@alicloud/pop-core - npm Package Compare versions

Comparing version 1.7.13 to 1.8.0

lib/roa.js

@@ -117,11 +117,26 @@ 'use strict';
     assert(config.apiVersion, 'must pass "config.apiVersion"');
-    assert(config.accessKeyId, 'must pass "config.accessKeyId"');
-    assert(config.accessKeySecret, 'must pass "config.accessKeySecret"');
+    if (config.credentialsProvider) {
+      if (typeof config.credentialsProvider.getCredentials !== 'function') {
+        throw new Error(`must pass "config.credentialsProvider" with function "getCredentials()"`);
+      }
+      this.credentialsProvider = config.credentialsProvider;
+    } else {
+      assert(config.accessKeyId, 'must pass "config.accessKeyId"');
+      assert(config.accessKeySecret, 'must pass "config.accessKeySecret"');
+      this.accessKeyId = config.accessKeyId;
+      this.accessKeySecret = config.accessKeySecret;
+      this.securityToken = config.securityToken;
+      this.credentialsProvider = {
+        getCredentials: async () => {
+          return {
+            accessKeyId: config.accessKeyId,
+            accessKeySecret: config.accessKeySecret,
+            securityToken: config.securityToken,
+          };
+        }
+      };
+    }
 
     this.endpoint = config.endpoint;
-
     this.apiVersion = config.apiVersion;
-    this.accessKeyId = config.accessKeyId;
-    this.accessKeySecret = config.accessKeySecret;
-    this.securityToken = config.securityToken;
     this.host = url.parse(this.endpoint).hostname;
@@ -167,5 +182,27 @@ this.opts = config.opts;
   async request(method, uriPattern, query = {}, body = '', headers = {}, opts = {}) {
+    const credentials = await this.credentialsProvider.getCredentials();
+
+    const now = new Date();
+    var defaultHeaders = {
+      accept: 'application/json',
+      date: now.toGMTString(),
+      host: this.host,
+      'x-acs-signature-nonce': kitx.makeNonce(),
+      'x-acs-version': this.apiVersion,
+      'user-agent': helper.DEFAULT_UA,
+      'x-sdk-client': helper.DEFAULT_CLIENT
+    };
+    if (credentials && credentials.accessKeyId && credentials.accessKeySecret) {
+      defaultHeaders['x-acs-signature-method'] = 'HMAC-SHA1';
+      defaultHeaders['x-acs-signature-version'] = '1.0';
+      if (credentials.securityToken) {
+        defaultHeaders['x-acs-accesskey-id'] = credentials.accessKeyId;
+        defaultHeaders['x-acs-security-token'] = credentials.securityToken;
+      }
+    }
+
+    var mixHeaders = Object.assign(defaultHeaders, keyLowerify(headers));
+
     var postBody = null;
 
-    var mixHeaders = Object.assign(this.buildHeaders(), keyLowerify(headers));
     postBody = Buffer.from(body, 'utf8');
@@ -180,5 +217,9 @@ mixHeaders['content-md5'] = kitx.md5(postBody, 'base64');
 
-    const stringToSign = buildStringToSign(method, uriPattern, mixHeaders, query);
-    debug('stringToSign: %s', stringToSign);
-    mixHeaders['authorization'] = this.buildAuthorization(stringToSign);
+    if (credentials && credentials.accessKeyId && credentials.accessKeySecret) {
+      const stringToSign = buildStringToSign(method, uriPattern, mixHeaders, query);
+      debug('stringToSign: %s', stringToSign);
+      const utf8Buff = Buffer.from(stringToSign, 'utf8');
+      const signature = kitx.sha1(utf8Buff, credentials.accessKeySecret, 'base64');
+      mixHeaders['authorization'] = `acs ${credentials.accessKeyId}:${signature}`;
+    }
 
@@ -185,0 +226,0 @@ const options = Object.assign({

lib/rpc.js

@@ -114,6 +114,26 @@ 'use strict';
     assert(config.apiVersion, 'must pass "config.apiVersion"');
-    assert(config.accessKeyId, 'must pass "config.accessKeyId"');
-    var accessKeySecret = config.secretAccessKey || config.accessKeySecret;
-    assert(accessKeySecret, 'must pass "config.accessKeySecret"');
+    if (config.credentialsProvider) {
+      if (typeof config.credentialsProvider.getCredentials !== 'function') {
+        throw new Error(`must pass "config.credentialsProvider" with function "getCredentials()"`);
+      }
+      this.credentialsProvider = config.credentialsProvider;
+    } else {
+      assert(config.accessKeyId, 'must pass "config.accessKeyId"');
+      var accessKeySecret = config.secretAccessKey || config.accessKeySecret;
+      assert(accessKeySecret, 'must pass "config.accessKeySecret"');
+      this.accessKeyId = config.accessKeyId;
+      this.accessKeySecret = accessKeySecret;
+      this.securityToken = config.securityToken;
+      this.credentialsProvider = {
+        getCredentials: async () => {
+          return {
+            accessKeyId: config.accessKeyId,
+            accessKeySecret: accessKeySecret,
+            securityToken: config.securityToken,
+          };
+        }
+      };
+    }
 
