github.com/chnsz/golangsdk@v0.0.0-20240506093406-85a3fbfa605b/openstack/obs/temporary_other.go (about) 1 // Copyright 2019 Huawei Technologies Co.,Ltd. 2 // Licensed under the Apache License, Version 2.0 (the "License"); you may not use 3 // this file except in compliance with the License. You may obtain a copy of the 4 // License at 5 // 6 // http://www.apache.org/licenses/LICENSE-2.0 7 // 8 // Unless required by applicable law or agreed to in writing, software distributed 9 // under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 10 // CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 // specific language governing permissions and limitations under the License. 12 13 package obs 14 15 import ( 16 "errors" 17 "fmt" 18 "strings" 19 "time" 20 ) 21 22 func (obsClient ObsClient) isSecurityToken(params map[string]string, sh securityHolder) { 23 if sh.securityToken != "" { 24 if obsClient.conf.signature == SignatureObs { 25 params[HEADER_STS_TOKEN_OBS] = sh.securityToken 26 } else { 27 params[HEADER_STS_TOKEN_AMZ] = sh.securityToken 28 } 29 } 30 } 31 32 // CreateBrowserBasedSignature gets the browser based signature with the specified CreateBrowserBasedSignatureInput, 33 // and returns the CreateBrowserBasedSignatureOutput and error 34 func (obsClient ObsClient) CreateBrowserBasedSignature(input *CreateBrowserBasedSignatureInput) (output *CreateBrowserBasedSignatureOutput, err error) { 35 if input == nil { 36 return nil, errors.New("CreateBrowserBasedSignatureInput is nil") 37 } 38 39 params := make(map[string]string, len(input.FormParams)) 40 for key, value := range input.FormParams { 41 params[key] = value 42 } 43 44 date := time.Now().UTC() 45 shortDate := date.Format(SHORT_DATE_FORMAT) 46 longDate := date.Format(LONG_DATE_FORMAT) 47 sh := obsClient.getSecurity() 48 49 credential, _ := getCredential(sh.ak, obsClient.conf.region, shortDate) 50 51 if input.Expires <= 0 { 52 input.Expires = 300 53 } 54 55 expiration := date.Add(time.Second * time.Duration(input.Expires)).Format(ISO8601_DATE_FORMAT) 56 if obsClient.conf.signature == SignatureV4 { 57 params[PARAM_ALGORITHM_AMZ_CAMEL] = V4_HASH_PREFIX 58 params[PARAM_CREDENTIAL_AMZ_CAMEL] = credential 59 params[PARAM_DATE_AMZ_CAMEL] = longDate 60 } 61 62 obsClient.isSecurityToken(params, sh) 63 64 matchAnyBucket := true 65 matchAnyKey := true 66 count := 5 67 if bucket := strings.TrimSpace(input.Bucket); bucket != "" { 68 params["bucket"] = bucket 69 matchAnyBucket = false 70 count-- 71 } 72 73 if key := strings.TrimSpace(input.Key); key != "" { 74 params["key"] = key 75 matchAnyKey = false 76 count-- 77 } 78 79 originPolicySlice := make([]string, 0, len(params)+count) 80 originPolicySlice = append(originPolicySlice, fmt.Sprintf("{\"expiration\":\"%s\",", expiration)) 81 originPolicySlice = append(originPolicySlice, "\"conditions\":[") 82 for key, value := range params { 83 if _key := strings.TrimSpace(strings.ToLower(key)); _key != "" { 84 originPolicySlice = append(originPolicySlice, fmt.Sprintf("{\"%s\":\"%s\"},", _key, value)) 85 } 86 } 87 88 if matchAnyBucket { 89 originPolicySlice = append(originPolicySlice, "[\"starts-with\", \"$bucket\", \"\"],") 90 } 91 92 if matchAnyKey { 93 originPolicySlice = append(originPolicySlice, "[\"starts-with\", \"$key\", \"\"],") 94 } 95 96 originPolicySlice = append(originPolicySlice, "]}") 97 98 originPolicy := strings.Join(originPolicySlice, "") 99 policy := Base64Encode([]byte(originPolicy)) 100 var signature string 101 if obsClient.conf.signature == SignatureV4 { 102 signature = getSignature(policy, sh.sk, obsClient.conf.region, shortDate) 103 } else { 104 signature = Base64Encode(HmacSha1([]byte(sh.sk), []byte(policy))) 105 } 106 107 output = &CreateBrowserBasedSignatureOutput{ 108 OriginPolicy: originPolicy, 109 Policy: policy, 110 Algorithm: params[PARAM_ALGORITHM_AMZ_CAMEL], 111 Credential: params[PARAM_CREDENTIAL_AMZ_CAMEL], 112 Date: params[PARAM_DATE_AMZ_CAMEL], 113 Signature: signature, 114 } 115 return 116 }