Skip to content
QingStor Demo - Signature Server (NodeJS)
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.babelrc
.editorconfig
.eslintrc
.gitignore
AUTHORS
LICENSE
MAINTAINERS
README.md
client.js
client_config.yaml.example
package-lock.json
package.json
server.js
server_config.yaml.example

README.md

QingStor Demo - Signature Server (NodeJS)

This project demonstrates how to use qingstor-sdk-js to create the signature server, and a demo client written in JavaScript is also provided.

Data Flow

Assume that we have a client that knows nothing about the access key and secret access key, such as a JavaScript application runs in the web browser or a mobile iOS application. If the client wants to access to non-public bucket directly, it needs the signature generated from the signature server for every request.

Here's a diagram describes the data flow:

+---------------------------------------------------------------------------+
|                                                                           |
|                           +-----------------------------+                 |
|                           |                             |                 |
|               +---------> |   QingStor Object Storage   |                 |
|               |           |                             |                 |
|               |           +--------------+--------------+                 |
|       3. Send |                          |                                |
|        Signed |    +---------------------+                                |
|       Request |    |   4. Response                                        |
|               |    v                                                      |
|               |                                                           |
|      +--------+--------+                                                  |
|      |                 |        2. Get Signature                          |
|      |     Client      | <-----------------------------+                  |
|      |                 |                               |                  |
|      +--------+--------+                    +----------+-----------+      |
|               |                             |                      |      |
|               +---------------------------> |   Signature Server   |      |
|                      1. Sign Request        |                      |      |
|                                             +----------------------+      |
|                                                                           |
+---------------------------------------------------------------------------+

Getting Started

Clone this repository and install dependencies.

git clone https://github.com/yunify/qingstor-demo-signature-server-nodejs.git
cd qingstor-demo-signature-server-nodejs
npm install

Setup configurations.

cp server_config.yaml.example server_config.yaml
vim server_config.yaml

cp client_config.yaml.example client_config.yaml
vim client_config.yaml

Start the demo signature server.

npm run server

Run the demo client.

npm run client

Notice: Please read the source code for more details.

Signature Server Usage

Sign operation by query parameters.

Request Example:

POST /operation?channel=query HTTP/1.1
Content-Type: application/json; charset=utf-8
Host: 127.0.0.1:9000
Connection: close
User-Agent: WTF/3.0.16 (Macintosh; OS X/10.12.3) GCDHTTPRequest
Content-Length: 127

{
  "method": "GET",
  "uri": "https://pek3a.qingstor.com:443/aspire-test?prefix=test%2F",
  "body": "",
  "headers": {
    "Host": "pek3a.qingstor.com",
    "X-QS-Date": "Wed, 15 Mar 2017 09:44:38 GMT",
    "Content-Type": "application/octet-stream",
    "Content-Length": 0,
    "User-Agent": "qingstor-sdk-js/2.2.1 (Node.js v7.7.2; darwin x64)"
  },
  "expires": 1489571836
}

Response Example:

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 147
Date: Wed, 15 Mar 2017 07:07:52 GMT
Connection: close

{
  "access_key_id": "OGFTIRSEHFOJPZQFYLZQ",
  "signature": "+2FHsEepCCbgMlamqU88ZUP6QZh2Vp7BxTASvAiZBlo=",
  "expires": 1489571836
}

Sign operation by Authorization header.

Request Example:

POST /operation?channel=header HTTP/1.1
Content-Type: application/json; charset=utf-8
Host: 127.0.0.1:9000
Connection: close
User-Agent: WTF/3.0.16 (Macintosh; OS X/10.12.3) GCDHTTPRequest
Content-Length: 327

{
  "method": "PUT",
  "uri": "https://pek3a.qingstor.com:443/aspire-test/test-file",
  "body": "Hello",
  "headers": {
    "Host": "pek3a.qingstor.com",
    "X-QS-Date": "Wed, 15 Mar 2017 08:57:16 GMT",
    "Content-Type": "",
    "Content-Length": 5,
    "User-Agent": "qingstor-sdk-js/2.2.1 (Node.js v7.7.2; darwin x64)"
  }
}

Response Example:

Response Example:
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 92
Date: Wed, 15 Mar 2017 07:07:52 GMT
Connection: close

{
  "authorization": "QS GFTIRSEHJPZQFYLZQOFO:ed+84K2ZGigwF76eWm56aR2/MF5FkqMVJMr18FkBSoc="
}

Sign operation by query parameters.

Request Example:

POST /string-to-sign?channel=query HTTP/1.1
Content-Type: application/json; charset=utf-8
Host: 127.0.0.1:9000
Connection: close
User-Agent: WTF/3.0.16 (Macintosh; OS X/10.12.3) GCDHTTPRequest
Content-Length: 127

{
  "string_to_sign": "GET\n\napplication/octet-stream\1489571836\n/aspire-test/test-file",
  "expires": 1489571836
}

Response Example:

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 147
Date: Wed, 15 Mar 2017 07:07:52 GMT
Connection: close

{
  "access_key_id": "OGFTIRSEHFOJPZQFYLZQ",
  "signature": "+gZYDVc91cxaqpSDj5tFmkL8VDv4+Ay25VQVrQTXsLg=",
  "expires": 1489571836
}

Sign operation by Authorization header.

Request Example:

POST /string-to-sign?channel=header HTTP/1.1
Content-Type: application/json; charset=utf-8
Host: 127.0.0.1:9000
Connection: close
User-Agent: WTF/3.0.16 (Macintosh; OS X/10.12.3) GCDHTTPRequest
Content-Length: 327

{
  "string_to_sign": "GET\n\napplication/octet-stream\Wed, 15 Mar 2017 07:07:52 GMT\n/aspire-test/test-file",
}

Response Example:

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 92
Date: Wed, 15 Mar 2017 07:07:52 GMT
Connection: close

{
  "authorization": "QS GFTIRJPZQFYLZQOSEHFO:8otBnH4VqE+v8J4TEHAPg9O95nJNQyK22SAWF7PfGhY="
}

Reference Documentations

LICENSE

The Apache License (Version 2.0, January 2004).

You can’t perform that action at this time.