From 1abf0aea864d3fcd3ae9e6ccae8bbd9af3e6b370 Mon Sep 17 00:00:00 2001 From: Joshua Yin Date: Mon, 24 Dec 2018 16:16:50 +0800 Subject: [PATCH] =?UTF-8?q?=E4=B8=8A=E4=BC=A0Ufile=20SDK=20=E8=BF=9C?= =?UTF-8?q?=E7=A8=8B=E7=AD=BE=E5=90=8D=E6=9C=8D=E5=8A=A1Java=E7=89=88?= =?UTF-8?q?=E6=9C=AC=E6=BA=90=E7=A0=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- LICENSE | 21 -- ufile-auth-server-java/.gitignore | 25 ++ ufile-auth-server-java/LICENSE | 201 ++++++++++++ ufile-auth-server-java/mvnw | 286 ++++++++++++++++++ ufile-auth-server-java/mvnw.cmd | 161 ++++++++++ ufile-auth-server-java/pom.xml | 60 ++++ .../ufile/auth/AuthServerApplication.java | 14 + .../auth/bean/AuthPrivateUrlRequest.java | 49 +++ .../ucloud/ufile/auth/bean/AuthRequest.java | 57 ++++ .../ufile/auth/controller/AuthController.java | 43 +++ .../ufile/auth/service/UfileAuthService.java | 76 +++++ .../cn/ucloud/ufile/auth/util/Encryptor.java | 108 +++++++ .../ufile/auth/util/ParameterValidator.java | 31 ++ .../src/main/resources/application.properties | 0 .../auth/AuthServerApplicationTests.java | 16 + 15 files changed, 1127 insertions(+), 21 deletions(-) delete mode 100644 LICENSE create mode 100644 ufile-auth-server-java/.gitignore create mode 100644 ufile-auth-server-java/LICENSE create mode 100755 ufile-auth-server-java/mvnw create mode 100644 ufile-auth-server-java/mvnw.cmd create mode 100644 ufile-auth-server-java/pom.xml create mode 100644 ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/AuthServerApplication.java create mode 100644 ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/bean/AuthPrivateUrlRequest.java create mode 100644 ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/bean/AuthRequest.java create mode 100644 ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/controller/AuthController.java create mode 100644 ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/service/UfileAuthService.java create mode 100644 ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/util/Encryptor.java create mode 100644 ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/util/ParameterValidator.java create mode 100644 ufile-auth-server-java/src/main/resources/application.properties create mode 100644 ufile-auth-server-java/src/test/java/cn/ucloud/ufile/auth/AuthServerApplicationTests.java diff --git a/LICENSE b/LICENSE deleted file mode 100644 index ab60297..0000000 --- a/LICENSE +++ /dev/null @@ -1,21 +0,0 @@ -MIT License - -Copyright (c) 2018 - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/ufile-auth-server-java/.gitignore b/ufile-auth-server-java/.gitignore new file mode 100644 index 0000000..81a33ed --- /dev/null +++ b/ufile-auth-server-java/.gitignore @@ -0,0 +1,25 @@ +target/ +!.mvn/wrapper/maven-wrapper.jar + +### STS ### +.apt_generated +.classpath +.factorypath +.project +.settings +.springBeans +.sts4-cache + +### IntelliJ IDEA ### +.idea +*.iws +*.iml +*.ipr + +### NetBeans ### +nbproject/private/ +build/ +nbbuild/ +dist/ +nbdist/ +.nb-gradle/ \ No newline at end of file diff --git a/ufile-auth-server-java/LICENSE b/ufile-auth-server-java/LICENSE new file mode 100644 index 0000000..261eeb9 --- /dev/null +++ b/ufile-auth-server-java/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/ufile-auth-server-java/mvnw b/ufile-auth-server-java/mvnw new file mode 100755 index 0000000..5551fde --- /dev/null +++ b/ufile-auth-server-java/mvnw @@ -0,0 +1,286 @@ +#!/bin/sh +# ---------------------------------------------------------------------------- +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# ---------------------------------------------------------------------------- + +# ---------------------------------------------------------------------------- +# Maven2 Start Up Batch script +# +# Required ENV vars: +# ------------------ +# JAVA_HOME - location of a JDK home dir +# +# Optional ENV vars +# ----------------- +# M2_HOME - location of maven2's installed home dir +# MAVEN_OPTS - parameters passed to the Java VM when running Maven +# e.g. to debug Maven itself, use +# set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 +# MAVEN_SKIP_RC - flag to disable loading of mavenrc files +# ---------------------------------------------------------------------------- + +if [ -z "$MAVEN_SKIP_RC" ] ; then + + if [ -f /etc/mavenrc ] ; then + . /etc/mavenrc + fi + + if [ -f "$HOME/.mavenrc" ] ; then + . "$HOME/.mavenrc" + fi + +fi + +# OS specific support. $var _must_ be set to either true or false. +cygwin=false; +darwin=false; +mingw=false +case "`uname`" in + CYGWIN*) cygwin=true ;; + MINGW*) mingw=true;; + Darwin*) darwin=true + # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home + # See https://developer.apple.com/library/mac/qa/qa1170/_index.html + if [ -z "$JAVA_HOME" ]; then + if [ -x "/usr/libexec/java_home" ]; then + export JAVA_HOME="`/usr/libexec/java_home`" + else + export JAVA_HOME="/Library/Java/Home" + fi + fi + ;; +esac + +if [ -z "$JAVA_HOME" ] ; then + if [ -r /etc/gentoo-release ] ; then + JAVA_HOME=`java-config --jre-home` + fi +fi + +if [ -z "$M2_HOME" ] ; then + ## resolve links - $0 may be a link to maven's home + PRG="$0" + + # need this for relative symlinks + while [ -h "$PRG" ] ; do + ls=`ls -ld "$PRG"` + link=`expr "$ls" : '.*-> \(.*\)$'` + if expr "$link" : '/.*' > /dev/null; then + PRG="$link" + else + PRG="`dirname "$PRG"`/$link" + fi + done + + saveddir=`pwd` + + M2_HOME=`dirname "$PRG"`/.. + + # make it fully qualified + M2_HOME=`cd "$M2_HOME" && pwd` + + cd "$saveddir" + # echo Using m2 at $M2_HOME +fi + +# For Cygwin, ensure paths are in UNIX format before anything is touched +if $cygwin ; then + [ -n "$M2_HOME" ] && + M2_HOME=`cygpath --unix "$M2_HOME"` + [ -n "$JAVA_HOME" ] && + JAVA_HOME=`cygpath --unix "$JAVA_HOME"` + [ -n "$CLASSPATH" ] && + CLASSPATH=`cygpath --path --unix "$CLASSPATH"` +fi + +# For Mingw, ensure paths are in UNIX format before anything is touched +if $mingw ; then + [ -n "$M2_HOME" ] && + M2_HOME="`(cd "$M2_HOME"; pwd)`" + [ -n "$JAVA_HOME" ] && + JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" + # TODO classpath? +fi + +if [ -z "$JAVA_HOME" ]; then + javaExecutable="`which javac`" + if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then + # readlink(1) is not available as standard on Solaris 10. + readLink=`which readlink` + if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then + if $darwin ; then + javaHome="`dirname \"$javaExecutable\"`" + javaExecutable="`cd \"$javaHome\" && pwd -P`/javac" + else + javaExecutable="`readlink -f \"$javaExecutable\"`" + fi + javaHome="`dirname \"$javaExecutable\"`" + javaHome=`expr "$javaHome" : '\(.*\)/bin'` + JAVA_HOME="$javaHome" + export JAVA_HOME + fi + fi +fi + +if [ -z "$JAVACMD" ] ; then + if [ -n "$JAVA_HOME" ] ; then + if [ -x "$JAVA_HOME/jre/sh/java" ] ; then + # IBM's JDK on AIX uses strange locations for the executables + JAVACMD="$JAVA_HOME/jre/sh/java" + else + JAVACMD="$JAVA_HOME/bin/java" + fi + else + JAVACMD="`which java`" + fi +fi + +if [ ! -x "$JAVACMD" ] ; then + echo "Error: JAVA_HOME is not defined correctly." >&2 + echo " We cannot execute $JAVACMD" >&2 + exit 1 +fi + +if [ -z "$JAVA_HOME" ] ; then + echo "Warning: JAVA_HOME environment variable is not set." +fi + +CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher + +# traverses directory structure from process work directory to filesystem root +# first directory with .mvn subdirectory is considered project base directory +find_maven_basedir() { + + if [ -z "$1" ] + then + echo "Path not specified to find_maven_basedir" + return 1 + fi + + basedir="$1" + wdir="$1" + while [ "$wdir" != '/' ] ; do + if [ -d "$wdir"/.mvn ] ; then + basedir=$wdir + break + fi + # workaround for JBEAP-8937 (on Solaris 10/Sparc) + if [ -d "${wdir}" ]; then + wdir=`cd "$wdir/.."; pwd` + fi + # end of workaround + done + echo "${basedir}" +} + +# concatenates all lines of a file +concat_lines() { + if [ -f "$1" ]; then + echo "$(tr -s '\n' ' ' < "$1")" + fi +} + +BASE_DIR=`find_maven_basedir "$(pwd)"` +if [ -z "$BASE_DIR" ]; then + exit 1; +fi + +########################################################################################## +# Extension to allow automatically downloading the maven-wrapper.jar from Maven-central +# This allows using the maven wrapper in projects that prohibit checking in binary data. +########################################################################################## +if [ -r "$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" ]; then + if [ "$MVNW_VERBOSE" = true ]; then + echo "Found .mvn/wrapper/maven-wrapper.jar" + fi +else + if [ "$MVNW_VERBOSE" = true ]; then + echo "Couldn't find .mvn/wrapper/maven-wrapper.jar, downloading it ..." + fi + jarUrl="https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.4.2/maven-wrapper-0.4.2.jar" + while IFS="=" read key value; do + case "$key" in (wrapperUrl) jarUrl="$value"; break ;; + esac + done < "$BASE_DIR/.mvn/wrapper/maven-wrapper.properties" + if [ "$MVNW_VERBOSE" = true ]; then + echo "Downloading from: $jarUrl" + fi + wrapperJarPath="$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" + + if command -v wget > /dev/null; then + if [ "$MVNW_VERBOSE" = true ]; then + echo "Found wget ... using wget" + fi + wget "$jarUrl" -O "$wrapperJarPath" + elif command -v curl > /dev/null; then + if [ "$MVNW_VERBOSE" = true ]; then + echo "Found curl ... using curl" + fi + curl -o "$wrapperJarPath" "$jarUrl" + else + if [ "$MVNW_VERBOSE" = true ]; then + echo "Falling back to using Java to download" + fi + javaClass="$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.java" + if [ -e "$javaClass" ]; then + if [ ! -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then + if [ "$MVNW_VERBOSE" = true ]; then + echo " - Compiling MavenWrapperDownloader.java ..." + fi + # Compiling the Java class + ("$JAVA_HOME/bin/javac" "$javaClass") + fi + if [ -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then + # Running the downloader + if [ "$MVNW_VERBOSE" = true ]; then + echo " - Running MavenWrapperDownloader.java ..." + fi + ("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$MAVEN_PROJECTBASEDIR") + fi + fi + fi +fi +########################################################################################## +# End of extension +########################################################################################## + +export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"} +if [ "$MVNW_VERBOSE" = true ]; then + echo $MAVEN_PROJECTBASEDIR +fi +MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS" + +# For Cygwin, switch paths to Windows format before running java +if $cygwin; then + [ -n "$M2_HOME" ] && + M2_HOME=`cygpath --path --windows "$M2_HOME"` + [ -n "$JAVA_HOME" ] && + JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"` + [ -n "$CLASSPATH" ] && + CLASSPATH=`cygpath --path --windows "$CLASSPATH"` + [ -n "$MAVEN_PROJECTBASEDIR" ] && + MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"` +fi + +WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain + +exec "$JAVACMD" \ + $MAVEN_OPTS \ + -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \ + "-Dmaven.home=${M2_HOME}" "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \ + ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@" diff --git a/ufile-auth-server-java/mvnw.cmd b/ufile-auth-server-java/mvnw.cmd new file mode 100644 index 0000000..e5cfb0a --- /dev/null +++ b/ufile-auth-server-java/mvnw.cmd @@ -0,0 +1,161 @@ +@REM ---------------------------------------------------------------------------- +@REM Licensed to the Apache Software Foundation (ASF) under one +@REM or more contributor license agreements. See the NOTICE file +@REM distributed with this work for additional information +@REM regarding copyright ownership. The ASF licenses this file +@REM to you under the Apache License, Version 2.0 (the +@REM "License"); you may not use this file except in compliance +@REM with the License. You may obtain a copy of the License at +@REM +@REM http://www.apache.org/licenses/LICENSE-2.0 +@REM +@REM Unless required by applicable law or agreed to in writing, +@REM software distributed under the License