feat 优化签名生成代码

Author: sabakugaara

examples/client-upload/policy.php

@@ -3,14 +3,19 @@
 
 use Upyun\Config;
 use Upyun\Signature;
+use Upyun\Util;
 
 $config = new Config(BUCKET, USER_NAME, PWD);
 $config->setFormApiKey('Mv83tlocuzkmfKKUFbz2s04FzTw=');
 
 $data['save-key'] = $_GET['save_path'];
 $data['expiration'] = time() + 120;
-$policy = Signature::getFormSignature($config, $data);
-$policy['authorization'] = 'UPYUN ' . USER_NAME . ':' . $policy['signature'];
-echo json_encode($policy);
-
-
+$data['bucket'] = BUCKET;
+$policy = Util::base64Json($data);
+$method = 'POST';
+$uri = '/' . $data['bucket'];
+$signature = Signature::getBodySignature($config, $method, $uri, null, $policy);
+echo json_encode(array(
+    'policy' => $policy,
+    'authorization' => $signature
+));

src/Upyun/Api/Form.php

@@ -3,6 +3,7 @@
 namespace Upyun\Api;
 
 use Upyun\Signature;
+use Upyun\Util;
 use GuzzleHttp\Client;
 
 class Form extends Rest{
@@ -14,24 +15,24 @@ public function upload($path, $stream, $params) {
             $params['expiration'] = time() + 30 * 60 * 60; // 30 分钟
         }
 
-        $result = Signature::getFormSignature($this->config, $params);
-        $policy = $result['policy'];
-        $signature = $result['signature'];
+        $policy = Util::base64Json($params);
+        $method = 'POST';
+        $signature = Signature::getBodySignature($this->config, $method, '/' . $params['bucket'], null, $policy);
         $client = new Client([
             'timeout' => $this->config->timeout,
         ]);
 
         $url = ($this->config->useSsl ? 'https://' : 'http://') . $this->endpoint;
 
-        $response = $client->request('POST', $url, array(
+        $response = $client->request($method, $url, array(
             'multipart' => array(
                 array(
                     'name' => 'policy',
                     'contents' => $policy,
                 ),
                 array(
                     'name' => 'authorization',
-                    'contents' => 'UPYUN ' . $this->config->operatorName . ':' . $signature,
+                    'contents' => $signature,
                 ),
                 array(
                     'name' => 'file',
@@ -41,4 +42,4 @@ public function upload($path, $stream, $params) {
         ));
         return $response->getStatusCode() === 200;
     }
-}
+}

src/Upyun/Signature.php

@@ -21,10 +21,10 @@ class Signature {
     const SIGN_VIDEO_NO_OPERATOR   = 3;
 
     /**
-     * 获取 Header 签名
+     * 获取 Header 签名需要的请求头
      *
      * @param Config $bucketConfig
-     * @param $method
+     * @param $method 请求方法
      * @param $path  请求路径
      * @param $contentMd5 文件内容 md5
      *
@@ -33,20 +33,11 @@ class Signature {
     public static function getHeaderSign($bucketConfig, $method, $path, $contentMd5 = null) {
         $gmtDate = gmdate('D, d M Y H:i:s \G\M\T');
 
-        $signParams = array(
-            $method,
-            $path,
-            $gmtDate
-        );
-
-        if ($contentMd5) {
-            $signParams[] = $contentMd5;
-        }
-
-        $sign = self::calcSignature($bucketConfig, $signParams);
+        $policy = null;
+        $sign = self::getBodySignature($bucketConfig, $method, $path, $gmtDate, $policy, $contentMd5);
 
         $headers = array(
-            'Authorization' => "UPYUN {$bucketConfig->operatorName}:$sign",
+            'Authorization' => $sign,
             'Date' => $gmtDate,
             'User-agent' => 'Php-Sdk/' . $bucketConfig->getVersion()
         );
@@ -74,35 +65,32 @@ public static function getPurgeSignHeader(Config $bucketConfig, $urlString) {
     /**
      * 获取表单 API 需要的签名，依据 body 签名规则计算
      * @param Config $bucketConfig
-     * @param $data
+     * @param $method 请求方法
+     * @param $uri 请求路径
+     * @param $date 请求时间
+     * @param $policy
+     * @param $contentMd5 请求 body 的 md5
      *
      * @return array
      */
-    public static function getFormSignature(Config $bucketConfig, $data) {
-        $data['bucket'] = $bucketConfig->bucketName;
-        $policy = Util::base64Json($data);
-        $signParams = array(
-            'method' => 'POST',
-            'uri' => '/' . $bucketConfig->bucketName,
+    public static function getBodySignature(Config $bucketConfig, $method, $uri, $date = null, $policy = null, $contentMd5 = null) {
+        $data = array(
+            $method,
+            $uri
         );
-        if (isset($data['date'])) {
-            $signParams['date'] = $data['date'];
+        if ($date) {
+            $data[] = $date;
         }
 
-        $signParams['policy'] = $policy;
-        if (isset($data['content-md5'])) {
-            $signParams['md5'] = $data['content-md5'];
-        };
-
-        $signature = self::calcSignature($bucketConfig, $signParams);
-        return array(
-            'policy' => $policy,
-            'signature' => $signature
-        );
-    }
+        if ($policy) {
+            $data[] = $policy;
+        }
 
-    private static function calcSignature(Config $bucketConfig, $signParams) {
-        return base64_encode(hash_hmac('sha1', implode('&', $signParams), $bucketConfig->operatorPassword, true));
+        if ($contentMd5) {
+            $data[] = $contentMd5;
+        }
+        $signature = base64_encode(hash_hmac('sha1', implode('&', $data), $bucketConfig->operatorPassword, true));
+        return 'UPYUN ' . $bucketConfig->operatorName . ':' . $signature;
     }
 
     public static function getSignature(Config $bucketConfig, $data, $type, $tokenSecret = '') {

tests/SignatureTest.php

@@ -19,15 +19,8 @@ public function testGetSignature() {
         $this->assertEquals($sign , '2aa0afd612df8fab4b3fded36c396234');
     }
 
-    public function testGetFormSignature() {
-        $config = new Config('upyun-temp', 'upyun', 'upyun520');
-        $sign = Signature::getFormSignature($config, array(
-            'save-key' => '/demo.jpg',
-            'expiration' => '1478674618',
-            'date' => 'Wed, 9 Nov 2016 14:26:58 GMT',
-            'content-md5' => '7ac66c0f148de9519b8bd264312c4d64'
-        ));
-        $this->assertEquals($sign['policy'], 'eyJzYXZlLWtleSI6Ii9kZW1vLmpwZyIsImV4cGlyYXRpb24iOiIxNDc4Njc0NjE4IiwiZGF0ZSI6IldlZCwgOSBOb3YgMjAxNiAxNDoyNjo1OCBHTVQiLCJjb250ZW50LW1kNSI6IjdhYzY2YzBmMTQ4ZGU5NTE5YjhiZDI2NDMxMmM0ZDY0IiwiYnVja2V0IjoidXB5dW4tdGVtcCJ9');
-        $this->assertEquals($sign['signature'], 'aWqUna7XpJ3mJ6Clz6AMeay++Qk=');
+    public function testGetBodySignature() {
+        $sign = Signature::getBodySignature($this->config, 'POST', '/bucket');
+        $this->assertEquals($sign, 'UPYUN operator:Xx3G6+DAvUyCL2Y2npSW/giTFI8=');
     }
 }