Skip to content

Commit 5a19e5c

Browse files
author
ke.like
committed
Refine
1 parent ef026fe commit 5a19e5c

File tree

2 files changed

+23
-17
lines changed

2 files changed

+23
-17
lines changed

signature_v4.go

+8-13
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ package sls
33
import (
44
"crypto/hmac"
55
"crypto/sha256"
6+
"encoding/hex"
67
"fmt"
78
"github.com/pkg/errors"
89
"net/url"
@@ -102,7 +103,7 @@ func (s *SignerV4) Sign(method, uri string, headers map[string]string, body []by
102103
if err != nil {
103104
return err
104105
}
105-
signature := fmt.Sprintf("%x", hash)
106+
signature := hex.EncodeToString(hash)
106107
headers[HTTPHeaderAuthorization] = s.buildAuthorization(s.accessKeyID, signature, scope)
107108
return nil
108109
}
@@ -113,8 +114,8 @@ func (s *SignerV4) buildCanonicalHeaders(headers map[string]string) (string, str
113114
for k, v := range headers {
114115
key := strings.ToLower(k)
115116
if s.isSignedHeader(key) {
116-
signed[k] = v
117-
headerKeys = append(headerKeys, k)
117+
signed[key] = v
118+
headerKeys = append(headerKeys, key)
118119
}
119120
}
120121
sort.Strings(headerKeys)
@@ -158,17 +159,15 @@ func (s *SignerV4) buildCanonicalRequest(method, uri, sha256Payload, canonicalHe
158159
builder := strings.Builder{}
159160
builder.WriteString(method)
160161
builder.WriteRune('\n')
161-
builder.WriteString(s.urlEncode(uri, true))
162+
builder.WriteString(uri)
162163
builder.WriteRune('\n')
163164

164165
// Url params
165166
canonParams := make(map[string]string)
166167
var queryKeys []string
167168
for k, v := range urlParams {
168-
key := s.urlEncode(k, false)
169-
value := s.urlEncode(v, false)
170-
canonParams[key] = value
171-
queryKeys = append(queryKeys, key)
169+
canonParams[k] = s.percentEncode(v)
170+
queryKeys = append(queryKeys, k)
172171
}
173172
sort.Strings(queryKeys)
174173
n := len(queryKeys)
@@ -192,13 +191,9 @@ func (s *SignerV4) buildCanonicalRequest(method, uri, sha256Payload, canonicalHe
192191
return builder.String()
193192
}
194193

195-
func (s *SignerV4) urlEncode(uri string, ignoreSlash bool) string {
194+
func (s *SignerV4) percentEncode(uri string) string {
196195
u := url.QueryEscape(uri)
197196
u = strings.ReplaceAll(u, "+", "%20")
198-
u = strings.ReplaceAll(u, "*", "%2A")
199-
if ignoreSlash {
200-
u = strings.ReplaceAll(u, "%2F", "/")
201-
}
202197
return u
203198
}
204199

signature_v4_test.go

+15-4
Original file line numberDiff line numberDiff line change
@@ -68,7 +68,7 @@ func (s *SignerV4Suite) TestSignV4Case1() {
6868
auth := s.headers[HTTPHeaderAuthorization]
6969
exp := "SLS4-HMAC-SHA256 " +
7070
"Credential=acsddda21dsd/20220808/cn-hangzhou/sls/aliyun_v4_request," +
71-
"Signature=bcdc405707a79dd61b1407a31613e36cbec25d3bbeecf7101add56aacadbdf1e"
71+
"Signature=a98f5632e93836e63839cd836a54055f480020a9364ca944e2d34f2eb9bf1bed"
7272
assert.Equal(s.T(), exp, auth)
7373
}
7474

@@ -98,7 +98,7 @@ func (s *SignerV4Suite) TestSignV4Case3() {
9898
auth := s.headers[HTTPHeaderAuthorization]
9999
exp := "SLS4-HMAC-SHA256 " +
100100
"Credential=acsddda21dsd/20220808/cn-hangzhou/sls/aliyun_v4_request," +
101-
"Signature=b657145686c93047f9c71444e1f2d4bed5ed02f6f24a996ef5067676221de732"
101+
"Signature=5a66d8f8051983e0e9d08e0f960ef9252ef971eead5bb5c7acec8617a2eb2701"
102102
assert.Equal(s.T(), exp, auth)
103103
}
104104

@@ -110,7 +110,7 @@ func (s *SignerV4Suite) TestSignV4Case4() {
110110
auth := s.headers[HTTPHeaderAuthorization]
111111
exp := "SLS4-HMAC-SHA256 " +
112112
"Credential=acsddda21dsd/20220808/cn-hangzhou/sls/aliyun_v4_request," +
113-
"Signature=5fb4e9302126de99c05643f8f7469eb6c35b7851a04c495dd90840a741451f1b"
113+
"Signature=d92741852500791d662a8d469ff61627c0559ecd86c3f59b7bf6772b6c62666a"
114114
assert.Equal(s.T(), exp, auth)
115115
}
116116

@@ -123,10 +123,21 @@ func (s *SignerV4Suite) TestSignV4Case5() {
123123
auth := s.headers[HTTPHeaderAuthorization]
124124
exp := "SLS4-HMAC-SHA256 " +
125125
"Credential=acsddda21dsd/20220808/cn-hangzhou/sls/aliyun_v4_request," +
126-
"Signature=6e3bae51420ade037431836e0b9791a4b750982376fa7e056585af7dcd10eae1"
126+
"Signature=2c204068e961a8813a6bcf7ac422f7fa6e9bf9a5da493e0165dfe100854d18ff"
127127
assert.Equal(s.T(), exp, auth)
128128
}
129129

130+
func (s *SignerV4Suite) TestSignV4Case6() {
131+
mockAKID := "mockAccessKeyID"
132+
mockAKSec := "mockAccessKeySecret"
133+
signer := SignerV4{accessKeyID: mockAKID, accessKeySecret: mockAKSec, region: "cn-hangzhou"}
134+
encoded := signer.percentEncode("123abc!@#$%^&*()-=_+ ~|\\/")
135+
assert.Equal(s.T(), "123abc%21%40%23%24%25%5E%26%2A%28%29-%3D_%2B%20~%7C%5C%2F", encoded)
136+
137+
encoded = signer.percentEncode("!@#$%^&*()=-+ ~./_[()]%20你好\000\u0111❤😓")
138+
assert.Equal(s.T(), "%21%40%23%24%25%5E%26%2A%28%29%3D-%2B%20~.%2F_%5B%28%29%5D%2520%E4%BD%A0%E5%A5%BD%00%C4%91%E2%9D%A4%F0%9F%98%93", encoded)
139+
}
140+
130141
func (s *SignerV4Suite) TestSignV1Case1() {
131142
headers := map[string]string{
132143
"x-log-apiversion": "0.6.0",

0 commit comments

Comments
 (0)