fix(腾讯云): 修复A/B/D类签名查询参数重复编码的问题

storezhang · storezhang · commit 81f007ee58fd · 2023-04-06T09:31:48.000+08:00
diff --git a/changcache_c.go b/changcache_c.go
@@ -27,18 +27,19 @@ func newChuangcacheC(token string) *chuangcacheC {
 	}
 }
 
-func (cc *chuangcacheC) sign(from *url.URL) (err error) {
+func (cc *chuangcacheC) sign(url *url.URL) (err error) {
 	now := time.Now().Unix()
-	key := fmt.Sprintf(cc.pattern, cc.token, from.Path, now)
-	sb := gox.StringBuilder(from.RawQuery)
-	if "" == from.RawQuery {
+	key := fmt.Sprintf(cc.pattern, cc.token, url.Path, now)
+	sign := cryptor.New(key).Md5().Hex()
+	sb := gox.StringBuilder(url.RawQuery)
+	if "" == url.RawQuery {
 		sb.Append(question)
 	} else {
 		sb.Append(and)
 	}
-	sb.Append(cc.signature).Append(equal).Append(cryptor.New(key).Md5().Hex())
+	sb.Append(cc.signature).Append(equal).Append(sign)
 	sb.Append(and).Append(cc.timestamp).Append(equal).Append(now)
-	from.RawQuery = sb.String()
+	url.RawQuery = sb.String()
 
 	return
 }
diff --git a/tencent_a.go b/tencent_a.go
@@ -6,29 +6,37 @@ import (
 	"time"
 
 	"github.com/goexl/cryptor"
+	"github.com/goexl/gox"
 	"github.com/rs/xid"
 )
 
 var _ signer = (*tencentA)(nil)
 
 type tencentA struct {
-	pattern string
-	key     string
+	pattern   string
+	key       string
+	signature string
 }
 
 func newTencentA(key string) *tencentA {
 	return &tencentA{
-		pattern: "%s%d0%s%s",
-		key:     key,
+		pattern:   "%s%d0%s%s",
+		key:       key,
+		signature: "sign",
 	}
 }
 
-func (a *tencentA) sign(url *url.URL) (err error) {
-	nowHex := time.Now().Unix()
-	key := fmt.Sprintf(a.pattern, url.EscapedPath(), nowHex, xid.New().String(), a.key)
-	query := url.Query()
-	query.Add("sign", cryptor.New(key).Md5().Hex())
-	url.RawQuery = query.Encode()
+func (ta *tencentA) sign(url *url.URL) (err error) {
+	now := time.Now().Unix()
+	key := fmt.Sprintf(ta.pattern, url.EscapedPath(), now, xid.New().String(), ta.key)
+	sb := gox.StringBuilder(url.RawQuery)
+	if "" == url.RawQuery {
+		sb.Append(question)
+	} else {
+		sb.Append(and)
+	}
+	sb.Append(ta.signature).Append(equal).Append(cryptor.New(key).Md5().Hex())
+	url.RawQuery = sb.String()
 
 	return
 }
diff --git a/tencent_b.go b/tencent_b.go
@@ -22,12 +22,12 @@ func newTencentB(key string) *tencentB {
 	}
 }
 
-func (b *tencentB) sign(url *url.URL) (err error) {
-	nowHex := time.Now().Format("20060102150405")
-	key := fmt.Sprintf(b.pattern, b.key, nowHex, url.EscapedPath())
+func (tb *tencentB) sign(url *url.URL) (err error) {
+	now := time.Now().Format("20060102150405")
+	key := fmt.Sprintf(tb.pattern, tb.key, now, url.EscapedPath())
 	sign := cryptor.New(key).Md5().Hex()
-	url.RawPath = fmt.Sprintf("%s/%s%s", nowHex, sign, url.EscapedPath())
-	url.Path = fmt.Sprintf("%s/%s%s", nowHex, sign, url.Path)
+	url.RawPath = fmt.Sprintf("%s/%s%s", now, sign, url.EscapedPath())
+	url.Path = fmt.Sprintf("%s/%s%s", now, sign, url.Path)
 
 	return
 }
diff --git a/tencent_c.go b/tencent_c.go
@@ -23,12 +23,12 @@ func newTencentC(key string) *tencentC {
 	}
 }
 
-func (c *tencentC) sign(url *url.URL) (err error) {
-	nowHex := strconv.FormatInt(time.Now().Unix(), 16)
-	key := fmt.Sprintf(c.pattern, c.key, url.EscapedPath(), nowHex)
+func (tc *tencentC) sign(url *url.URL) (err error) {
+	now := strconv.FormatInt(time.Now().Unix(), 16)
+	key := fmt.Sprintf(tc.pattern, tc.key, url.EscapedPath(), now)
 	sign := cryptor.New(key).Md5().Hex()
-	url.RawPath = fmt.Sprintf("/%s/%s%s", sign, nowHex, url.EscapedPath())
-	url.Path = fmt.Sprintf("/%s/%s%s", sign, nowHex, url.Path)
+	url.RawPath = fmt.Sprintf("/%s/%s%s", sign, now, url.EscapedPath())
+	url.Path = fmt.Sprintf("/%s/%s%s", sign, now, url.Path)
 
 	return
 }
diff --git a/tencent_d.go b/tencent_d.go
@@ -7,6 +7,7 @@ import (
 	"time"
 
 	"github.com/goexl/cryptor"
+	"github.com/goexl/gox"
 )
 
 var _ signer = (*tencentD)(nil)
@@ -27,14 +28,19 @@ func newTencentD(key string, signature string, timestamp string) *tencentD {
 	}
 }
 
