_1) @@ -402,9 +438,9 @@ def get_signingkey( sc_4 = Signer.hmac_sm3sign_by_bytes(product, sc_3) hmac = UtilClient.to_bytes('') if UtilClient.equal_string(signature_algorithm, self._sha_256): - hmac = Signer.hmac_sha256sign_by_bytes('aliyun_v4_request', sc_4) + hmac = Signer.hmac_sha256sign_by_bytes(f'{self._sign_prefix}_request', sc_4) elif UtilClient.equal_string(signature_algorithm, self._sm_3): - hmac = Signer.hmac_sm3sign_by_bytes('aliyun_v4_request', sc_4) + hmac = Signer.hmac_sm3sign_by_bytes(f'{self._sign_prefix}_request', sc_4) return hmac async def get_signingkey_async( @@ -415,7 +451,7 @@ async def get_signingkey_async( region: str, date: str, ) -> bytes: - sc_1 = f'aliyun_v4{secret}' + sc_1 = f'{self._sign_prefix}{secret}' sc_2 = UtilClient.to_bytes('') if UtilClient.equal_string(signature_algorithm, self._sha_256): sc_2 = Signer.hmac_sha256sign(date, sc_1) @@ -433,22 +469,25 @@ async def get_signingkey_async( sc_4 = Signer.hmac_sm3sign_by_bytes(product, sc_3) hmac = UtilClient.to_bytes('') if UtilClient.equal_string(signature_algorithm, self._sha_256): - hmac = Signer.hmac_sha256sign_by_bytes('aliyun_v4_request', sc_4) + hmac = Signer.hmac_sha256sign_by_bytes(f'{self._sign_prefix}_request', sc_4) elif UtilClient.equal_string(signature_algorithm, self._sm_3): - hmac = Signer.hmac_sm3sign_by_bytes('aliyun_v4_request', sc_4) + hmac = Signer.hmac_sm3sign_by_bytes(f'{self._sign_prefix}_request', sc_4) return hmac def get_region( self, product: str, endpoint: str, + region_id: str, ) -> str: + if not UtilClient.empty(region_id): + return region_id region = 'center' if UtilClient.empty(product) or UtilClient.empty(endpoint): return region strs = StringClient.split(endpoint, ':', None) without_port = strs[0] - pre_region = StringClient.replace(without_port, '.aliyuncs.com', '', None) + pre_region = StringClient.replace(without_port, f'.{self._endpoint_suffix}', '', None) nodes = StringClient.split(pre_region, '.', None) if UtilClient.equal_number(ArrayClient.size(nodes), 2): region = nodes[1] diff --git a/alibabacloud-gateway-pop/python/setup.py b/alibabacloud-gateway-pop/python/setup.py index 92af917f..fd82139e 100644 --- a/alibabacloud-gateway-pop/python/setup.py +++ b/alibabacloud-gateway-pop/python/setup.py @@ -24,7 +24,7 @@ """ setup module for alibabacloud_gateway_pop. -Created on 17/01/2025 +Created on 15/03/2025 @author: Alibaba Cloud SDK """ @@ -38,7 +38,7 @@ VERSION = __import__(PACKAGE).__version__ REQUIRES = [ "alibabacloud_gateway_spi>=0.0.2, <1.0.0", - "alibabacloud_credentials>=0.3.5", + "alibabacloud_credentials>=0.3.6", "alibabacloud_tea_util>=0.3.13, <1.0.0", "alibabacloud_openapi_util>=0.2.2, <1.0.0", "alibabacloud_endpoint_util>=0.0.3, <1.0.0", diff --git a/alibabacloud-gateway-pop/python/tests/test_client.py b/alibabacloud-gateway-pop/python/tests/test_client.py index 1c617f7a..66a92198 100644 --- a/alibabacloud-gateway-pop/python/tests/test_client.py +++ b/alibabacloud-gateway-pop/python/tests/test_client.py @@ -7,21 +7,22 @@ class TestClient(unittest.TestCase): def test_get_region(self): client = Client() - self.assertEqual('center', client.get_region(None, None)) - self.assertEqual('center', client.get_region('', '')) - self.assertEqual('center', client.get_region('test', 'test')) - self.assertEqual('center', client.get_region('test', 'test.alibaba.api.com')) - self.assertEqual('center', client.get_region('test', 