u-sdk 0.6.3

Some useful SDKs
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365

use crate::oss::Error;
use crate::oss::sign_v4::{HTTPVerb, SignV4Param, generate_v4_signature, sign_v4};
use base64::{Engine, engine::general_purpose};
use md5::{Digest, Md5};
use reqwest::header::{HeaderMap, HeaderName, HeaderValue};
use serde::de::DeserializeOwned;
use serde_json::{Map, Value};
use std::collections::{BTreeMap, BTreeSet, HashMap};
use std::path::Path;
use time::macros::format_description;
use tokio::io::AsyncReadExt;
use u_sdk_common::helper::gmt_format;
use url::Url;

pub fn utc_date_str(date_time: &time::OffsetDateTime) -> String {
    date_time
        .to_utc()
        .format(format_description!("[year][month][day]"))
        .unwrap()
}
pub fn utc_date_time_str(date_time: &time::OffsetDateTime) -> String {
    date_time
        .to_utc()
        .format(format_description!(
            "[year][month][day]T[hour][minute][second]Z"
        ))
        .unwrap()
}

pub fn get_content_md5(bytes: &[u8]) -> String {
    use md5::{Digest, Md5};

    let mut hasher = Md5::new();
    hasher.update(bytes);
    let res = hasher.finalize();

    general_purpose::STANDARD.encode(res)
}

pub fn hmac_sha256_bytes(key: &[u8], msg: &str) -> Vec<u8> {
    use hmac::{Hmac, Mac};
    use sha2::Sha256;

    let mut mac = Hmac::<Sha256>::new_from_slice(key).unwrap();
    mac.update(msg.as_bytes());
    let result = mac.finalize();
    result.into_bytes().to_vec()
}

#[test]
fn get_content_md5_test() {
    let s = get_content_md5(b"0123456789");
    assert_eq!(&s, "eB5eJF1ptWaXm4bijSPyxw==")
}

// TODO 这个到时后要和`common-lib/src/helper.rs`的合并
pub(crate) fn into_request_header(map: HashMap<&str, &str>) -> HeaderMap {
    map.into_iter()
        .map(|(k, v)| {
            let name = HeaderName::from_bytes(k.as_bytes()).unwrap();
            let value = HeaderValue::from_bytes(v.as_bytes()).unwrap();
            (name, value)
        })
        .collect()
}

pub(crate) async fn into_request_failed_error(resp: reqwest::Response) -> Error {
    let status = resp.status();
    let body = resp.text().await;
    match body {
        Ok(text) => Error::RequestAPIFailed {
            status: status.to_string(),
            text,
        },
        Err(e) => Error::Reqwest(e),
    }
}

// TODO 放到common-lib中供全局使用
pub(crate) async fn parse_xml_response<T: DeserializeOwned>(
    resp: reqwest::Response,
) -> Result<T, Error> {
    let status = resp.status();

    if !status.is_success() {
        return Err(into_request_failed_error(resp).await);
    }

    let text = resp.text().await?;
    let data = quick_xml::de::from_str(&text)
        .map_err(|e| Error::Common(format!("XML parse error: {}", e)))?;
    Ok(data)
}

// 用 buffer 读文件并计算MD5
pub(crate) async fn compute_md5_from_file(path: &Path) -> Result<String, Error> {
    let mut file = tokio::fs::File::open(path).await?;
    let mut hasher = Md5::new();
    // 放到堆上并初始化
    let mut buf = vec![0u8; 64 * 1024]; // 64KB buffer

    loop {
        let n = file.read(&mut buf).await?;
        if n == 0 {
            break;
        }
        hasher.update(&buf[..n]);
    }

    let result = hasher.finalize();
    Ok(general_purpose::STANDARD.encode(result))
}

pub(crate) fn validate_object_name(name: &str) -> Result<(), Error> {
    // 1. 长度检查
    let len = name.len();
    if len == 0 {
        return Err(Error::Common("object_name cannot be empty".to_owned()));
    }
    if len > 1023 {
        return Err(Error::Common(
            "object_name is too long, max is 1023 bytes".to_owned(),
        ));
    }

    // 2. 前缀检查
    if let Some(first) = name.chars().next()
        && (first == '/' || first == '\\')
    {
        return Err(Error::Common(
            "object_name cannot start with '/' or '\\'".to_owned(),
        ));
    }

