Merge pull request #127 from Tanc009/master

push

Author: Tanc009

jdcloud_sdk/core/const.py

@@ -15,8 +15,12 @@
 # limitations under the License.
 
 JDCLOUD2 = 'JDCLOUD2'
+JDCLOUD3 = 'JDCLOUD3'
 JDCLOUD_ALGORITHM = 'JDCLOUD2-HMAC-SHA256'
+JDCLOUD3_ALGORITHM = 'JDCLOUD3-HMAC-SHA256'
 JDCLOUD_REQUEST = 'jdcloud2_request'
+JDCLOUD3_REQUEST = 'jdcloud3_request'
+
 JDCLOUD_DATE = 'x-jdcloud-date'
 JDCLOUD_SECURITY_TOKEN = 'x-jdcloud-security-token'
 JDCLOUD_CONTENT_SHA256 = 'x-jdcloud-content-sha256'

jdcloud_sdk/core/jdcloudclient.py

@@ -107,7 +107,7 @@ def __get_region_id(self, request):
             if hasattr(request.parameters, 'regionId') and request.parameters.regionId is not None:
                 return request.parameters.regionId
 
-        return 'jdcloud-api'  # when no region, use this value to fill field for sign
+        return 'jdcloud-api'
 
     def __process_response(self, method, response):
         jd_resp = JDCloudResponse()

jdcloud_sdk/core/jdcloudresponse.py

@@ -35,14 +35,13 @@ def load_hook(self, resp_dict):
         if request_id:
             self.request_id = request_id
 
-            error = resp_dict.get('error')
-            if error:
-                self.error = ErrorResponse(error.get('status'), error.get('code'), error.get('message'))
-
-            result = resp_dict.get('result')
-            if result:
-                self.result = resp_dict['result']
-            return self
+        error = resp_dict.get('error')
+        if request_id and error:
+            self.error = ErrorResponse(error.get('status'), error.get('code'), error.get('message'))
+
+        result = resp_dict.get('result')
+        if request_id and result:
+            self.result = resp_dict['result']
         return resp_dict
 
 

jdcloud_sdk/core/parameterbuilder.py

@@ -121,15 +121,7 @@ def build_body(self, request):
 
 class ParametersEncoder(json.JSONEncoder):
     def default(self, o):
-        tmp_dict = o.__dict__
-        keywords = ['from', 'not', 'exec']
-        for keyword in keywords:
-            replacement = keyword + '_'
-            if replacement in tmp_dict:
-                tmp_dict[keyword] = tmp_dict[replacement]
-                tmp_dict.pop(replacement)
-
-        return tmp_dict
+        return o.__dict__
 
 
 def get_parameter_dict(parameters):

jdcloud_sdk/core/signer.py

@@ -22,11 +22,10 @@
 import uuid
 from . import const
 from .logger import INFO
-from .util import quote
+from .util import quote, unquote_plus, parse_url
 
 
 class Signer(object):
-
     ignored_headers = ['authorization', 'user-agent']
 
     def __init__(self, logger):
@@ -36,38 +35,43 @@ def sign(self, method, service, region, uri, headers, data, credential, security
         uri_dict = self.__url_path_to_dict(uri)
         host = uri_dict['host']
         port = uri_dict['port']
+        path = uri_dict['path']
         query = uri_dict['query']
-        canonical_uri = quote(uri_dict['path'])
 
         if port and port not in ['80', '443']:
             full_host = host + ':' + port
         else:
             full_host = host
+        return self.signV3(method, service, region, full_host, path, query, headers, data, credential, security_token)
 
+    def signV3(self, method, service, region, host, path, query, headers, data, credential, security_token):
+        canonical_host = self.__build_canonical_host(host)
         now = self.__now()
-        jdcloud_date = now.strftime('%Y%m%dT%H%M%SZ')
-        datestamp = now.strftime('%Y%m%d')  # Date w/o time, used in credential scope
         nonce = str(uuid.uuid4())
-        headers[const.JDCLOUD_DATE] = jdcloud_date
-        headers[const.JDCLOUD_NONCE] = nonce
+        jdcloud_date = now.strftime('%Y%m%dT%H%M%SZ')
+        if const.JDCLOUD_DATE in headers:
+            jdcloud_date = headers[const.JDCLOUD_DATE]
+        if const.JDCLOUD_NONCE in headers:
+            nonce = headers[const.JDCLOUD_NONCE]
+        date_str = jdcloud_date[:8]
 
