support signature v4

---------

Co-authored-by: yangpeng <[email protected]>

Author: huiguangjun

src/OSS/Core/OssUtil.php

@@ -531,4 +531,13 @@ public static function decodeKey($key, $encoding)
             throw new OssException("Unrecognized encoding type: " . $encoding);
         }
     }
+
+    public static function unparseUrl($parsed_url) {
+        $scheme   = isset($parsed_url['scheme']) ? $parsed_url['scheme'] . '://' : '';
+        $host     = isset($parsed_url['host']) ? $parsed_url['host'] : '';
+        $port     = isset($parsed_url['port']) ? ':' . $parsed_url['port'] : '';
+        $path     = isset($parsed_url['path']) ? $parsed_url['path'] : '';
+        $query    = isset($parsed_url['query']) ? '?' . $parsed_url['query'] : '';
+        return "$scheme$host$port$path$query";
+    }
 }

src/OSS/OssClient.php

@@ -7,7 +7,7 @@
 class CreateBucketCnameTokenResult extends Result
 {
     /**
-     * @return CnameConfig
+     * @return CnameTokenInfo
      */
     protected function parseDataFromResponse()
     {

src/OSS/Result/CreateBucketCnameTokenResult.php

@@ -16,7 +16,7 @@ class GetBucketInfoResult extends Result
     /**
      * Parse data from response
      * 
-     * @return string
+     * @return BucketInfo
      * @throws OssException
      */
     protected function parseDataFromResponse()

src/OSS/Result/GetBucketInfoResult.php

@@ -7,7 +7,7 @@
 class GetLiveChannelHistoryResult extends Result
 {
     /**
-     * @return
+     * @return GetLiveChannelHistory
      */
     protected function parseDataFromResponse()
     {

src/OSS/Result/GetLiveChannelHistoryResult.php

@@ -7,7 +7,7 @@
 class GetLiveChannelInfoResult extends Result
 {
     /**
-     * @return
+     * @return GetLiveChannelInfo
      */
     protected function parseDataFromResponse()
     {

src/OSS/Result/GetLiveChannelInfoResult.php

@@ -2,6 +2,7 @@
 
 namespace OSS\Result;
 
+use OSS\Core\OssException;
 use OSS\Core\OssUtil;
 use OSS\Model\ObjectVersionInfo;
 use OSS\Model\ObjectVersionListInfo;
@@ -17,11 +18,12 @@ class ListObjectVersionsResult extends Result
     /**
      * Parse the xml data returned by the ListObjectVersions interface
      *
-     * return ObjectVersionListInfo
+     * @return ObjectVersionListInfo
+     * @throws OssException
      */
     protected function parseDataFromResponse()
     {
-        $xml = simplexml_load_string($this->rawResponse->body); 
+        $xml = simplexml_load_string($this->rawResponse->body);
         $encodingType = isset($xml->EncodingType) ? strval($xml->EncodingType) : "";
         $objectVersionList = $this->parseObjecVersionList($xml, $encodingType);
         $deleteMarkerList = $this->parseDeleteMarkerList($xml, $encodingType);
@@ -40,8 +42,8 @@ protected function parseDataFromResponse()
         $delimiter = OssUtil::decodeKey($delimiter, $encodingType);
         $isTruncated = isset($xml->IsTruncated) ? strval($xml->IsTruncated) : "";
 
-        return new ObjectVersionListInfo($bucketName, $prefix, $keyMarker, $nextKeyMarker, 
-            $versionIdMarker, $nextVersionIdMarker,$maxKeys, $delimiter, $isTruncated,
+        return new ObjectVersionListInfo($bucketName, $prefix, $keyMarker, $nextKeyMarker,
+            $versionIdMarker, $nextVersionIdMarker, $maxKeys, $delimiter, $isTruncated,
             $objectVersionList, $deleteMarkerList, $prefixList);
     }
 

src/OSS/Result/ListObjectVersionsResult.php

@@ -2,6 +2,7 @@
 
 namespace OSS\Result;
 
+use OSS\Core\OssException;
 use OSS\Core\OssUtil;
 use OSS\Model\ObjectInfo;
 use OSS\Model\ObjectListInfo;
@@ -16,7 +17,8 @@ class ListObjectsResult extends Result
     /**
      * Parse the xml data returned by the ListObjects interface
      *
-     * return ObjectListInfo
+     * @return ObjectListInfo
+     * @throws OssException
      */
     protected function parseDataFromResponse()
     {

src/OSS/Result/ListObjectsResult.php

@@ -2,6 +2,7 @@
 
 namespace OSS\Result;
 