    // 3. 控制字符检查
    if name.bytes().any(|b| b == b'\r' || b == b'\n') {
        return Err(Error::Common(
            "object_name cannot contain control characters".to_owned(),
        ));
    }

    // 4. 空路径段检查:先 split,再忽略末尾因 '/' 产生的空段,再拒绝中间任何空字符串
    let segments: Vec<&str> = name.split('/').collect();
    let to_check = if name.ends_with('/') {
        &segments[..segments.len().saturating_sub(1)]
    } else {
        &segments[..]
    };
    if to_check.iter().any(|seg| seg.is_empty()) {
        return Err(Error::Common(
            "object_name cannot contain empty path segments".to_owned(),
        ));
    }

    // 5. 相对路径段检查
    for segment in to_check {
        if *segment == "." || *segment == ".." {
            return Err(Error::Common(
                "object_name cannot contain relative path segments '.' or '..'".to_owned(),
            ));
        }
    }

    Ok(())
}

#[test]
fn validate_object_name_test() {
    // 合法示例:长度、前缀、末尾斜杠、普通子目录、UTF-8 字符
    assert!(validate_object_name("exampleobject.txt").is_ok());
    assert!(validate_object_name("dir/subdir/file_测试-01.log").is_ok());
    assert!(validate_object_name("a/b").is_ok());
    assert!(validate_object_name("a/b/").is_ok());

    // 非法示例:长度为 0、超过 1023 字节
    assert!(validate_object_name("").is_err());
    assert!(validate_object_name(&"a".repeat(1024)).is_err());

    // 非法示例:前缀以 '/' 或 '\' 开头
    assert!(validate_object_name("/badname").is_err());
    assert!(validate_object_name("\\badname").is_err());

    // 非法示例:包含控制字符
    assert!(validate_object_name("bad\r\nname").is_err());

    // 非法示例:连续斜杠导致的空路径段
    assert!(validate_object_name("a//abc").is_err());
    assert!(validate_object_name("x/y//z").is_err());

    // 非法示例:相对路径段 '.' 或 '..'
    assert!(validate_object_name("./abc").is_err());
    assert!(validate_object_name("../abc").is_err());
    assert!(validate_object_name("abc/./def").is_err());
    assert!(validate_object_name("abc/../def").is_err());
}

pub(crate) fn get_request_header(
    access_key_id: &str,
    access_key_secret: &str,
    req_header_map: HashMap<String, String>,
    request_url: &Url,
    http_verb: HTTPVerb,
    signing_region: &str,
    bucket: Option<&str>,
) -> HeaderMap {
    // 把需要签名的header和不需要签名的header分开
    let (sign_map, remaining_map) = partition_header(req_header_map);

    // 创建CanonicalHeaders,把所有需要签名的header放到CanonicalHeader中
    let mut canonical_header = BTreeMap::new();
    canonical_header.extend(sign_map.iter().map(|(k, v)| (k.as_str(), v.as_str())));

    // x-oss-content-sha256是必须存在且值固定
    canonical_header.insert("x-oss-content-sha256", "UNSIGNED-PAYLOAD");
    // host为addition_header中指定的需要额外添加到签名计算中的参数
    canonical_header.insert("host", request_url.host_str().unwrap());

    // 添加host到additional_header,因为canonical_header中把host也参与签名计算了
    let mut additional_header = BTreeSet::new();
    additional_header.insert("host");
    let now = time::OffsetDateTime::now_utc();
    let sign_v4_param = SignV4Param {
        signing_region,
        http_verb,
        uri: request_url,
        bucket,
        header_map: &canonical_header,
        additional_header: Some(&additional_header),
        date_time: &now,
    };
    let authorization = sign_v4(access_key_id, access_key_secret, sign_v4_param);