'test.aliyuncs.com')) - self.assertEqual('center', client.get_region('test', 'test-dualstack.aliyuncs.com')) - self.assertEqual('center', client.get_region('test', 'test-inner.aliyuncs.com')) - self.assertEqual('center', client.get_region('test', 'test-vpc.aliyuncs.com')) - self.assertEqual('center', client.get_region('test', 'test-share.aliyuncs.com')) - self.assertEqual('center', client.get_region('test', 'test-cn-hangzhou.aliyuncs.com')) - self.assertEqual('cn-hangzhou', client.get_region('test', 'test.cn-hangzhou.aliyuncs.com')) - self.assertEqual('cn-hangzhou', client.get_region('test', 'test-inner.cn-hangzhou.aliyuncs.com')) - self.assertEqual('cn-hangzhou', client.get_region('test', 'test-vpc.cn-hangzhou.aliyuncs.com')) - self.assertEqual('cn-hangzhou', client.get_region('test', 'test-share.cn-hangzhou.aliyuncs.com')) - self.assertEqual('cn-hangzhou', client.get_region('test', 'test-dualstack.cn-hangzhou.aliyuncs.com')) - self.assertEqual('cn-hangzhou', client.get_region('test', 'test-proxy.cn-hangzhou.aliyuncs.com')) - self.assertEqual('cn-hangzhou-acdr-ut-1', client.get_region('test', 'test-inner.cn-hangzhou-acdr-ut-1.aliyuncs.com')) - self.assertEqual('cn-edge-1', client.get_region('test', 'test-inner.cn-edge-1.aliyuncs.com')) + self.assertEqual('center', client.get_region(None, None, None)) + self.assertEqual('center', client.get_region('', '', None)) + self.assertEqual('cn-hangzhou', client.get_region('', '', 'cn-hangzhou')) + self.assertEqual('center', client.get_region('test', 'test', None)) + self.assertEqual('center', client.get_region('test', 'test.alibaba.api.com', None)) + self.assertEqual('center', client.get_region('test', 'test.aliyuncs.com', None)) + self.assertEqual('center', client.get_region('test', 'test-dualstack.aliyuncs.com', None)) + self.assertEqual('center', client.get_region('test', 'test-inner.aliyuncs.com', None)) + self.assertEqual('center', client.get_region('test', 'test-vpc.aliyuncs.com', None)) + self.assertEqual('center', client.get_region('test', 'test-share.aliyuncs.com', None)) + self.assertEqual('center', client.get_region('test', 'test-cn-hangzhou.aliyuncs.com', None)) + self.assertEqual('cn-hangzhou', client.get_region('test', 'test.cn-hangzhou.aliyuncs.com', None)) + self.assertEqual('cn-hangzhou', client.get_region('test', 'test-inner.cn-hangzhou.aliyuncs.com', None)) + self.assertEqual('cn-hangzhou', client.get_region('test', 'test-vpc.cn-hangzhou.aliyuncs.com', None)) + self.assertEqual('cn-hangzhou', client.get_region('test', 'test-share.cn-hangzhou.aliyuncs.com', None)) + self.assertEqual('cn-hangzhou', client.get_region('test', 'test-dualstack.cn-hangzhou.aliyuncs.com', None)) + self.assertEqual('cn-hangzhou', client.get_region('test', 'test-proxy.cn-hangzhou.aliyuncs.com', None)) + self.assertEqual('cn-hangzhou-acdr-ut-1', client.get_region('test', 'test-inner.cn-hangzhou-acdr-ut-1.aliyuncs.com', None)) + self.assertEqual('cn-edge-1', client.get_region('test', 'test-inner.cn-edge-1.aliyuncs.com', None)) diff --git a/alibabacloud-gateway-pop/ts/package.json b/alibabacloud-gateway-pop/ts/package.json index 43176429..d09afccf 100644 --- a/alibabacloud-gateway-pop/ts/package.json +++ b/alibabacloud-gateway-pop/ts/package.json @@ -23,7 +23,7 @@ "dependencies": { "@alicloud/tea-typescript": "^1.7.1", "@alicloud/gateway-spi": "^0.0.8", - "@alicloud/credentials": "^2.3.1", + "@alicloud/credentials": "^2.4.2", "@alicloud/tea-util": "^1.4.9", "@alicloud/openapi-util": "^0.3.2", "@alicloud/endpoint-util": "^0.0.1", diff --git a/alibabacloud-gateway-pop/ts/src/client.ts b/alibabacloud-gateway-pop/ts/src/client.ts index 30ef83fa..ac5c5d42 100644 --- a/alibabacloud-gateway-pop/ts/src/client.ts +++ b/alibabacloud-gateway-pop/ts/src/client.ts @@ -1,6 +1,6 @@ // This file is auto-generated, don't edit it import SPI, * as $SPI from '@alicloud/gateway-spi'; -import Credential from '@alicloud/credentials'; +import Credential, * as $Credential from '@alicloud/credentials'; import Util from '@alicloud/tea-util'; import OpenApiUtil from '@alicloud/openapi-util'; import EndpointUtil from '@alicloud/endpoint-util'; @@ -13,19 +13,36 @@ import * as $tea from '@alicloud/tea-typescript'; export default class Client extends SPI { + _endpointSuffix: string; + _signatureTypePrefix: string; + _signPrefix: string; _sha256: string; _sm3: string; constructor() { super(); - this._sha256 = "ACS4-HMAC-SHA256"; - this._sm3 = "ACS4-HMAC-SM3"; + // CLOUD4- + this._signatureTypePrefix = "ACS4-"; + // cloud_v4 + this._signPrefix = "aliyun_v4"; + this._endpointSuffix = "aliyuncs.com"; + this._sha256 = `${this._signatureTypePrefix}HMAC-SHA256`; + this._sm3 = `${this._signatureTypePrefix}HMAC-SM3`; } async modifyConfiguration(context: $SPI.InterceptorContext, attributeMap: $SPI.AttributeMap): Promise { let request = context.request; let config = context.configuration; + let attributes = attributeMap.key; + if (!Util.isUnset(attributes)) { + this._signatureTypePrefix = attributes["signatureTypePrefix"]; + this._signPrefix = attributes["signPrefix"]; + this._endpointSuffix = attributes["endpointSuffix"]; + this._sha256 = `${this._signatureTypePrefix}HMAC-SHA256`; + this._sm3 = `${this._signatureTypePrefix}HMAC-SM3`; + } + config.endpoint = this.getEndpoint(request.productId, config.regionId, config.endpointRule, config.network, config.suffix, config.endpointMap, config.endpoint); } @@ -84,15 +101,24 @@ export default class Client extends SPI { }); } - let authType = credential.getType(); + let credentialModel = await credential.getCredential(); + if (!Util.empty(credentialModel.providerName)) { + request.headers["x-acs-credentials-provider"] = credentialModel.providerName; + } + + let authType = credentialModel.type; if (Util.equalString(authType, "bearer")) { let bearerToken = credential.getBearerToken(); request.headers["x-acs-bearer-token"] = bearerToken; + request.headers["x-acs-signature-type"] = "BEARERTOKEN"; request.headers["Authorization"] = `Bearer ${bearerToken}`; + } else if (Util.equalString(authType, "id_token")) { + let idToken = credentialModel.securityToken; + request.headers["x-acs-zero-trust-idtoken"] = idToken; } else { - let accessKeyId = await credential.getAccessKeyId(); - let accessKeySecret = await credential.getAccessKeySecret(); - let securityToken = await credential.getSecurityToken(); + let accessKeyId = credentialModel.accessKeyId; + let accessKeySecret = credentialModel.accessKeySecret; + let securityToken = credentialModel.securityToken; if (!Util.empty(securityToken)) { request.headers["x-acs-accesskey-id"] = accessKeyId; request.headers["x-acs-security-token"] = securityToken; @@ -100,7 +126,7 @@ export default class Client extends SPI { let dateNew = String.subString(date, 0, 