+use OSS\Core\OssException;
 use OSS\Core\OssUtil;
 use OSS\Model\ObjectInfo;
 use OSS\Model\ObjectListInfoV2;
@@ -16,7 +17,8 @@ class ListObjectsV2Result extends Result
     /**
      * Parse the xml data returned by the ListObjectsV2 interface
      *
-     * return ObjectListInfoV2
+     * @return ObjectListInfoV2
+     * @throws OssException
      */
     protected function parseDataFromResponse()
     {
@@ -34,7 +36,7 @@ protected function parseDataFromResponse()
         $continuationToken = isset($xml->ContinuationToken) ? strval($xml->ContinuationToken) : "";
         $nextContinuationToken = isset($xml->NextContinuationToken) ? strval($xml->NextContinuationToken) : "";
         $startAfter = isset($xml->StartAfter) ? strval($xml->StartAfter) : "";
-        $startAfter =  OssUtil::decodeKey($startAfter, $encodingType);
+        $startAfter = OssUtil::decodeKey($startAfter, $encodingType);
         $keyCount = isset($xml->KeyCount) ? intval($xml->KeyCount) : 0;
         return new ObjectListInfoV2($bucketName, $prefix, $maxKeys, $delimiter, $isTruncated, $objectList, $prefixList, $continuationToken, $nextContinuationToken, $startAfter, $keyCount);
     }

src/OSS/Result/ListObjectsV2Result.php

@@ -0,0 +1,12 @@
+<?php
+namespace OSS\Signer;
+
+use OSS\Http\RequestCore;
+use OSS\Credentials\Credentials;
+
+interface SignerInterface
+{
+    public function sign(RequestCore $request, Credentials $credentials, array &$options);
+
+    public function presign(RequestCore $request, Credentials $credentials, array &$options);
+}