is distributed on an +@REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +@REM KIND, either express or implied. See the License for the +@REM specific language governing permissions and limitations +@REM under the License. +@REM ---------------------------------------------------------------------------- + +@REM ---------------------------------------------------------------------------- +@REM Maven2 Start Up Batch script +@REM +@REM Required ENV vars: +@REM JAVA_HOME - location of a JDK home dir +@REM +@REM Optional ENV vars +@REM M2_HOME - location of maven2's installed home dir +@REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands +@REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a key stroke before ending +@REM MAVEN_OPTS - parameters passed to the Java VM when running Maven +@REM e.g. to debug Maven itself, use +@REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 +@REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files +@REM ---------------------------------------------------------------------------- + +@REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on' +@echo off +@REM set title of command window +title %0 +@REM enable echoing my setting MAVEN_BATCH_ECHO to 'on' +@if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO% + +@REM set %HOME% to equivalent of $HOME +if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%") + +@REM Execute a user defined script before this one +if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre +@REM check for pre script, once with legacy .bat ending and once with .cmd ending +if exist "%HOME%\mavenrc_pre.bat" call "%HOME%\mavenrc_pre.bat" +if exist "%HOME%\mavenrc_pre.cmd" call "%HOME%\mavenrc_pre.cmd" +:skipRcPre + +@setlocal + +set ERROR_CODE=0 + +@REM To isolate internal variables from possible post scripts, we use another setlocal +@setlocal + +@REM ==== START VALIDATION ==== +if not "%JAVA_HOME%" == "" goto OkJHome + +echo. +echo Error: JAVA_HOME not found in your environment. >&2 +echo Please set the JAVA_HOME variable in your environment to match the >&2 +echo location of your Java installation. >&2 +echo. +goto error + +:OkJHome +if exist "%JAVA_HOME%\bin\java.exe" goto init + +echo. +echo Error: JAVA_HOME is set to an invalid directory. >&2 +echo JAVA_HOME = "%JAVA_HOME%" >&2 +echo Please set the JAVA_HOME variable in your environment to match the >&2 +echo location of your Java installation. >&2 +echo. +goto error + +@REM ==== END VALIDATION ==== + +:init + +@REM Find the project base dir, i.e. the directory that contains the folder ".mvn". +@REM Fallback to current working directory if not found. + +set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR% +IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir + +set EXEC_DIR=%CD% +set WDIR=%EXEC_DIR% +:findBaseDir +IF EXIST "%WDIR%"\.mvn goto baseDirFound +cd .. +IF "%WDIR%"=="%CD%" goto baseDirNotFound +set WDIR=%CD% +goto findBaseDir + +:baseDirFound +set MAVEN_PROJECTBASEDIR=%WDIR% +cd "%EXEC_DIR%" +goto endDetectBaseDir + +:baseDirNotFound +set MAVEN_PROJECTBASEDIR=%EXEC_DIR% +cd "%EXEC_DIR%" + +:endDetectBaseDir + +IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig + +@setlocal EnableExtensions EnableDelayedExpansion +for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a +@endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS% + +:endReadAdditionalConfig + +SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe" +set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar" +set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain + +set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.4.2/maven-wrapper-0.4.2.jar" +FOR /F "tokens=1,2 delims==" %%A IN (%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties) DO ( + IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B +) + +@REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central +@REM This allows using the maven wrapper in projects that prohibit checking in binary data. +if exist %WRAPPER_JAR% ( + echo Found %WRAPPER_JAR% +) else ( + echo