+
     if (config.endpoint.endsWith('/')) {
@@ -125,5 +145,2 @@ config.endpoint = config.endpoint.slice(0, -1);
     this.apiVersion = config.apiVersion;
-    this.accessKeyId = config.accessKeyId;
-    this.accessKeySecret = accessKeySecret;
-    this.securityToken = config.securityToken;
     this.verbose = verbose === true;
@@ -150,2 +167,3 @@ // 非 codes 里的值，将抛出异常
   async request(action, params = {}, opts = {}) {
+    const credentials = await this.credentialsProvider.getCredentials();
     // 1. compose params and opts
@@ -170,16 +188,32 @@ opts = Object.assign({
     }
-    const defaults = this._buildParams();
-    params = Object.assign({Action: action}, defaults, params);
+    const defaultParams = {
+      Format: 'JSON',
+      Timestamp: timestamp(),
+      Version: this.apiVersion,
+    };
+    if (credentials && credentials.accessKeyId && credentials.accessKeySecret) {
+      defaultParams.SignatureMethod = 'HMAC-SHA1';
+      defaultParams.SignatureVersion = '1.0';
+      defaultParams.SignatureNonce = kitx.makeNonce();
+      defaultParams.AccessKeyId = credentials.accessKeyId;
+      if (credentials.securityToken) {
+        defaultParams.SecurityToken = credentials.securityToken;
+      }
+    }
+    params = Object.assign({ Action: action }, defaultParams, params);
 
-    // 2. caculate signature
     const method = (opts.method || 'GET').toUpperCase();
     const normalized = normalize(params);
-    const canonicalized = canonicalize(normalized);
-    // 2.1 get string to sign
-    const stringToSign = `${method}&${encode('/')}&${encode(canonicalized)}`;
-    // 2.2 get signature
-    const key = this.accessKeySecret + '&';
-    const signature = kitx.sha1(stringToSign, key, 'base64');
-    // add signature
-    normalized.push(['Signature', encode(signature)]);
+    // 2. caculate signature
+    if (credentials && credentials.accessKeyId && credentials.accessKeySecret) {
+      const canonicalized = canonicalize(normalized);
+      // 2.1 get string to sign
+      const stringToSign = `${method}&${encode('/')}&${encode(canonicalized)}`;
+      // 2.2 get signature
+      const key = credentials.accessKeySecret + '&';
+      const signature = kitx.sha1(stringToSign, key, 'base64');
+      // add signature
+      normalized.push(['Signature', encode(signature)]);
+    }
+
     // 3. generate final url
@@ -186,0 +220,0 @@ const url = opts.method === 'POST' ? `${this.endpoint}/` : `${this.endpoint}/?${canonicalize(normalized)}`;

package.json

 {
   "name": "@alicloud/pop-core",
-  "version": "1.7.13",
+  "version": "1.8.0",
   "description": "AliCloud POP SDK core",
@@ -12,3 +12,3 @@ "main": "index.js",
     "test-integration": "mocha -R spec test/*.integration.js",
-    "ci": "npm run lint && npm run test-cov && codecov"
+    "ci": "npm run lint && npm run test-cov"
   },
@@ -37,3 +37,2 @@ "keywords": [
   "devDependencies": {
-    "codecov": "^3.0.4",
     "eslint": "^6.6.0",
@@ -60,2 +59,2 @@ "expect.js": "^0.3.1",
   "homepage": "https://github.com/aliyun/openapi-core-nodejs-sdk#readme"
-}
+}

README.md

@@ -36,8 +36,11 @@ # @alicloud/pop-core
 
+## Important Updates
 
+- Starting from version 1.8.0, CredentialsProvider is supported, and the signature logic of internal functions is updated. Developers who change the internal logic for calling need to pay attention to these changes.
+
 ## Online Demo
 
-**[API Developer Portal](https://next.api.aliyun.com)** provides the ability to call the cloud product OpenAPI online, and dynamically generate SDK Example code and quick retrieval interface, which can significantly reduce the difficulty of using the cloud API. **It is highly recommended**.
+**[API Developer Portal](https://api.aliyun.com)** provides the ability to call the cloud product OpenAPI online, and dynamically generate SDK Example code and quick retrieval interface, which can significantly reduce the difficulty of using the cloud API. **It is highly recommended**.
 
-<a href="https://next.api.aliyun.com" target="api_explorer">
+<a href="https://api.aliyun.com" target="api_explorer">
   <img src="https://img.alicdn.com/tfs/TB12GX6zW6qK1RjSZFmXXX0PFXa-744-122.png" width="180" />
@@ -44,0 +47,0 @@ </a>

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

24589

increased by13.64%

Dev dependency count

6

decreased by-14.29%

Lines of code

545

increased by14.98%

Number of lines in readme file

151

increased by2.03%

Worsened metrics

Number of package files

7

decreased by-12.5%

No dependency changes