10); dateNew = String.replace(dateNew, "-", "", null); - let region = this.getRegion(request.productId, config.endpoint); + let region = this.getRegion(request.productId, config.endpoint, config.regionId); let signingkey = await this.getSigningkey(signatureAlgorithm, accessKeySecret, request.productId, region, dateNew); request.headers["Authorization"] = await this.getAuthorization(request.pathname, request.method, request.query, request.headers, signatureAlgorithm, hashedRequestPayload, accessKeyId, signingkey, request.productId, region, dateNew); } @@ -177,7 +203,7 @@ export default class Client extends SPI { let signature = await this.getSignature(pathname, method, query, headers, signatureAlgorithm, payload, signingkey); let signedHeaders = await this.getSignedHeaders(headers); let signedHeadersStr = Array.join(signedHeaders, ";"); - return `${signatureAlgorithm} Credential=${ak}/${date}/${region}/${product}/aliyun_v4_request,SignedHeaders=${signedHeadersStr},Signature=${signature}`; + return `${signatureAlgorithm} Credential=${ak}/${date}/${region}/${product}/${this._signPrefix}_request,SignedHeaders=${signedHeadersStr},Signature=${signature}`; } async getSignature(pathname: string, method: string, query: {[key: string ]: string}, headers: {[key: string ]: string}, signatureAlgorithm: string, payload: string, signingkey: Buffer): Promise { @@ -205,7 +231,7 @@ export default class Client extends SPI { } async getSigningkey(signatureAlgorithm: string, secret: string, product: string, region: string, date: string): Promise { - let sc1 = `aliyun_v4${secret}`; + let sc1 = `${this._signPrefix}${secret}`; let sc2 = Util.toBytes(""); if (Util.equalString(signatureAlgorithm, this._sha256)) { sc2 = SignatureUtil.HmacSHA256Sign(date, sc1); @@ -229,15 +255,19 @@ export default class Client extends SPI { let hmac = Util.toBytes(""); if (Util.equalString(signatureAlgorithm, this._sha256)) { - hmac = SignatureUtil.HmacSHA256SignByBytes("aliyun_v4_request", sc4); + hmac = SignatureUtil.HmacSHA256SignByBytes(`${this._signPrefix}_request`, sc4); } else if (Util.equalString(signatureAlgorithm, this._sm3)) { - hmac = SignatureUtil.HmacSM3SignByBytes("aliyun_v4_request", sc4); + hmac = SignatureUtil.HmacSM3SignByBytes(`${this._signPrefix}_request`, sc4); } return hmac; } - getRegion(product: string, endpoint: string): string { + getRegion(product: string, endpoint: string, regionId: string): string { + if (!Util.empty(regionId)) { + return regionId; + } + let region = "center"; if (Util.empty(product) || Util.empty(endpoint)) { return region; @@ -245,7 +275,7 @@ export default class Client extends SPI { let strs : string[] = String.split(endpoint, ":", null); let withoutPort : string = strs[0]; - let preRegion : string = String.replace(withoutPort, ".aliyuncs.com", "", null); + let preRegion : string = String.replace(withoutPort, `.${this._endpointSuffix}`, "", null); let nodes = String.split(preRegion, ".", null); if (Util.equalNumber(Array.size(nodes), 2)) { region = nodes[1]; diff --git a/alibabacloud-gateway-pop/ts/test/client.spec.ts b/alibabacloud-gateway-pop/ts/test/client.spec.ts index 05fe4b41..83c3b232 100644 --- a/alibabacloud-gateway-pop/ts/test/client.spec.ts +++ b/alibabacloud-gateway-pop/ts/test/client.spec.ts @@ -6,23 +6,24 @@ describe('Client', function () { it('getRegion should ok', function () { var client = new