    // 把canonical_header转化为最终的header,补齐剩下的未参与签名计算的header
    // 包括:剩下必要的公共请求头,api header中的非签名字段
    let mut header = canonical_header.into_iter().collect::<HashMap<_, _>>();
    header.insert("Authorization", &authorization);
    let gmt = gmt_format(&now);
    header.insert("Date", &gmt);
    header.extend(remaining_map.iter().map(|(k, v)| (k.as_str(), v.as_str())));
    into_request_header(header)
}

pub(crate) fn get_date_str(data: &time::OffsetDateTime) -> String {
    let date_format = format_description!("[year][month][day]");
    data.format(&date_format).unwrap()
}

pub(crate) fn get_date_time_str(data: &time::OffsetDateTime) -> String {
    let data_time_format = format_description!("[year][month][day]T[hour][minute][second]Z");
    data.format(&data_time_format).unwrap()
}

pub(crate) struct PresignParams<'a> {
    pub access_key_id: &'a str,
    pub access_key_secret: &'a str,
    pub header_map: HashMap<String, String>,
    pub presigned_url: Url,
    pub http_verb: HTTPVerb,
    pub url_expires: i32,
    pub bucket: &'a str,
    pub signing_region: &'a str,
}

pub(crate) fn generate_presigned_url(mut params: PresignParams<'_>) -> String {
    let (header_map, remaining_map) = partition_header(params.header_map);
    let mut canonical_header = BTreeMap::new();
    canonical_header.extend(header_map.iter().map(|(k, v)| (k.as_str(), v.as_str())));
    let host = params.presigned_url.host_str().unwrap().to_owned();
    canonical_header.insert("host", host.as_str());

    let mut additional_header = BTreeSet::new();
    additional_header.insert("host");

    for (k, v) in &remaining_map {
        canonical_header.insert(k.as_str(), v.as_str());
        additional_header.insert(k.as_str());
    }

    let now = time::OffsetDateTime::now_utc();
    // 添加参与签名计算的query
    params
        .presigned_url
        .query_pairs_mut()
        .append_pair("x-oss-signature-version", "OSS4-HMAC-SHA256")
        .append_pair(
            "x-oss-credential",
            &format!(
                "{}/{}/{}/oss/aliyun_v4_request",
                params.access_key_id,
                &get_date_str(&now),
                params.signing_region
            ),
        )
        .append_pair("x-oss-date", &get_date_time_str(&now))
        .append_pair("x-oss-expires", &params.url_expires.to_string())
        .append_pair(
            "x-oss-additional-headers",
            additional_header
                .iter()
                .cloned()
                .collect::<Vec<&str>>()
                .join(";")
                .as_str(),
        )
        .finish();

    let sign_v4_param = SignV4Param {
        signing_region: params.signing_region,
        http_verb: params.http_verb,
        uri: &params.presigned_url,
        bucket: Some(params.bucket),
        header_map: &canonical_header,
        additional_header: Some(&additional_header),
        date_time: &now,
    };
    let signature = generate_v4_signature(params.access_key_secret, sign_v4_param);
    // 补上不参与签名计算的query
    params
        .presigned_url
        .query_pairs_mut()
        .append_pair("x-oss-signature", &signature)
        .finish();

    params.presigned_url.to_string()
}

// 将Header分为需要参与签名的Header和剩余Header
fn partition_header(
    header_map: HashMap<String, String>,
) -> (HashMap<String, String>, HashMap<String, String>) {
    let mut sign_map = HashMap::new();
    let mut remaining_map = HashMap::new();
    for (k, v) in header_map {
        let k = k.to_lowercase();
        if k == "content-type" || k == "content-md5" || k.starts_with("x-oss-") {
            sign_map.insert(k, v);
        } else {
            remaining_map.insert(k, v);
        }
    }
    (sign_map, remaining_map)
}

pub(crate) fn parse_get_object_response_header<T: DeserializeOwned>(
    header: &HeaderMap,
) -> (T, HashMap<String, String>) {
    let mut map = Map::new();
    let mut custom_meta_map = HashMap::new();
    for (name, val) in header {
        let name_s = name.as_str();
        if let Ok(s) = val.to_str() {
            if name_s.starts_with("x-oss-meta-") {
                custom_meta_map.insert(
                    name_s.trim_start_matches("x-oss-meta-").to_string(),
                    s.to_string(),
                );
            } else {
                map.insert(name_s.to_string(), Value::String(s.to_string()));
            }
        }
    }

    let response_header = serde_json::from_value::<T>(Value::Object(map)).unwrap();
    (response_header, custom_meta_map)
}