-func (d *tencentD) sign(url *url.URL) (err error) {
-	nowHex := strconv.FormatInt(time.Now().Unix(), 16)
-	key := fmt.Sprintf(d.pattern, d.key, url.EscapedPath(), nowHex)
+func (td *tencentD) sign(url *url.URL) (err error) {
+	now := strconv.FormatInt(time.Now().Unix(), 16)
+	key := fmt.Sprintf(td.pattern, td.key, url.EscapedPath(), now)
 	sign := cryptor.New(key).Md5().Hex()
-	query := url.Query()
-	query.Add(d.signature, sign)
-	query.Add(d.timestamp, nowHex)
-	url.RawQuery = query.Encode()
+	sb := gox.StringBuilder(url.RawQuery)
+	if "" == url.RawQuery {
+		sb.Append(question)
+	} else {
+		sb.Append(and)
+	}
+	sb.Append(td.signature).Append(equal).Append(sign)
+	sb.Append(and).Append(td.timestamp).Append(equal).Append(now)
+	url.RawQuery = sb.String()
 
 	return
 }

Original file line number	Diff line number	Diff line change
`@@ -27,18 +27,19 @@ func newChuangcacheC(token string) *chuangcacheC {`
`27`	`27`	`}`
`28`	`28`	`}`
`29`	`29`
`30`		`-func (cc chuangcacheC) sign(from url.URL) (err error) {`
	`30`	`+func (cc chuangcacheC) sign(url url.URL) (err error) {`
`31`	`31`	`now := time.Now().Unix()`
`32`		`- key := fmt.Sprintf(cc.pattern, cc.token, from.Path, now)`
`33`		`- sb := gox.StringBuilder(from.RawQuery)`
`34`		`- if "" == from.RawQuery {`
	`32`	`+ key := fmt.Sprintf(cc.pattern, cc.token, url.Path, now)`
	`33`	`+ sign := cryptor.New(key).Md5().Hex()`
	`34`	`+ sb := gox.StringBuilder(url.RawQuery)`
	`35`	`+ if "" == url.RawQuery {`
`35`	`36`	`sb.Append(question)`
`36`	`37`	`} else {`
`37`	`38`	`sb.Append(and)`
`38`	`39`	`}`
`39`		`- sb.Append(cc.signature).Append(equal).Append(cryptor.New(key).Md5().Hex())`
	`40`	`+ sb.Append(cc.signature).Append(equal).Append(sign)`
`40`	`41`	`sb.Append(and).Append(cc.timestamp).Append(equal).Append(now)`
`41`		`- from.RawQuery = sb.String()`
	`42`	`+ url.RawQuery = sb.String()`
`42`	`43`
`43`	`44`	`return`
`44`	`45`	`}`
Original file line number	Diff line number	Diff line change
`@@ -22,12 +22,12 @@ func newTencentB(key string) *tencentB {`
`22`	`22`	`}`
`23`	`23`	`}`
`24`	`24`
`25`		`-func (b tencentB) sign(url url.URL) (err error) {`
`26`		`- nowHex := time.Now().Format("20060102150405")`
`27`		`- key := fmt.Sprintf(b.pattern, b.key, nowHex, url.EscapedPath())`
	`25`	`+func (tb tencentB) sign(url url.URL) (err error) {`
	`26`	`+ now := time.Now().Format("20060102150405")`
	`27`	`+ key := fmt.Sprintf(tb.pattern, tb.key, now, url.EscapedPath())`
`28`	`28`	`sign := cryptor.New(key).Md5().Hex()`
`29`		`- url.RawPath = fmt.Sprintf("%s/%s%s", nowHex, sign, url.EscapedPath())`
`30`		`- url.Path = fmt.Sprintf("%s/%s%s", nowHex, sign, url.Path)`
	`29`	`+ url.RawPath = fmt.Sprintf("%s/%s%s", now, sign, url.EscapedPath())`
	`30`	`+ url.Path = fmt.Sprintf("%s/%s%s", now, sign, url.Path)`
`31`	`31`
`32`	`32`	`return`
`33`	`33`	`}`
Original file line number	Diff line number	Diff line change
`@@ -23,12 +23,12 @@ func newTencentC(key string) *tencentC {`
`23`	`23`	`}`
`24`	`24`	`}`
`25`	`25`
`26`		`-func (c tencentC) sign(url url.URL) (err error) {`
`27`		`- nowHex := strconv.FormatInt(time.Now().Unix(), 16)`
`28`		`- key := fmt.Sprintf(c.pattern, c.key, url.EscapedPath(), nowHex)`
	`26`	`+func (tc tencentC) sign(url url.URL) (err error) {`
	`27`	`+ now := strconv.FormatInt(time.Now().Unix(), 16)`
	`28`	`+ key := fmt.Sprintf(tc.pattern, tc.key, url.EscapedPath(), now)`
`29`	`29`	`sign := cryptor.New(key).Md5().Hex()`
`30`		`- url.RawPath = fmt.Sprintf("/%s/%s%s", sign, nowHex, url.EscapedPath())`
`31`		`- url.Path = fmt.Sprintf("/%s/%s%s", sign, nowHex, url.Path)`
	`30`	`+ url.RawPath = fmt.Sprintf("/%s/%s%s", sign, now, url.EscapedPath())`
	`31`	`+ url.Path = fmt.Sprintf("/%s/%s%s", sign, now, url.Path)`
`32`	`32`
`33`	`33`	`return`
`34`	`34`	`}`