fix v2 generate signed url

shallwewoo · shallwewoo · commit 485b7267abda · 2018-12-13T16:12:37.000+08:00
diff --git a/src/main/java/com/aliyun/oss/ClientConfiguration.java b/src/main/java/com/aliyun/oss/ClientConfiguration.java
@@ -31,10 +31,10 @@
 import com.aliyun.oss.common.auth.RequestSigner;
 import com.aliyun.oss.common.comm.IdleConnectionReaper;
 import com.aliyun.oss.common.comm.Protocol;
+import com.aliyun.oss.common.comm.SignVersion;
 import com.aliyun.oss.common.utils.ResourceManager;
 import com.aliyun.oss.common.utils.VersionInfoUtils;
 import com.aliyun.oss.internal.OSSConstants;
-import com.aliyun.oss.internal.SignParameters;
 
 /**
  * Client configurations for accessing to OSS services.
@@ -60,7 +60,7 @@ public class ClientConfiguration {
 
     public static final String DEFAULT_CNAME_EXCLUDE_LIST = "aliyuncs.com,aliyun-inc.com,aliyun.com";
 
-    public static final String DEFAULT_SIGNATURE_VERSION = SignParameters.AUTH_V1;
+    public static final SignVersion DEFAULT_SIGNATURE_VERSION = SignVersion.V1;
 
     protected String userAgent = DEFAULT_USER_AGENT;
     protected int maxErrorRetry = DEFAULT_MAX_RETRIES;
@@ -97,7 +97,7 @@ public class ClientConfiguration {
 
     protected List<RequestSigner> signerHandlers = new LinkedList<RequestSigner>();
 
-    protected String signatureVersion = DEFAULT_SIGNATURE_VERSION;
+    protected SignVersion signatureVersion = DEFAULT_SIGNATURE_VERSION;
 
     /**
      * Gets the user agent string.
@@ -662,7 +662,7 @@ public void setSignerHandlers(List<RequestSigner> signerHandlers) {
      *
      * @return signature version
      */
-    public String getSignatureVersion() {
+    public SignVersion getSignatureVersion() {
         return signatureVersion;
     }
 
@@ -671,7 +671,7 @@ public String getSignatureVersion() {
      *
      * @param signatureVersion
      */
-    public void setSignatureVersion(String signatureVersion) {
+    public void setSignatureVersion(SignVersion signatureVersion) {
         this.signatureVersion = signatureVersion;
     }
 }
diff --git a/src/main/java/com/aliyun/oss/OSS.java b/src/main/java/com/aliyun/oss/OSS.java
@@ -28,6 +28,7 @@
 
 import com.aliyun.oss.common.auth.Credentials;
 import com.aliyun.oss.common.comm.ResponseMessage;
+import com.aliyun.oss.common.comm.SignVersion;
 import com.aliyun.oss.model.*;
 import com.aliyun.oss.model.SetBucketCORSRequest.CORSRule;
 
@@ -58,7 +59,7 @@ public interface OSS {
      * @param signatureVersion
      *            the signature version to switch to。
      */
-    public void switchSignatureVersion(String signatureVersion);
+    public void switchSignatureVersion(SignVersion signatureVersion);
 
     /**
      * Shuts down the OSS instance (release all resources) The OSS instance is
diff --git a/src/main/java/com/aliyun/oss/OSSClient.java b/src/main/java/com/aliyun/oss/OSSClient.java
@@ -47,10 +47,7 @@
 import com.aliyun.oss.common.auth.CredentialsProvider;
 import com.aliyun.oss.common.auth.DefaultCredentialProvider;
 import com.aliyun.oss.common.auth.ServiceSignature;
-import com.aliyun.oss.common.comm.DefaultServiceClient;
-import com.aliyun.oss.common.comm.ResponseMessage;
-import com.aliyun.oss.common.comm.ServiceClient;
-import com.aliyun.oss.common.comm.TimeoutServiceClient;
+import com.aliyun.oss.common.comm.*;
 import com.aliyun.oss.common.utils.BinaryUtil;
 import com.aliyun.oss.common.utils.DateUtil;
 import com.aliyun.oss.internal.*;
@@ -301,9 +298,9 @@ public void switchCredentials(Credentials creds) {
     }
 
     @Override
-    public void switchSignatureVersion(String signatureVersion) {
-        if (!SignParameters.AUTH_V1.equals(signatureVersion) && !SignParameters.AUTH_V2.equals(signatureVersion)) {
-            throw new IllegalArgumentException("unsupported signature version" + signatureVersion);
+    public void switchSignatureVersion(SignVersion signatureVersion) {
+        if (signatureVersion == null) {
+            throw new IllegalArgumentException("signatureVersion should not be null.");
         }
 
         this.getClientConfiguration().setSignatureVersion(signatureVersion);
@@ -700,7 +697,7 @@ public URL generatePresignedUrl(GeneratePresignedUrlRequest request) throws Clie
         }
         String url;
 
