Merge pull request #307 from tencentyun/feature_jojoliang_7228e310

Feature jojoliang 7228e310

Author: agin719

auth.go

@@ -328,6 +328,10 @@ func isSignHeader(key string) bool {
 	return strings.HasPrefix(key, privateHeaderPrefix)
 }
 
+type TransportIface interface {
+	GetCredential() (string, string, string, error)
+}
+
 // AuthorizationTransport 给请求增加 Authorization header
 type AuthorizationTransport struct {
 	SecretID     string
@@ -349,17 +353,17 @@ func (t *AuthorizationTransport) SetCredential(ak, sk, token string) {
 }
 
 // GetCredential get the ak, sk, token
-func (t *AuthorizationTransport) GetCredential() (string, string, string) {
+func (t *AuthorizationTransport) GetCredential() (string, string, string, error) {
 	t.rwLocker.RLock()
 	defer t.rwLocker.RUnlock()
-	return t.SecretID, t.SecretKey, t.SessionToken
+	return t.SecretID, t.SecretKey, t.SessionToken, nil
 }
 
 // RoundTrip implements the RoundTripper interface.
 func (t *AuthorizationTransport) RoundTrip(req *http.Request) (*http.Response, error) {
 	req = cloneRequest(req) // per RoundTrip contract
 
-	ak, sk, token := t.GetCredential()
+	ak, sk, token, _ := t.GetCredential()
 	if strings.HasPrefix(ak, " ") || strings.HasSuffix(ak, " ") {
 		return nil, fmt.Errorf("SecretID is invalid")
 	}
@@ -508,6 +512,10 @@ type CredentialTransport struct {
 	Credential CredentialIface
 }
 
+func (t *CredentialTransport) GetCredential() (string, string, string, error) {
+	return t.Credential.GetSecretId(), t.Credential.GetSecretKey(), t.Credential.GetToken(), nil
+}
+
 func (t *CredentialTransport) RoundTrip(req *http.Request) (*http.Response, error) {
 	ak, sk, token := t.Credential.GetSecretId(), t.Credential.GetSecretKey(), t.Credential.GetToken()
 

auth_test.go

@@ -57,7 +57,17 @@ func TestAuthorizationTransport(t *testing.T) {
 	client.client.Transport = auth
 	req, _ := http.NewRequest("GET", client.BaseURL.BucketURL.String(), nil)
 	client.doAPI(context.Background(), req, nil, true)
-	client.GetCredential()
+	cred := client.GetCredential()
+	if cred == nil {
+		t.Error("GetCredential return nil")
+	}
+	if cred.SecretID != "ak" || cred.SecretKey != "sk" || cred.SessionToken != "token" {
+		t.Errorf("GetCredential return %v, want %v", cred, &Credential{
+			SecretID:     "ak",
+			SecretKey:    "sk",
+			SessionToken: "token",
+		})
+	}
 }
 
 func TestAuthorizationTransportErr(t *testing.T) {
@@ -157,17 +167,35 @@ func TestCVMCredentialTransport(t *testing.T) {
 	client.client.Transport = &CVMCredentialTransport{}
 	req, _ := http.NewRequest("GET", client.BaseURL.BucketURL.String(), nil)
 	client.doAPI(context.Background(), req, nil, true)
+	cred := client.GetCredential()
+	if cred == nil {
+		t.Errorf("CVMCredentialTransport GetCredential error, return: %v", cred)
+	}
+	if cred.SecretID != ak || cred.SecretKey != sk || cred.SessionToken != token {
+		t.Errorf("CVMCredentialTransport GetCredential error, return: %v", *cred)
+	}
 
 	req, _ = http.NewRequest("GET", client.BaseURL.BucketURL.String(), nil)
 	client.doAPI(context.Background(), req, nil, true)
-	client.GetCredential()
-
+	cred = client.GetCredential()
+	if cred == nil {
+		t.Errorf("CVMCredentialTransport GetCredential error, return: %v", cred)
+	}
+	if cred.SecretID != ak || cred.SecretKey != sk || cred.SessionToken != token {
+		t.Errorf("CVMCredentialTransport GetCredential error, return: %v", *cred)
+	}
 	client.client.Transport = &CVMCredentialTransport{
 		Transport: http.DefaultTransport,
 	}
 	req, _ = http.NewRequest("GET", client.BaseURL.BucketURL.String(), nil)
 	client.doAPI(context.Background(), req, nil, true)
-	client.GetCredential()
+	cred = client.GetCredential()
+	if cred == nil {
+		t.Errorf("CVMCredentialTransport GetCredential error, return: %v", cred)
+	}
+	if cred.SecretID != ak || cred.SecretKey != sk || cred.SessionToken != token {
+		t.Errorf("CVMCredentialTransport GetCredential error, return: %v", *cred)
+	}
 }
 
 func TestCVMCredentialTransportErr(t *testing.T) {
@@ -307,16 +335,27 @@ func TestCredentialTransport(t *testing.T) {
 	}
 	req, _ := http.NewRequest("GET", client.BaseURL.BucketURL.String(), nil)
 	client.doAPI(context.Background(), req, nil, true)
-	client.GetCredential()
+	cred := client.GetCredential()
+	if cred == nil {
+		t.Error("GetCredential failed")
+	}
+	if cred.SecretID != "test" || cred.SecretKey != "test" || cred.SessionToken != "" {
+		t.Errorf("GetCredential failed, return: %v", *cred)
+	}
 