src/OSS/Signer/SignerInterface.php

@@ -0,0 +1,157 @@
+<?php
+
+namespace OSS\Signer;
+
+use OSS\Core\OssUtil;
+use OSS\Http\RequestCore;
+use OSS\Credentials\Credentials;
+
+class SignerV1 implements SignerInterface
+{
+    public function sign(RequestCore $request, Credentials $credentials, array &$options)
+    {
+        // Date
+        if (!isset($request->request_headers['Date'])) {
+            $request->add_header('Date', gmdate('D, d M Y H:i:s \G\M\T'));
+        }
+        // Credentials information
+        if (strlen($credentials->getSecurityToken()) > 0) {
+            $request->add_header("x-oss-security-token", $credentials->getSecurityToken());
+        }
+        $headers = $request->request_headers;
+        $method = strtoupper($request->method);
+        $date = $headers['Date'];
+        $resourcePath = $this->getResourcePath($options);
+        $queryString = parse_url($request->request_url, PHP_URL_QUERY);
+        $query = array();
+        parse_str($queryString, $query);
+        $stringToSign = $this->calcStringToSign($method, $date, $headers, $resourcePath, $query);
+//        printf("sign str:%s" . PHP_EOL, $stringToSign);
+        $options['string_to_sign'] = $stringToSign;
+        $signature = base64_encode(hash_hmac('sha1', $stringToSign, $credentials->getAccessKeySecret(), true));
+        $request->add_header('Authorization', 'OSS ' . $credentials->getAccessKeyId() . ':' . $signature);
+    }
+
+    public function presign(RequestCore $request, Credentials $credentials, array &$options)
+    {
+        $headers = $request->request_headers;
+        // Date
+        $expiration = $options['expiration'];
+        if (!isset($request->request_headers['Date'])) {
+            $request->add_header('Date', gmdate('D, d M Y H:i:s \G\M\T'));
+        }
+        $parsed_url = parse_url($request->request_url);
+        $queryString = isset($parsed_url['query']) ? $parsed_url['query'] : '';
+        $query = array();
+        parse_str($queryString, $query);
+        // Credentials information
+        if (strlen($credentials->getSecurityToken()) > 0) {
+            $query["security-token"] = $credentials->getSecurityToken();
+        }
+        $method = strtoupper($request->method);
+        $date = $expiration . "";
+        $resourcePath = $this->getResourcePath($options);
+        $stringToSign = $this->calcStringToSign($method, $date, $headers, $resourcePath, $query);
+        $options['string_to_sign'] = $stringToSign;
+        $signature = base64_encode(hash_hmac('sha1', $stringToSign, $credentials->getAccessKeySecret(), true));
+        $query['OSSAccessKeyId'] = $credentials->getAccessKeyId();
+        $query['Expires'] = $date;
+        $query['Signature'] = $signature;
+        $queryString = OssUtil::toQueryString($query);
+        $parsed_url['query'] = $queryString;
+        $request->request_url = OssUtil::unparseUrl($parsed_url);
+    }
+
+    private function getResourcePath(array $options)
+    {
+        $resourcePath = '/';
+        if (strlen($options['bucket']) > 0) {
+            $resourcePath .= $options['bucket'] . '/';
+        }
+        if (strlen($options['key']) > 0) {
+            $resourcePath .= $options['key'];
+        }
+        return $resourcePath;
+    }
+
+    private function calcStringToSign($method, $date, array $headers, $resourcePath, array $query)
+    {
+        /*
+		SignToString =
+			VERB + "\n"
+			+ Content-MD5 + "\n"
+			+ Content-Type + "\n"
+			+ Date + "\n"
+			+ CanonicalizedOSSHeaders
+			+ CanonicalizedResource
+		Signature = base64(hmac-sha1(AccessKeySecret, SignToString))
+	    */
+        $contentMd5 = '';
+        $contentType = '';
+        // CanonicalizedOSSHeaders
+        $signheaders = array();
+        foreach ($headers as $key => $value) {
+            $lowk = strtolower($key);
+            if (strncmp($lowk, "x-oss-", 6) == 0) {
+                $signheaders[$lowk] = $value;
+            } else if ($lowk === 'content-md5') {
+                $contentMd5 = $value;
+            } else if ($lowk === 'content-type') {
+                $contentType = $value;
+            }
+        }
+        ksort($signheaders);
+        $canonicalizedOSSHeaders = '';
+        foreach ($signheaders as $key => $value) {
+            $canonicalizedOSSHeaders .= $key . ':' . $value . "\n";
+        }
+        // CanonicalizedResource
+        $signquery = array();
+        foreach ($query as $key => $value) {
+            if (in_array($key, $this->signKeyList)) {
+                $signquery[$key] = $value;
+            }
+        }
+        ksort($signquery);
+        $sortedQueryList = array();
+        foreach ($signquery as $key => $value) {
+            if (strlen($value) > 0) {
+                $sortedQueryList[] = $key . '=' . $value;
+            } else {
+                $sortedQueryList[] = $key;
+            }
+        }
+        $queryStringSorted = implode('&', $sortedQueryList);
+        $canonicalizedResource = $resourcePath;
+        if (!empty($queryStringSorted)) {
+            $canonicalizedResource .= '?' . $queryStringSorted;
+        }
+        return $method . "\n" . $contentMd5 . "\n" . $contentType . "\n" . $date . "\n" . $canonicalizedOSSHeaders . $canonicalizedResource;
+    }
+
+    private $signKeyList = array(
+        "acl", "uploads", "location", "cors",
+        "logging", "website", "referer", "lifecycle",
+        "delete", "append", "tagging", "objectMeta",
+        "uploadId", "partNumber", "security-token", "x-oss-security-token",
+        "position", "img", "style", "styleName",
+        "replication", "replicationProgress",
+        "replicationLocation", "cname", "bucketInfo",
+        "comp", "qos", "live", "status", "vod",
+        "startTime", "endTime", "symlink",
+        "x-oss-process", "response-content-type", "x-oss-traffic-limit",
+        "response-content-language", "response-expires",
+        "response-cache-control", "response-content-disposition",
+        "response-content-encoding", "udf", "udfName", "udfImage",
+        "udfId", "udfImageDesc", "udfApplication",
+        "udfApplicationLog", "restore", "callback", "callback-var", "qosInfo",
+        "policy", "stat", "encryption", "versions", "versioning", "versionId", "requestPayment",
+        "x-oss-request-payer", "sequential",
+        "inventory", "inventoryId", "continuation-token", "asyncFetch",
+        "worm", "wormId", "wormExtend", "withHashContext",
+        "x-oss-enable-md5", "x-oss-enable-sha1", "x-oss-enable-sha256",
+        "x-oss-hash-ctx", "x-oss-md5-ctx", "transferAcceleration",
+        "regionList", "cloudboxes", "x-oss-ac-source-ip", "x-oss-ac-subnet-mask", "x-oss-ac-vpc-id", "x-oss-ac-forward-allow",
+        "metaQuery", "resourceGroup", "rtc", "x-oss-async-process", "responseHeader"
+    );
+}