Fix for signature

Author: Manu Chaudhary

imagekitio/constants/errors.py

@@ -10,6 +10,9 @@ class ERRORS(enum.Enum):
         "message": "Invalid transformationPosition parameter",
         help: "",
     }
+    MANDATORY_SRC_OR_PATH = {
+        "message": "Pass one of the mandatory parameter path or src"
+    }
     INVALID_URL_GENERATION_PARAMETER = {"message": "Invalid url parameter", help: ""}
     INVALID_TRANSFORMATION_OPTIONS = {
         "message": "Invalid transformation parameter options",

imagekitio/resource.py

@@ -42,13 +42,7 @@ def get_auth_headers(self):
 
         :return: dictionary of encoded private key
         """
-        # checking if ':' is appearing for basic authentication
-        # otherwise password will be required with username
-        # see basic authentication related articles about
-        # being authenticated only with username
-        if self.private_key[-1] != ":":
-            self.private_key += ":"
-        encoded_private_key = base64.b64encode(self.private_key.encode()).decode(
+        encoded_private_key = base64.b64encode((self.private_key + ":").encode()).decode(
             "utf-8"
         )
         return {"Authorization": "Basic {}".format(encoded_private_key)}

imagekitio/url.py

@@ -1,8 +1,9 @@
 import hashlib
 import hmac
+import sys
 from datetime import datetime as dt
 from typing import Any, Dict, List
-from urllib.parse import ParseResult, urlparse, urlunparse
+from urllib.parse import ParseResult, urlparse, urlunparse, parse_qsl, urlencode
 
 from imagekitio.constants.defaults import Default
 from imagekitio.constants.supported_transform import SUPPORTED_TRANS
@@ -33,135 +34,69 @@ def __init__(self, request_obj):
 
     def generate_url(self, options: Dict = None) -> str:
         options = camel_dict_to_snake_dict(options)
-        if options.get("src"):
-            options["transformation_position"] = DEFAULT_TRANSFORMATION_POSITION
         extended_options = self.request.extend_url_options(options)
         return self.build_url(extended_options)
 
     def build_url(self, options: dict) -> str:
         """
         builds url for from all options,
         """
-        path = options.get("path", "")
-        src = options.get("src", "")
-        url_endpoint = options.get("url_endpoint", "")
-        transformation_position = options.get("transformation_position")
+        
+        path = options.get("path", "").strip("/")
+        src = options.get("src", "").strip("/")
+        url_endpoint = options.get("url_endpoint", "").strip("/")
+        transformation_str = self.transformation_to_str(options.get("transformation"))
+        transformation_position = options.get("transformation_position") or DEFAULT_TRANSFORMATION_POSITION
+
         if transformation_position not in Default.VALID_TRANSFORMATION_POSITION.value:
             raise ValueError(ERRORS.INVALID_TRANSFORMATION_POSITION.value)
 
-        if src or (
-            options.get(
-                "transformation_position") == QUERY_TRANSFORMATION_POSITION
-        ):
-            src_param_used_for_url = True
-        else:
-            src_param_used_for_url = False
-        if not (path or src):
+        if (path is "" and src is ""):
             return ""
-        result_url_dict = {"netloc": "", "path": "", "query": ""}
-        path_args = ""
-        if path:
-            if len(path.split("?")) > 1:
-                path_args = path.split("?")[1]
-            parsed_url = urlparse(path)
-            parsed_host = urlparse(url_endpoint)
-            result_url_dict["scheme"] = parsed_host.scheme
-            result_url_dict["netloc"] = (parsed_host.netloc + parsed_host.path).lstrip(
-                "/"
-            )
-            result_url_dict["path"] = parsed_url.path.strip("/")
-            result_url_dict["query"] = path_args
 
+        if src:
+            temp_url = src.strip("/")
+            transformation_position = QUERY_TRANSFORMATION_POSITION
         else:
-            parsed_url = urlparse(src)
-            if len(src.split("?")) > 1:
-                path_args = src.split("?")[1]
-            host = parsed_url.netloc
-            if parsed_url.username:
-                # creating host like username:[email protected] if username is there in parsed url
-                host = "{}:{}@{}".format(
-                    parsed_url.username, parsed_url.password, parsed_url.netloc
-                )
-            result_url_dict["netloc"] = host
-            result_url_dict["scheme"] = parsed_url.scheme
-            result_url_dict["path"] = parsed_url.path
-            src_param_used_for_url = True
-        query_params = options.get("query_parameters", {})
-        transformation_str = self.transformation_to_str(
-            options.get("transformation"))
-        if transformation_str:
-            if (
-                transformation_position == Default.QUERY_TRANSFORMATION_POSITION.value
-            ) or src_param_used_for_url:
-                result_url_dict["query"] = "{}={}".format(
-                    TRANSFORMATION_PARAMETER, transformation_str
+            if transformation_position == "path":
+                temp_url = "{}/{}:{}/{}".format(
+                    url_endpoint.strip("/"),
+                    TRANSFORMATION_PARAMETER,
+                    transformation_str.strip("/"),
+                    path.strip("/")
                 )
-
             else:
-                result_url_dict["path"] = "{}:{}/{}".format(
-                    TRANSFORMATION_PARAMETER,
-                    transformation_str,
-                    result_url_dict["path"],
+                temp_url = "{}/{}".format(
+                    url_endpoint.strip("/"),
+                    path.strip("/")
                 )
 
