Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
fix(auth): Prevent secret exposure
  • Loading branch information
tu6ge committed Nov 8, 2022
1 parent 61da9b2 commit e4553f7
Showing 1 changed file with 14 additions and 9 deletions.
23 changes: 14 additions & 9 deletions src/auth.rs
Expand Up @@ -177,7 +177,7 @@ impl Default for VERB {
}

#[cfg_attr(test, automock)]
pub trait AuthToHeaderMap {
pub(crate) trait AuthToHeaderMap {
fn get_original_header(&self) -> HeaderMap;
fn get_header_key(&self) -> OssResult<HeaderValue>;
fn get_header_secret(&self) -> OssResult<HeaderValue>;
Expand Down Expand Up @@ -255,7 +255,7 @@ impl AuthToOssHeader for Auth {
}

/// 从 auth 中提取各个字段,用于计算签名的原始字符串
pub trait AuthSignString {
pub(crate) trait AuthSignString {
fn key(&self) -> Cow<'_, KeyId>;
fn secret(&self) -> Cow<'_, KeySecret>;
fn verb(&self) -> String;
Expand Down Expand Up @@ -312,7 +312,7 @@ impl AuthGetHeader for Auth {
}
}

pub trait AuthHeader {
pub(crate) trait AuthHeader {
fn from_auth(auth: &impl AuthToHeaderMap) -> OssResult<Self>
where
Self: Sized;
Expand Down Expand Up @@ -399,7 +399,8 @@ impl SignString {
pub fn new(data: String, key: KeyId, secret: KeySecret) -> SignString {
SignString { data, key, secret }
}
pub fn from_auth(

pub(crate) fn from_auth(
auth: &impl AuthSignString,
header: impl HeaderToSign,
) -> OssResult<SignString> {
Expand Down Expand Up @@ -427,11 +428,13 @@ impl SignString {
self.data.clone()
}

pub fn key_string(&self) -> String {
#[cfg(test)]
pub(crate) fn key_string(&self) -> String {
self.key.to_string()
}

pub fn secret_string(&self) -> String {
#[cfg(test)]
pub(crate) fn secret_string(&self) -> String {
self.secret.to_string()
}

Expand Down Expand Up @@ -499,9 +502,10 @@ impl AuthBuilder {
///
/// ```
/// # use aliyun_oss_client::auth::AuthBuilder;
/// let auth = AuthBuilder::default()
/// use aliyun_oss_client::auth::AuthGetHeader;
/// let headers = AuthBuilder::default()
/// .key("bar".into())
/// .build();
/// .get_headers();
/// ```
pub fn key(mut self, key: KeyId) -> Self {
self.auth.set_key(key);
Expand Down Expand Up @@ -574,7 +578,8 @@ impl AuthBuilder {
self
}

pub fn build(self) -> Auth {
#[allow(dead_code)]
pub(crate) fn build(self) -> Auth {
self.auth
}
}
Expand Down

0 comments on commit e4553f7

Please sign in to comment.