odps-common

ODPS common libs, include `requestSignature`.

npm install odps-common
2 downloads in the last week
4 downloads in the last month

odps-common status

ODPS common libs, include signature, request.

Install

$ npm install odps-common

Usage

var odpsCommon = require('odps-common');

odpsCommon.sign(request);

消息认证

  • AccessID
  • AccessKey
  • 签名算法: HmacSha1

Request 认证

  • Authorization Header
"Authorization:ODPS" + AccessID + ":" + base64(Signature)
  • Signature
Signature = HmacSha1(AccessKey, VERB + "\n"
  + CONTENT-MD5 + "\n"
  + CONTENT-TYPE + "\n"
  + DATE + "\n"
  + CanonicalizedODPSHeaders + "\n"
  + CanonicalizedResource);

说明:

  • CONTENT-MD5 表示 Request Body 的 MD5 值(MD5 值以十六进制小写字符表示,比如 f4795cee3934d21930823fbf4cabb7e6
  • CONTENT-TYPE 表示 Request 内容的类型
  • DATE 表示此次操作的时间,且必须为 HTTP1.1 中支持的 GMT 格式
  • CanonicalizedODPSHeaders 表示 HTTP 中以 "x-odps-" 为前缀的 HTTP 请求头
  • CanonicalizedResource 表示用户想要访问的ODPS资源 其中,DATECanonicalizedResource 不能为空。

  • CanonicalizedODPSHeaders 的构造方法:

所有以 “x-odps-” 为前缀的 HTTP Header 被称为 CanonicalizedODPSHeaders 。 它的构造方法如下:

  • 将所有以 "x-odps-" 为前缀的 HTTP 请求头的名字转换成小写字母。如 "X-ODPS-Meta-Name: TaoBao" 转换成 "x-odps-meta-name: TaoBao"
  • 将上一步得到的所有 HTTP 请求头按照字典序进行升序排列。
  • 如果有相同名字的请求头,则根据标准 RFC 2616 , 4.2章进行合并(两个值之间只用逗号分隔)。如有两个名为 "x-odps-meta-name" 的请求头,对应的值分别为 "TaoBao "和 "Alipay" ,则合并后为:"x-odps-meta-name:TaoBao,Alipay"
  • 删除请求头和内容之间分隔符两端出现的任何空格。如 "x-odps-meta-name: TaoBao,Alipay" 转换成:"x-odps-meta-name:TaoBao,Alipay"
  • 将所有的头和内容用 "\n" 分隔符分隔拼成最后的 CanonicalizedODPSHeader

CanonicalizedResource 的构造方法:

用户发送请求中想访问的 ODPS 目标资源被称为 CanonicalizedResource 。 它的构建方法如下:

  • CanonicalizedResource 置成空字符串("");
  • 放入要访问的 ODPS 资源:"/projects/proname/tables/tab1"
  • 如果请求的资源包括子资源(sub-resource),那么将所有的子资源按照字典序,从小到大排列并以 "&" 为分隔符生成子资源字符串。在 CanonicalizedResource 字符串尾添加 "?" 和子资源字符串。此时的 CanonicalizedResource 例子如:/projects/proname/tables/tab1?cols=colspec&data&linenum=n&partition=partitionspec
  • 如果用户请求在查询字符串(query string)中指定了要重写(override)返回请求的 Header,那么将这些查询字符串及其请求值按照字典序,从小到大排列,以 "&" 为分隔符,按参数的字典序添加到 CanonicalizedResource 中。此时的 CanonicalizedResource 例子:/projects/proname/tables/tab1?cols=colspec&data&linenum=n&partition=partitionspec&response-content-type=ContentType

签名算法

var signstr = AuthInfo.id+expires+policy;

    var hmac = crypto.createHmac('sha1', AuthInfo.key);
    var signature = hmac.update(signstr).digest('base64');

    var v = Base64.encode(signature+","+AuthInfo.id+","+expires+","+policy);
    if(typeof(fn)=='function') fn(v);
    return v;


if (accessId.length() > 0 && accessKey.length() > 0) {
            String canonicalString = SignUtils.buildCanonicalString(httpMethod, resourcePath, request, null);
            String signature = ServiceSignature.create().computeSignature(accessKey, canonicalString);
            request.setHeader(HttpHeaders.AUTHORIZATION, "ODPS " + accessId + ":" + signature);

        } else if (accessId.length() > 0) {
            request.setHeader(HttpHeaders.AUTHORIZATION, accessId);
        }

请求参数

js

License

(The MIT License)

Copyright (c) 2013 Alibaba Group Holding Limited

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

npm loves you