-        result_url_dict["scheme"] = result_url_dict["scheme"] or "https"
+        url_object = urlparse(temp_url.strip("/"))
+
+        query_params = dict(parse_qsl(url_object.query))
+        query_params.update(options.get("query_parameters", {}))
+        if transformation_position == QUERY_TRANSFORMATION_POSITION:
+            query_params.update({"tr": transformation_str})
+        query_params.update({"ik-sdk-version": Default.SDK_VERSION.value})
+
+        # Update query params
+        url_object = url_object._replace(query=urlencode(query_params))
 
-        # Signature String and Timestamp
-        # We can do this only for URLs that are created using urlEndpoint and path parameter
-        # because we need to know the endpoint to be able to remove it from the URL to create a signature
-        # for the remaining. With the src parameter, we would not know the "pattern" in the URL
-        if options.get("signed") and (not options.get("src")):
+        if options.get("signed"):
             expire_seconds = options.get("expire_seconds")
             private_key = options.get("private_key")
             expiry_timestamp = self.get_signature_timestamp(expire_seconds)
-
-            # Temporary variable to generate the URL signature
-            modified_result_url_dict = self.prepare_dict_for_unparse(
-                result_url_dict)
-            intermediate_url = urlunparse(
-                modified_result_url_dict.get(f, "") for f in ParseResult._fields
-            )
             url_signature = self.get_signature(
                 private_key=private_key,
-                url=intermediate_url,
+                url=url_object.geturl(),
                 url_endpoint=url_endpoint,
                 expiry_timestamp=expiry_timestamp,
             )
-            if expiry_timestamp and (expiry_timestamp != DEFAULT_TIMESTAMP):
-                query_params[TIMESTAMP_PARAMETER] = expiry_timestamp
-            query_params[SIGNATURE_PARAMETER] = url_signature
-            query_params_str = "&".join(
-                str(k) + "=" + str(v) for k, v in query_params.items()
-            )
-            result_url_dict["query"] = query_params_str
-
-        result_url_dict = self.prepare_dict_for_unparse(result_url_dict)
-        if path_args:
-            updated_query = path_args + "&" + result_url_dict["query"]
-            result_url_dict["query"] = updated_query
-        generated_url = urlunparse(
-            result_url_dict.get(f, "") for f in ParseResult._fields
-        )
-
-        if result_url_dict["query"]:
-            generated_url = (
-                generated_url + "&ik-sdk-version=" + Default.SDK_VERSION.value
-            )
-        else:
-            generated_url = (
-                generated_url + "?ik-sdk-version=" + Default.SDK_VERSION.value
-            )
-
-        extra_query_parameters = options.get("query_parameters")
-        if extra_query_parameters is not None:
-            extra_query_parameters_str = "&".join(
-                str(k) + "=" + str(v) for k, v in extra_query_parameters.items()
-            )
-            generated_url = (
-                generated_url + "&" + extra_query_parameters_str
-            )
+            query_params.update({TIMESTAMP_PARAMETER: expiry_timestamp, SIGNATURE_PARAMETER: url_signature})
+            # Update signature related query params
+            url_object = url_object._replace(query=urlencode(query_params))
 
-        return generated_url
+        return url_object.geturl()
 
     @staticmethod
     def get_signature_timestamp(seconds: int = None) -> int:

tests/test_generate_url.py

@@ -107,9 +107,9 @@ def test_generate_url_query_parameters(self):
         url = self.client.url(options)
         self.assertEqual(
             url,
-            "https://test-domain.com/test-endpoint/tr:h-300,w-400/default-image.jpg?ik-sdk-version={}".format(
+            "https://test-domain.com/test-endpoint/tr:h-300,w-400/default-image.jpg?param1=value1&param2=value2&ik-sdk-version={}".format(
                 Default.SDK_VERSION.value
-            ) + "&param1=value1&param2=value2",
+            ),
         )
 