         canonical_querystring = self.__normalize_query_string(query)
-        canonical_headers, signed_headers = self.__build_canonical_headers(headers, security_token, full_host)
+        canonical_headers, signed_headers = self.__build_canonical_headers(headers, security_token, canonical_host)
 
         payload_hash = self.__sha256_hash(data)
 
         canonical_request = (method + '\n' +
-                             canonical_uri + '\n' +
+                             self.__build_canonical_uri(path) + '\n' +
                              canonical_querystring + '\n' +
                              canonical_headers + '\n' +
                              signed_headers + '\n' +
                              payload_hash)
 
-        algorithm = const.JDCLOUD_ALGORITHM
-        credential_scope = (datestamp + '/' +
+        algorithm = const.JDCLOUD3_ALGORITHM
+        credential_scope = (date_str + '/' +
                             region + '/' +
                             service + '/' +
-                            const.JDCLOUD_REQUEST)
+                            const.JDCLOUD3_REQUEST)
         string_to_sign = (algorithm + '\n' +
                           jdcloud_date + '\n' +
                           credential_scope + '\n' +
@@ -76,35 +80,62 @@ def sign(self, method, service, region, uri, headers, data, credential, security
         self.__logger.log(INFO, '---canonical_request---\n' + canonical_request)
         self.__logger.log(INFO, '----string_to_sign---\n' + string_to_sign)
 
-        signing_key = self.__get_signature_key(credential.secret_key, datestamp, region, service)
+        signing_key = self.__get_signature_key(credential.secret_key, date_str, region, service)
         encoded = string_to_sign.encode('utf-8')
         signature = hmac.new(signing_key, encoded, hashlib.sha256).hexdigest()
 
         authorization_header = (
-            algorithm + ' ' +
-            'Credential=' + credential.access_key + '/' + credential_scope + ', ' +
-            'SignedHeaders=' + signed_headers + ', ' +
-            'Signature=' + signature
+                algorithm + ' ' +
+                'Credential=' + credential.access_key + '/' + credential_scope + ', ' +
+                'SignedHeaders=' + signed_headers + ', ' +
+                'Signature=' + signature
         )
 
         headers.update({
             const.JDCLOUD_AUTH: authorization_header,
             const.JDCLOUD_DATE: jdcloud_date,
             const.JDCLOUD_CONTENT_SHA256: payload_hash,
-            const.JDCLOUD_ALGORITHM: const.JDCLOUD_ALGORITHM,
+            const.JDCLOUD3_ALGORITHM: const.JDCLOUD3_ALGORITHM,
             const.JDCLOUD_NONCE: nonce
         })
 
         if security_token:
             headers.update({const.JDCLOUD_SECURITY_TOKEN: security_token})
 
-    def __normalize_query_string(self, query):
-        params = (list(map(str.strip, s.split("=")))
-                  for s in query.split('&')
-                  if len(s) > 0)
+    def __build_canonical_host(self, full_host):
+        if full_host.lower().find('http://') == 0:
+            full_host = full_host[7:]
+        elif full_host.lower().find('https://') == 0:
+            full_host = full_host[8:]
+        return full_host
 
-        normalized = '&'.join('%s=%s' % (p[0], p[1] if len(p) == 2 else ('%3D'.join(p[1:]) if len(p) > 2 else ''))
-                              for p in sorted(params))
+    def __normalize_query_string(self, query):
+        params = []
+        if isinstance(query, str):
+            for s in query.split('&'):
+                if len(s) <= 0:
+                    continue
+                list = []
+                for val in s.split('='):
+                    list.append(self.__urlencode(self.__urldecode(val)))
+                params.append(list)
+        elif isinstance(query, dict):
+            for key in query.keys():
+                list = []
+                list.append(self.__urlencode(self.__urldecode(key)))
+                list.append(self.__urlencode(self.__urldecode(query[key])))
+                params.append(list)
+
+        normalized = ''
+        for p in sorted(params):
+            if p[0] == '':
+                continue
+            elif len(p) == 2:
+                normalized += '%s=%s&' % (p[0], p[1])
+            elif len(p) > 2:
+                normalized += '%3D'.join(p[1:]) + '&'
+        if normalized.endswith('&'):
+            normalized = normalized[:normalized.__len__()-1]
         return normalized
 
     def __now(self):
@@ -113,39 +144,58 @@ def __now(self):
     def __url_path_to_dict(self, path):
         """http://stackoverflow.com/a/17892757/142207"""
 