 	client.client.Transport = &CredentialTransport{
 		Credential: NewTokenCredential("test", "test", ""),
 		Transport:  http.DefaultTransport,
 	}
 	req, _ = http.NewRequest("GET", client.BaseURL.BucketURL.String(), nil)
 	client.doAPI(context.Background(), req, nil, true)
-	client.GetCredential()
-
+	cred = client.GetCredential()
+	if cred == nil {
+		t.Error("GetCredential failed")
+	}
+	if cred.SecretID != "test" || cred.SecretKey != "test" || cred.SessionToken != "" {
+		t.Errorf("GetCredential failed, return: %v", *cred)
+	}
 }
 
 func TestStsCredentialTransport(t *testing.T) {
@@ -387,6 +426,13 @@ func TestStsCredentialTransport(t *testing.T) {
 	if err != nil {
 		t.Errorf("doAPI failed: %v", err)
 	}
+	cred := client.GetCredential()
+	if cred == nil {
+		t.Errorf("GetCredential error, return nil")
+	}
+	if cred.SecretID != ak || cred.SecretKey != sk || cred.SessionToken != token {
+		t.Errorf("GetCredential error, return:%v", *cred)
+	}
 
 	_, err = client.doAPI(context.Background(), req, nil, true)
 	if err != nil {
@@ -418,7 +464,6 @@ func TestStsCredentialTransport(t *testing.T) {
 	if err != nil {
 		t.Errorf("doAPI failed: %v", err)
 	}
-
 }
 
 func TestStsCredentialTransportErr(t *testing.T) {

cos.go

@@ -236,16 +236,7 @@ type Credential struct {
 }
 
 func (c *Client) GetCredential() *Credential {
-	if auth, ok := c.client.Transport.(*AuthorizationTransport); ok {
-		auth.rwLocker.Lock()
-		defer auth.rwLocker.Unlock()
-		return &Credential{
-			SecretID:     auth.SecretID,
-			SecretKey:    auth.SecretKey,
-			SessionToken: auth.SessionToken,
-		}
-	}
-	if auth, ok := c.client.Transport.(*CVMCredentialTransport); ok {
+	if auth, ok := c.client.Transport.(TransportIface); ok {
 		ak, sk, token, err := auth.GetCredential()
 		if err != nil {
 			return nil
@@ -256,14 +247,6 @@ func (c *Client) GetCredential() *Credential {
 			SessionToken: token,
 		}
 	}
-	if auth, ok := c.client.Transport.(*CredentialTransport); ok {
-		ak, sk, token := auth.Credential.GetSecretId(), auth.Credential.GetSecretKey(), auth.Credential.GetToken()
-		return &Credential{
-			SecretID:     ak,
-			SecretKey:    sk,
-			SessionToken: token,
-		}
-	}
 	return nil
 }
 

example/object/getByPresignedURL.go

@@ -59,6 +59,7 @@ func main() {
 	ctx := context.Background()
 
 	// Get presigned
+	// http Method需要和实际http请求一致，如PUT请求设置成http.MethodPut，GET请求设置成http.MethodGet
 	presignedURL, err := c.Object.GetPresignedURL(ctx, http.MethodGet, name, ak, sk, time.Hour, nil)
 	logStatus(err)
 	fmt.Println(presignedURL.String())

example/object/getByPresignedURL2.go

@@ -28,6 +28,7 @@ func main() {
 	ctx := context.Background()
 
 	// 获取预签名
+	// http Method需要和实际http请求一致，如PUT请求设置成http.MethodPut，GET请求设置成http.MethodGet
 	presignedURL, err := c.Object.GetPresignedURL2(ctx, http.MethodPut, name, time.Hour, nil)
 	if err != nil {
 		fmt.Printf("Error: %v\n", err)

example/object/presigned_url_with_token.go

@@ -25,12 +25,12 @@ func main() {
 	u, _ := url.Parse("https://test-1259654469.cos.ap-guangzhou.myqcloud.com")
 	b := &cos.BaseURL{BucketURL: u}
 	c := cos.NewClient(b, &http.Client{})
-
-	name := "exampleobject"
+	name := "xx/../exampleobject"
 	ctx := context.Background()
 
 	// 方法1 通过 tag 设置 x-cos-security-token
 	// Get presigned
+	// http Method需要和实际http请求一致，如PUT请求设置成http.MethodPut，GET请求设置成http.MethodGet
 	presignedURL, err := c.Object.GetPresignedURL(ctx, http.MethodGet, name, tak, tsk, time.Hour, token)
 	if err != nil {
 		fmt.Printf("Error: %v\n", err)
@@ -45,6 +45,7 @@ func main() {
 	}
 	opt.Query.Add("x-cos-security-token", "<token>")
 	// Get presigned
+	// http Method需要和实际http请求一致，如PUT请求设置成http.MethodPut，GET请求设置成http.MethodGet
 	presignedURL, err = c.Object.GetPresignedURL(ctx, http.MethodGet, name, tak, tsk, time.Hour, opt)
 	if err != nil {
 		fmt.Printf("Error: %v\n", err)

object.go

@@ -2060,7 +2060,7 @@ func (s *ObjectService) PutFromURL(ctx context.Context, name string, downloadURL
 			}
 			if err != nil {
 				isErr = true
-				return nil, nil, err
+				return nil, nil, fmt.Errorf("url download failed: %v", err)
 			}
 		}
 		if partChannel == nil && errChannel == nil {