Client() - assert.deepStrictEqual('center', client.getRegion('', '')); - assert.deepStrictEqual('center', client.getRegion('test', 'test')); - assert.deepStrictEqual('center', client.getRegion('test', 'test.alibaba.api.com')); - assert.deepStrictEqual('center', client.getRegion('test', 'test.aliyuncs.com')); - assert.deepStrictEqual('center', client.getRegion('test', 'test-dualstack.aliyuncs.com')); - assert.deepStrictEqual('center', client.getRegion('test', 'test-inner.aliyuncs.com')); - assert.deepStrictEqual('center', client.getRegion('test', 'test-vpc.aliyuncs.com')); - assert.deepStrictEqual('center', client.getRegion('test', 'test-share.aliyuncs.com')); - assert.deepStrictEqual('center', client.getRegion('test', 'test-cn-hangzhou.aliyuncs.com')); - assert.deepStrictEqual('cn-hangzhou', client.getRegion('test', 'test.cn-hangzhou.aliyuncs.com')); - assert.deepStrictEqual('cn-hangzhou', client.getRegion('test', 'test-inner.cn-hangzhou.aliyuncs.com')); - assert.deepStrictEqual('cn-hangzhou', client.getRegion('test', 'test-vpc.cn-hangzhou.aliyuncs.com')); - assert.deepStrictEqual('cn-hangzhou', client.getRegion('test', 'test-share.cn-hangzhou.aliyuncs.com')); - assert.deepStrictEqual('cn-hangzhou', client.getRegion('test', 'test-dualstack.cn-hangzhou.aliyuncs.com')); - assert.deepStrictEqual('cn-hangzhou', client.getRegion('test', 'test-proxy.cn-hangzhou.aliyuncs.com')); - assert.deepStrictEqual('cn-hangzhou-acdr-ut-1', client.getRegion('test', 'test-inner.cn-hangzhou-acdr-ut-1.aliyuncs.com')); - assert.deepStrictEqual('cn-edge-1', client.getRegion('test', 'test-inner.cn-edge-1.aliyuncs.com')); + assert.deepStrictEqual('center', client.getRegion('', '', '')); + assert.deepStrictEqual('cn-hangzhou', client.getRegion('', '', 'cn-hangzhou')); + assert.deepStrictEqual('center', client.getRegion('test', 'test', '')); + assert.deepStrictEqual('center', client.getRegion('test', 'test.alibaba.api.com', '')); + assert.deepStrictEqual('center', client.getRegion('test', 'test.aliyuncs.com', '')); + assert.deepStrictEqual('center', client.getRegion('test', 'test-dualstack.aliyuncs.com', '')); + assert.deepStrictEqual('center', client.getRegion('test', 'test-inner.aliyuncs.com', '')); + assert.deepStrictEqual('center', client.getRegion('test', 'test-vpc.aliyuncs.com', '')); + assert.deepStrictEqual('center', client.getRegion('test', 'test-share.aliyuncs.com', '')); + assert.deepStrictEqual('center', client.getRegion('test', 'test-cn-hangzhou.aliyuncs.com', '')); + assert.deepStrictEqual('cn-hangzhou', client.getRegion('test', 'test.cn-hangzhou.aliyuncs.com', '')); + assert.deepStrictEqual('cn-hangzhou', client.getRegion('test', 'test-inner.cn-hangzhou.aliyuncs.com', '')); + assert.deepStrictEqual('cn-hangzhou', client.getRegion('test', 'test-vpc.cn-hangzhou.aliyuncs.com', '')); + assert.deepStrictEqual('cn-hangzhou', client.getRegion('test', 'test-share.cn-hangzhou.aliyuncs.com', '')); + assert.deepStrictEqual('cn-hangzhou', client.getRegion('test', 'test-dualstack.cn-hangzhou.aliyuncs.com', '')); + assert.deepStrictEqual('cn-hangzhou', client.getRegion('test', 'test-proxy.cn-hangzhou.aliyuncs.com', '')); + assert.deepStrictEqual('cn-hangzhou-acdr-ut-1', client.getRegion('test', 'test-inner.cn-hangzhou-acdr-ut-1.aliyuncs.com', '')); + assert.deepStrictEqual('cn-edge-1', client.getRegion('test', 'test-inner.cn-edge-1.aliyuncs.com', '')); }); });