     def test_generate_url_with_src(self):
@@ -129,7 +129,7 @@ def test_generate_url_with_src(self):
         url = self.client.url(options)
         self.assertEqual(
             url,
-            "https://ik.imagekit.io/ldt7znpgpjs/test_YhNhoRxWt.jpg?tr=h-300,w-400,f-jpg,pr-true,e-contrast-1:rt-90&ik-sdk-version={}".format(
+            "https://ik.imagekit.io/ldt7znpgpjs/test_YhNhoRxWt.jpg?tr=h-300%2Cw-400%2Cf-jpg%2Cpr-true%2Ce-contrast-1%3Art-90&ik-sdk-version={}".format(
                 Default.SDK_VERSION.value
             ),
         )
@@ -155,9 +155,9 @@ def test_generate_url_with_src_with_query_params_double(self):
         # @TODO - adjust value of param1=value1 in test case but it should be there
         self.assertEqual(
             url,
-            "https://ik.imagekit.io/ldt7znpgpjs/test_YhNhoRxWt.jpg?queryparam1=value1&tr=h-300,w-400,f-jpg,pr-true,e-contrast-1:rt-90&ik-sdk-version={}".format(
+            "https://ik.imagekit.io/ldt7znpgpjs/test_YhNhoRxWt.jpg?queryparam1=value1&param1=value1&tr=h-300%2Cw-400%2Cf-jpg%2Cpr-true%2Ce-contrast-1%3Art-90&ik-sdk-version={}".format(
                 Default.SDK_VERSION.value
-            ) + "&param1=value1",
+            )
         )
 
     def test_generate_url_with_path_and_signed(self):
@@ -206,7 +206,7 @@ def test_url_with_new_transformation_returns_as_it_is(self):
         self.assertIn("fake_xxxx", url)
         self.assertEqual(
             url,
-            "https://ik.imagekit.io/your_imagekit_id/endpoint/default-image.jpg?tr=h-300,fake_xxxx-400&ik-sdk-version={}".format(
+            "https://ik.imagekit.io/your_imagekit_id/endpoint/default-image.jpg?tr=h-300%2Cfake_xxxx-400&ik-sdk-version={}".format(
                 Default.SDK_VERSION.value
             ),
         )
@@ -246,7 +246,7 @@ def test_generate_url_with_chained_transformations(self):
         url = self.client.url(options)
         self.assertEqual(
             url,
-            "https://ik.imagekit.io/ldt7znpgpjs/test_YhNhoRxWt.jpg?tr=h-300,w-400,f-jpg,pr-true,e-contrast-1:rt-90&ik-sdk-version={}".format(
+            "https://ik.imagekit.io/ldt7znpgpjs/test_YhNhoRxWt.jpg?tr=h-300%2Cw-400%2Cf-jpg%2Cpr-true%2Ce-contrast-1%3Art-90&ik-sdk-version={}".format(
                 Default.SDK_VERSION.value
             ),
         )
@@ -259,7 +259,7 @@ def test_url_check_query_param_are_added_correctly(self):
         }
         url = self.client.url(options)
         self.assertEqual(url,
-                         "https://test-domain.com/test-endpoint/default-image.jpg?client=123&user=5&tr=h-300,w-400&ik-sdk-version={}".format(
+                         "https://test-domain.com/test-endpoint/default-image.jpg?client=123&user=5&tr=h-300%2Cw-400&ik-sdk-version={}".format(
                              Default.SDK_VERSION.value))
 
     def test_generate_url_with_src_query_parameters_merge_correctly(self):
@@ -279,7 +279,7 @@ def test_generate_url_with_src_query_parameters_merge_correctly(self):
         url = self.client.url(options)
         self.assertEqual(
             url,
-            "https://ik.imagekit.io/ldt7znpgpjs/test_YhNhoRxWt.jpg?client=123&ab=c&tr=h-300,w-400,f-jpg,pr-true,e-contrast-1:rt-90&ik-sdk-version={}".format(
+            "https://ik.imagekit.io/ldt7znpgpjs/test_YhNhoRxWt.jpg?client=123&ab=c&tr=h-300%2Cw-400%2Cf-jpg%2Cpr-true%2Ce-contrast-1%3Art-90&ik-sdk-version={}".format(
                 Default.SDK_VERSION.value
             ),
         )
@@ -302,7 +302,7 @@ def test_generate_url_with_src_and_transformation_position_path(self):
         url = self.client.url(options)
         self.assertEqual(
             url,
-            "https://ik.imagekit.io/ldt7znpgpjs/test_YhNhoRxWt.jpg?tr=h-300,w-400,f-jpg,pr-true,e-contrast-1:rt-90&ik-sdk-version={}".format(
+            "https://ik.imagekit.io/ldt7znpgpjs/test_YhNhoRxWt.jpg?tr=h-300%2Cw-400%2Cf-jpg%2Cpr-true%2Ce-contrast-1%3Art-90&ik-sdk-version={}".format(
                 Default.SDK_VERSION.value
             ),
         )