-        pattern = (r'^'
-                   r'((?P<schema>.+?)://)?'
-                   r'((?P<user>.+?)(:(?P<password>.*?))?@)?'
-                   r'(?P<host>.*?)'
-                   r'(:(?P<port>\d+?))?'
-                   r'(?P<path>/.*?)?'
-                   r'(\?(?P<query>.*?))?'
-                   r'$')
-        regex = re.compile(pattern)
-        match = regex.match(path)
-        group_dict = match.groupdict() if match is not None else None
-
-        if group_dict['path'] is None:
-            group_dict['path'] = '/'
-
-        if group_dict['query'] is None:
-            group_dict['query'] = ''
-
-        return group_dict
+        # pattern = (r'^'
+        #            r'((?P<schema>.+?)://)?'
+        #            r'((?P<user>.+?)(:(?P<password>.*?))?@)?'
+        #            r'(?P<host>.*?)'
+        #            r'(:(?P<port>\d+?))?'
+        #            r'(?P<path>/.*?)?'
+        #            r'(\?(?P<query>.*?))?'
+        #            r'$')
+        # regex = re.compile(pattern)
+        # match = regex.match(path)
+        # group_dict = match.groupdict() if match is not None else None
+        #
+        # if group_dict['path'] is None:
+        #     group_dict['path'] = '/'
+        #
+        # if group_dict['query'] is None:
+        #     group_dict['query'] = ''
+        # return group_dict
+        return parse_url(path)
 
     def __sign(self, key, msg):
         return hmac.new(key, msg.encode('utf-8'), hashlib.sha256).digest()
 
     def __get_signature_key(self, key, date_stamp, region_name, service_name):
-        k_date = self.__sign((const.JDCLOUD2 + key).encode('utf-8'), date_stamp)
+        k_date = self.__sign((const.JDCLOUD3 + key).encode('utf-8'), date_stamp)
         k_region = self.__sign(k_date, region_name)
         k_service = self.__sign(k_region, service_name)
-        k_signing = self.__sign(k_service, const.JDCLOUD_REQUEST)
+        k_signing = self.__sign(k_service, const.JDCLOUD3_REQUEST)
         return k_signing
 
     def __sha256_hash(self, val):
         return hashlib.sha256(val.encode('utf-8')).hexdigest()
 
+    def __build_canonical_uri(self, path):
+        reg = re.compile('/+')
+        decoded_path = reg.sub('/', self.__urldecode(path))
+        if decoded_path == '':
+            return '/'
+        encoded_path = self.__urlencode_ignore_slashes(decoded_path)
+        if encoded_path.startswith('/'):
+            return encoded_path
+        return '/' + encoded_path
+
+    def __urlencode(self, value):
+        return quote(value, '~')
+
+    def __urlencode_ignore_slashes(self, value):
+        return quote(value, '/~')
+
+    def __urldecode(self, value):
+        return unquote_plus(value)
+
     def __build_canonical_headers(self, req_headers, security_token, full_host):
         headers = ['host']  # add host header first
         signed_values = {}
@@ -166,9 +216,18 @@ def __build_canonical_headers(self, req_headers, security_token, full_host):
         canonical_values = []
         for key in headers:
             if key == 'host':
-                canonical_values.append('host:' + full_host)
+                canonical_values.append('host:' + full_host.strip())
             else:
-                canonical_values.append(key + ':' + signed_values[key])
+                # canonical_values.append(key + ':' + )
+                header_value = signed_values[key]
+                if isinstance(header_value, str):
+                    canonical_values.append(key + ':' + header_value.strip())
+                elif isinstance(header_value, list):
+                    arr = []
+                    for val in header_value:
+                        arr.append(val.strip())
+                    canonical_values.append(key + ':' + ','.join(arr))
+
 
         canonical_headers = '\n'.join(canonical_values) + '\n'