Feat: adapt new uploader for upyun policy

2022-03-20 11:27:43 +08:00 · 2022-03-20 11:27:43 +08:00 · d3016b60af
commit d3016b60af
parent 9e5713b139
3 changed files with 59 additions and 63 deletions
--- a/middleware/auth.go
+++ b/middleware/auth.go
@ -1,11 +1,17 @@
 package middleware
 import (
 	"bytes"
 	"context"
 	"crypto/md5"
 	"fmt"
 	"github.com/cloudreve/Cloudreve/v3/pkg/filesystem"
 	"github.com/cloudreve/Cloudreve/v3/pkg/filesystem/driver/oss"
 	"github.com/cloudreve/Cloudreve/v3/pkg/filesystem/driver/upyun"
 	"github.com/cloudreve/Cloudreve/v3/pkg/mq"
 	"github.com/cloudreve/Cloudreve/v3/pkg/util"
 	"github.com/qiniu/go-sdk/v7/auth/qbox"
 	"io/ioutil"
 	"net/http"
 	model "github.com/cloudreve/Cloudreve/v3/models"
@ -221,53 +227,47 @@ func OSSCallbackAuth() gin.HandlerFunc {
 // UpyunCallbackAuth 又拍云回调签名验证
 func UpyunCallbackAuth() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		//// 验证key并查找用户
+		session := c.MustGet(filesystem.UploadSessionCtx).(*serializer.UploadSession)
-		//resp, user := uploadCallbackCheck(c)
+
-		//if resp.Code != 0 {
+		// 获取请求正文
-		//	c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: resp.Msg})
+		body, err := ioutil.ReadAll(c.Request.Body)
-		//	c.Abort()
+		c.Request.Body.Close()
-		//	return
+		if err != nil {
-		//}
+			c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: err.Error()})
-		//
+			c.Abort()
-		//// 获取请求正文
+			return
-		//body, err := ioutil.ReadAll(c.Request.Body)
+		}
-		//c.Request.Body.Close()
+
-		//if err != nil {
+		c.Request.Body = ioutil.NopCloser(bytes.NewReader(body))
-		//	c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: err.Error()})
+
-		//	c.Abort()
+		// 准备验证Upyun回调签名
-		//	return
+		handler := upyun.Driver{Policy: &session.Policy}
-		//}
+		contentMD5 := c.Request.Header.Get("Content-Md5")
-		//
+		date := c.Request.Header.Get("Date")
-		//c.Request.Body = ioutil.NopCloser(bytes.NewReader(body))
+		actualSignature := c.Request.Header.Get("Authorization")
-		//
+
-		//// 准备验证Upyun回调签名
+		// 计算正文MD5
-		//handler := upyun.Driver{Policy: &user.Policy}
+		actualContentMD5 := fmt.Sprintf("%x", md5.Sum(body))
-		//contentMD5 := c.Request.Header.Get("Content-Md5")
+		if actualContentMD5 != contentMD5 {
-		//date := c.Request.Header.Get("Date")
+			c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: "MD5不一致"})
-		//actualSignature := c.Request.Header.Get("Authorization")
+			c.Abort()
-		//
+			return
-		//// 计算正文MD5
+		}
-		//actualContentMD5 := fmt.Sprintf("%x", md5.Sum(body))
+
-		//if actualContentMD5 != contentMD5 {
+		// 计算理论签名
-		//	c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: "MD5不一致"})
+		signature := handler.Sign(context.Background(), []string{
-		//	c.Abort()
+			"POST",
-		//	return
+			c.Request.URL.Path,
-		//}
+			date,
-		//
+			contentMD5,
-		//// 计算理论签名
+		})
-		//signature := handler.Sign(context.Background(), []string{
+
-		//	"POST",
+		// 对比签名
-		//	c.Request.URL.Path,
+		if signature != actualSignature {
-		//	date,
+			c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: "鉴权失败"})
-		//	contentMD5,
+			c.Abort()
-		//})
+			return
-		//
+		}
 		//// 对比签名
 		//if signature != actualSignature {
 		//	c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: "鉴权失败"})
 		//	c.Abort()
 		//	return
 		//}
 		c.Next()
 	}
--- a/pkg/filesystem/driver/upyun/handler.go
+++ b/pkg/filesystem/driver/upyun/handler.go
@ -311,8 +311,6 @@ func (handler Driver) signURL(ctx context.Context, path *url.URL, TTL int64) (st
 // Token 获取上传策略和认证Token
 func (handler Driver) Token(ctx context.Context, ttl int64, uploadSession *serializer.UploadSession, file fsctx.FileHeader) (*serializer.UploadCredential, error) {
 	// 检查文件大小
 	// 生成回调地址
 	siteURL := model.GetSiteURL()
 	apiBaseURI, _ := url.Parse("/api/v3/callback/upyun/" + uploadSession.Key)
@ -332,17 +330,7 @@ func (handler Driver) Token(ctx context.Context, ttl int64, uploadSession *seria
 	}
 	// 生成上传凭证
-	return handler.getUploadCredential(ctx, putPolicy)
+	policyJSON, err := json.Marshal(putPolicy)
 }
 // 取消上传凭证
 func (handler Driver) CancelToken(ctx context.Context, uploadSession *serializer.UploadSession) error {
 	return nil
 }
 func (handler Driver) getUploadCredential(ctx context.Context, policy UploadPolicy) (*serializer.UploadCredential, error) {
 	// 生成上传策略
 	policyJSON, err := json.Marshal(policy)
 	if err != nil {
 		return nil, err
 	}
@ -353,11 +341,18 @@ func (handler Driver) getUploadCredential(ctx context.Context, policy UploadPoli
 	signStr := handler.Sign(ctx, elements)
 	return &serializer.UploadCredential{
 		SessionID:  uploadSession.Key,
 		Policy:     policyEncoded,
-		Token:  signStr,
+		Credential: signStr,
 		UploadURLs: []string{"https://v0.api.upyun.com/" + handler.Policy.BucketName},
 	}, nil
 }
 // 取消上传凭证
 func (handler Driver) CancelToken(ctx context.Context, uploadSession *serializer.UploadSession) error {
 	return nil
 }
 // Sign 计算又拍云的签名头
 func (handler Driver) Sign(ctx context.Context, elements []string) string {
 	password := fmt.Sprintf("%x", md5.Sum([]byte(handler.Policy.SecretKey)))
--- a/routers/router.go
+++ b/routers/router.go
@ -258,7 +258,8 @@ func InitMasterRouter() *gin.Engine {
 			)
 			// 又拍云策略上传回调
 			callback.POST(
-				"upyun/:key",
+				"upyun/:sessionID",
 				middleware.UseUploadSession("upyun"),
 				middleware.UpyunCallbackAuth(),
 				controllers.UpyunCallback,
 			)