-        if (serviceClient.getClientConfiguration().getSignatureVersion() != null && serviceClient.getClientConfiguration().getSignatureVersion().equals(SignParameters.AUTH_V2)) {
+        if (serviceClient.getClientConfiguration().getSignatureVersion() != null && serviceClient.getClientConfiguration().getSignatureVersion() == SignVersion.V2) {
             url = SignV2Utils.buildSignedURL(request, credsProvider.getCredentials(), serviceClient.getClientConfiguration(), endpoint);
         } else {
             url = SignUtils.buildSignedURL(request, credsProvider.getCredentials(), serviceClient.getClientConfiguration(), endpoint);
diff --git a/src/main/java/com/aliyun/oss/common/comm/SignVersion.java b/src/main/java/com/aliyun/oss/common/comm/SignVersion.java
@@ -0,0 +1,6 @@
+package com.aliyun.oss.common.comm;
+
+public enum SignVersion {
+    V1,
+    V2
+}
diff --git a/src/main/java/com/aliyun/oss/internal/OSSOperation.java b/src/main/java/com/aliyun/oss/internal/OSSOperation.java
@@ -33,18 +33,7 @@
 import com.aliyun.oss.common.auth.Credentials;
 import com.aliyun.oss.common.auth.CredentialsProvider;
 import com.aliyun.oss.common.auth.RequestSigner;
-import com.aliyun.oss.common.comm.ExecutionContext;
-import com.aliyun.oss.common.comm.NoRetryStrategy;
-import com.aliyun.oss.common.comm.RequestChecksumHanlder;
-import com.aliyun.oss.common.comm.RequestHandler;
-import com.aliyun.oss.common.comm.RequestMessage;
-import com.aliyun.oss.common.comm.RequestProgressHanlder;
-import com.aliyun.oss.common.comm.ResponseChecksumHandler;
-import com.aliyun.oss.common.comm.ResponseHandler;
-import com.aliyun.oss.common.comm.ResponseMessage;
-import com.aliyun.oss.common.comm.ResponseProgressHandler;
-import com.aliyun.oss.common.comm.RetryStrategy;
-import com.aliyun.oss.common.comm.ServiceClient;
+import com.aliyun.oss.common.comm.*;
 import com.aliyun.oss.common.parser.ResponseParseException;
 import com.aliyun.oss.common.parser.ResponseParser;
 import com.aliyun.oss.common.utils.ExceptionFactory;
@@ -165,7 +154,7 @@ protected <T> T doOperation(RequestMessage request, ResponseParser<T> parser, St
         }
     }
 
-    private static RequestSigner createSigner(HttpMethod method, String bucketName, String key, Credentials creds, String signatureVersion) {
+    private static RequestSigner createSigner(HttpMethod method, String bucketName, String key, Credentials creds, SignVersion signatureVersion) {
         String resourcePath = "/" + ((bucketName != null) ? bucketName + "/" : "") + ((key != null ? key : ""));
 
         return new OSSRequestSigner(method.toString(), resourcePath, creds, signatureVersion);
diff --git a/src/main/java/com/aliyun/oss/internal/OSSRequestSigner.java b/src/main/java/com/aliyun/oss/internal/OSSRequestSigner.java
@@ -23,6 +23,7 @@
 import com.aliyun.oss.common.auth.Credentials;
 import com.aliyun.oss.common.auth.RequestSigner;
 import com.aliyun.oss.common.comm.RequestMessage;
+import com.aliyun.oss.common.comm.SignVersion;
 
 public class OSSRequestSigner implements RequestSigner {
 
@@ -33,9 +34,9 @@ public class OSSRequestSigner implements RequestSigner {
 
     private Credentials creds;
 
-    private String signatureVersion;
+    private SignVersion signatureVersion;
 
-    public OSSRequestSigner(String httpMethod, String resourcePath, Credentials creds, String signatureVersion) {
+    public OSSRequestSigner(String httpMethod, String resourcePath, Credentials creds, SignVersion signatureVersion) {
         this.httpMethod = httpMethod;
         this.resourcePath = resourcePath;
         this.creds = creds;
@@ -50,7 +51,7 @@ public void sign(RequestMessage request) throws ClientException {
         if (accessKeyId.length() > 0 && secretAccessKey.length() > 0) {
             String signature;
 
-            if (SignParameters.AUTH_V2.equals(signatureVersion)) {
+            if (signatureVersion == SignVersion.V2) {
                 signature = SignV2Utils.buildSignature(secretAccessKey, httpMethod, resourcePath, request);
                 request.addHeader(OSSHeaders.AUTHORIZATION, SignV2Utils.composeRequestAuthorization(accessKeyId,signature, request));
             } else {
diff --git a/src/main/java/com/aliyun/oss/internal/SignParameters.java b/src/main/java/com/aliyun/oss/internal/SignParameters.java
@@ -14,10 +14,6 @@
 
 public class SignParameters {
 
-    public static final String AUTH_V1 = "auth-v1";
-
-    public static final String AUTH_V2 = "auth-v2";
-
     public static final String AUTHORIZATION_PREFIX = "OSS ";
 
     public static final String AUTHORIZATION_PREFIX_V2 = "OSS2 ";
diff --git a/src/main/java/com/aliyun/oss/internal/SignV2Utils.java b/src/main/java/com/aliyun/oss/internal/SignV2Utils.java
@@ -27,30 +27,34 @@ public class SignV2Utils {
 
     public static String composeRequestAuthorization(String accessKeyId, String signature, RequestMessage request) {
         StringBuilder sb = new StringBuilder();
-        Set<String> ts = buildSortedAdditionalHeaderNames(request.getOriginalRequest().getHeaders().keySet(),
-                request.getOriginalRequest().getAdditionalHeaderNames());
-
         sb.append(AUTHORIZATION_PREFIX_V2 + AUTHORIZATION_ACCESS_KEY_ID).append(":").append(accessKeyId).append(", ");
 
