forked from aliyunmq/mq-http-go-sdk
-
Notifications
You must be signed in to change notification settings - Fork 0
/
credential.go
109 lines (90 loc) · 2.42 KB
/
credential.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
package mq_http_sdk
import (
"crypto/hmac"
"crypto/sha1"
"encoding/base64"
"net/http"
"sort"
"strings"
"time"
"github.com/gogap/errors"
)
const (
AUTHORIZATION = "Authorization"
CONTENT_TYPE = "Content-Type"
CONTENT_MD5 = "Content-MD5"
MQ_VERSION = "x-mq-version"
HOST = "Host"
DATE = "Date"
KEEP_ALIVE = "Keep-Alive"
SECURITY_TOKEN = "security-token"
)
type Credential interface {
Signature(method Method, headers map[string]string, resource string) (signature string, err error)
AccessKeyId() string
AccessKeySecret() string
SecurityToken() string
}
type MQCredential struct {
accessKeySecret string
accessKeyId string
securityToken string
}
func NewMQCredential(accessKeyId string, accessKeySecret string, securityToken string) *MQCredential {
if accessKeyId == "" {
panic("mq_go_sdk: access key id is empty")
}
if accessKeySecret == "" {
panic("mq_go_sdk: access key secret is empty")
}
mqCredential := new(MQCredential)
mqCredential.accessKeySecret = accessKeySecret
mqCredential.accessKeyId = accessKeyId
mqCredential.securityToken = securityToken
return mqCredential
}
func (p *MQCredential) AccessKeyId() string {
return p.accessKeyId
}
func (p *MQCredential) AccessKeySecret() string {
return p.accessKeySecret
}
func (p *MQCredential) SecurityToken() string {
return p.securityToken
}
func (p *MQCredential) Signature(method Method, headers map[string]string, resource string) (signature string, err error) {
signItems := []string{}
signItems = append(signItems, string(method))
contentMD5 := ""
contentType := ""
date := time.Now().UTC().Format(http.TimeFormat)
if v, exist := headers[CONTENT_MD5]; exist {
contentMD5 = v
}
if v, exist := headers[CONTENT_TYPE]; exist {
contentType = v
}
if v, exist := headers[DATE]; exist {
date = v
}
mqHeaders := []string{}
for k, v := range headers {
if strings.HasPrefix(k, "x-mq-") {
mqHeaders = append(mqHeaders, k+":"+strings.TrimSpace(v))
}
}
sort.Sort(sort.StringSlice(mqHeaders))
stringToSign := string(method) + "\n" +
contentMD5 + "\n" +
contentType + "\n" +
date + "\n" +
strings.Join(mqHeaders, "\n") + "\n" +
resource
sha1Hash := hmac.New(sha1.New, []byte(p.accessKeySecret))
if _, e := sha1Hash.Write([]byte(stringToSign)); e != nil {
err = ErrSignMessageFailed.New(errors.Params{"err": e})
return
}
signature = base64.StdEncoding.EncodeToString(sha1Hash.Sum(nil))
return
}