-        if (ts != null && !ts.isEmpty()) {
-            sb.append(AUTHORIZATION_ADDITIONAL_HEADERS).append(":");
-
-            String separator = "";
+        String additionHeaderNameStr = buildSortedAdditionalHeaderNameStr(request.getOriginalRequest().getHeaders().keySet(),
+                request.getOriginalRequest().getAdditionalHeaderNames());
 
-            for (String header : ts) {
-                sb.append(separator);
-                sb.append(header.toLowerCase());
-                separator = ";";
-            }
-            sb.append(", ");
+        if (!additionHeaderNameStr.isEmpty()) {
+            sb.append(AUTHORIZATION_ADDITIONAL_HEADERS).append(":").append(additionHeaderNameStr).append(", ");
         }
         sb.append(AUTHORIZATION_SIGNATURE).append(":").append(signature);
 
         return sb.toString();
     }
 
-    private static TreeSet<String> buildSortedAdditionalHeaderNames(Set<String> headerNames, Set<String> additionalHeaderNames) {
-        TreeSet<String> ts = new TreeSet<String>();
+    private static String buildSortedAdditionalHeaderNameStr(Set<String> headerNames, Set<String> additionalHeaderNames) {
+        Set<String> ts = buildSortedAdditionalHeaderNames(headerNames, additionalHeaderNames);
+        StringBuilder sb = new StringBuilder();
+        String separator = "";
+
+        for (String header : ts) {
+            sb.append(separator);
+            sb.append(header);
+            separator = ";";
+        }
+        return sb.toString();
+    }
+
+    private static Set<String> buildSortedAdditionalHeaderNames(Set<String> headerNames, Set<String> additionalHeaderNames) {
+        Set<String> ts = new TreeSet<String>();
 
         if (headerNames != null && additionalHeaderNames != null) {
             for (String additionalHeaderName : additionalHeaderNames) {
@@ -197,11 +201,21 @@ public static String buildSignedURL(GeneratePresignedUrlRequest request, Credent
         requestMessage.addParameter(OSS_SIGNATURE_VERSION, SignParameters.AUTHORIZATION_V2);
         requestMessage.addParameter(OSS_EXPIRES, expires);
         requestMessage.addParameter(OSS_ACCESS_KEY_ID_PARAM, accessId);
+        String additionalHeaderNameStr = buildSortedAdditionalHeaderNameStr(requestMessage.getHeaders().keySet(),
+                request.getAdditionalHeaderNames());
+
+        if (!additionalHeaderNameStr.isEmpty()) {
+            requestMessage.addParameter(OSS_ADDITIONAL_HEADERS, additionalHeaderNameStr);
+        }
         Set<String> rawAdditionalHeaderNames = buildRawAdditionalHeaderNames(request.getHeaders().keySet(), request.getAdditionalHeaderNames());
         String canonicalString = buildCanonicalString(method.toString(), canonicalResource, requestMessage, rawAdditionalHeaderNames);
         String signature = new HmacSHA256Signature().computeSignature(accessKey, canonicalString);
 
         Map<String, String> params = new LinkedHashMap<String, String>();
+
+        if (!additionalHeaderNameStr.isEmpty()) {
+            params.put(OSS_ADDITIONAL_HEADERS, additionalHeaderNameStr);
+        }
         params.put(OSS_SIGNATURE, signature);
         params.putAll(requestMessage.getParameters());
 
diff --git a/src/test/java/com/aliyun/oss/integrationtests/GetObjectTest.java b/src/test/java/com/aliyun/oss/integrationtests/GetObjectTest.java
@@ -529,7 +529,7 @@ public void testGetObjectWithSpecialChars() {
     @Test
     public void testGetObjectByUrlsignature() {    
         final String key = "put-object-by-urlsignature";
-        final String expirationString = "Sun, 12 Apr 2018 12:00:00 GMT";
+        final String expirationString = "Sun, 12 Apr 2020 12:00:00 GMT";
         final long inputStreamLength = 128 * 1024; //128KB
         final long firstByte= inputStreamLength / 2;
         final long lastByte = inputStreamLength - 1;
diff --git a/src/test/java/com/aliyun/oss/integrationtests/SignTest.java b/src/test/java/com/aliyun/oss/integrationtests/SignTest.java

-Original file line number
+Diff line change
@@ @@ -0,0 +1,6 @@ @@
 +package com.aliyun.oss.common.comm;
++
 +public enum SignVersion {
 +    V1,
 +    V2
 +}