Couldn't find %WRAPPER_JAR%, downloading it ... + echo Downloading from: %DOWNLOAD_URL% + powershell -Command "(New-Object Net.WebClient).DownloadFile('%DOWNLOAD_URL%', '%WRAPPER_JAR%')" + echo Finished downloading %WRAPPER_JAR% +) +@REM End of extension + +%MAVEN_JAVA_EXE% %JVM_CONFIG_MAVEN_PROPS% %MAVEN_OPTS% %MAVEN_DEBUG_OPTS% -classpath %WRAPPER_JAR% "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %* +if ERRORLEVEL 1 goto error +goto end + +:error +set ERROR_CODE=1 + +:end +@endlocal & set ERROR_CODE=%ERROR_CODE% + +if not "%MAVEN_SKIP_RC%" == "" goto skipRcPost +@REM check for post script, once with legacy .bat ending and once with .cmd ending +if exist "%HOME%\mavenrc_post.bat" call "%HOME%\mavenrc_post.bat" +if exist "%HOME%\mavenrc_post.cmd" call "%HOME%\mavenrc_post.cmd" +:skipRcPost + +@REM pause the script if MAVEN_BATCH_PAUSE is set to 'on' +if "%MAVEN_BATCH_PAUSE%" == "on" pause + +if "%MAVEN_TERMINATE_CMD%" == "on" exit %ERROR_CODE% + +exit /B %ERROR_CODE% diff --git a/ufile-auth-server-java/pom.xml b/ufile-auth-server-java/pom.xml new file mode 100644 index 0000000..1066144 --- /dev/null +++ b/ufile-auth-server-java/pom.xml @@ -0,0 +1,60 @@ + + + 4.0.0 + + cn.ucloud.ufile + auth-server + 0.0.1-DEVELOP + jar + + auth-server + Ufile SDK authroization server + + + org.springframework.boot + spring-boot-starter-parent + 2.1.0.RELEASE + + + + + UTF-8 + UTF-8 + 1.8 + 2.8.5 + + + + + org.springframework.boot + spring-boot-starter-validation + + + org.springframework.boot + spring-boot-starter-web-services + + + + org.springframework.boot + spring-boot-starter-test + test + + + com.google.code.gson + gson + ${dependency.gson.version} + + + + + + + org.springframework.boot + spring-boot-maven-plugin + + + + + + diff --git a/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/AuthServerApplication.java b/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/AuthServerApplication.java new file mode 100644 index 0000000..456a703 --- /dev/null +++ b/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/AuthServerApplication.java @@ -0,0 +1,14 @@ +package cn.ucloud.ufile.auth; + +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.context.annotation.ComponentScan; + +@ComponentScan("cn.ucloud.ufile.auth") +@SpringBootApplication +public class AuthServerApplication { + + public static void main(String[] args) { + SpringApplication.run(AuthServerApplication.class, args); + } +} diff --git a/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/bean/AuthPrivateUrlRequest.java b/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/bean/AuthPrivateUrlRequest.java new file mode 100644 index 0000000..cb6fc22 --- /dev/null +++ b/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/bean/AuthPrivateUrlRequest.java @@ -0,0 +1,49 @@ +package cn.ucloud.ufile.auth.bean; + +import com.google.gson.Gson; + +import javax.validation.constraints.NotEmpty; +import javax.validation.constraints.NotNull; + +/** + * @description: + * @author: joshua + * @E-mail: joshua.yin@ucloud.cn + * @date: 2018-11-29 15:15 + */ +public class AuthPrivateUrlRequest { + @NotEmpty(message = "method is required!") + private String method; + @NotEmpty(message = "bucket is required!") + private String bucket; + @NotEmpty(message = "key is required!") + private String key; + @NotNull(message = "expires is required!") + private Long expires; + private String optional; + + public String getMethod() { + return method; + } + + public String getBucket() { + return bucket; + } + + public String getKey() { + return key; + } + + public long getExpires() { + return expires.longValue(); + } + + public String getOptional() { + return optional; + } + + @Override + public String toString() { + return new Gson().toJson(this); + } +} diff --git a/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/bean/AuthRequest.java b/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/bean/AuthRequest.java new file mode 100644 index 0000000..5926c94 --- /dev/null +++ b/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/bean/AuthRequest.java @@ -0,0 +1,57 @@ +package cn.ucloud.ufile.auth.bean; + +import com.google.gson.Gson; + +import javax.validation.constraints.NotEmpty; + +/** + * @description: + * @author: joshua + * @E-mail: joshua.yin@ucloud.cn + * @date: 2018-11-29 15:15 + */ +public class AuthRequest { + @NotEmpty(message = "method is required!") + private String method; + @NotEmpty(message = "bucket is required!") + private String bucket; + + private String key = ""; + private String content_type = ""; + private String content_md5 = ""; + private String date = ""; + private String optional; + + public String getMethod() { + return method; + } + + public String getBucket() { + return bucket; + } + + public String getKey() { + return key; + } + + public String getContent_type() { + return content_type; + } + + public String getContent_md5() { + return content_md5; + } + + public String getDate() { + return date; + } + + public String getOptional() { + return optional; + } + + @Override + public String toString() { + return new Gson().toJson(this); + } +} diff --git a/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/controller/AuthController.java b/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/controller/AuthController.java new file mode 100644 index 0000000..5247ee8 --- /dev/null +++ b/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/controller/AuthController.java @@ -0,0 +1,43 @@ +package cn.ucloud.ufile.auth.controller; + +import cn.ucloud.ufile.auth.bean.AuthPrivateUrlRequest; +import cn.ucloud.ufile.auth.service.UfileAuthService; +import cn.ucloud.ufile.auth.bean.AuthRequest; +import com.google.gson.Gson; +import com.google.gson.JsonElement; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.*; + +/** + * @description: + * @author: joshua + * @E-mail: joshua.yin@ucloud.cn + * @date: 2018-11-29 10:37 + */ +@Controller("authController") +public class AuthController { + + @Autowired + private UfileAuthService ufileAuthService; + + @RequestMapping(value = "/applyAuth", method = RequestMethod.POST) + @ResponseBody + public String applyAuth(@RequestBody AuthRequest requestBean) { + System.out.println("applyAuth--->\n" + requestBean.toString()); + JsonElement jsonElement = new Gson().fromJson(requestBean.getOptional(), JsonElement.class); + // 您可以根据您的项目需求,处理端传来的Optional参数集合 + System.out.println(jsonElement.toString()); + return ufileAuthService.calculateAuthroization(requestBean); + } + + @RequestMapping(value = "/applyPrivateUrlAuth", method = RequestMethod.POST) + @ResponseBody + public String applyPrivateUrlAuth(@RequestBody AuthPrivateUrlRequest requestBean) { + System.out.println("applyPrivateUrlAuth--->\n" + requestBean.toString()); + JsonElement jsonElement = new Gson().fromJson(requestBean.getOptional(), JsonElement.class); + // 您可以根据您的项目需求,处理端传来的Optional参数集合 + System.out.println(jsonElement.toString()); + return ufileAuthService.calculatePrivateUrlAuthroization(requestBean); + } +} diff --git a/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/service/UfileAuthService.java b/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/service/UfileAuthService.java new file mode 100644 index 0000000..be12b1a --- /dev/null +++ b/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/service/UfileAuthService.java @@ -0,0 +1,76 @@ +package cn.ucloud.ufile.auth.service; + +import cn.ucloud.ufile.auth.bean.AuthPrivateUrlRequest; +import cn.ucloud.ufile.auth.util.ParameterValidator; +import cn.ucloud.ufile.auth.bean.AuthRequest; +import cn.ucloud.ufile.auth.util.Encryptor; +import org.springframework.stereotype.Service; +import sun.security.validator.ValidatorException; + +import java.util.Base64; + + +/** + * @description: + * @author: joshua + * @E-mail: joshua.yin@ucloud.cn + * @date: 2018-11-29 14:20 + */ + +@Service +public class UfileAuthService { + private static final String publicKey = 您的公钥; + private static final String privateKey = 您的私钥; + + public String calculateAuthroization(AuthRequest request) { + try { + ParameterValidator.validator(request); + + StringBuffer signData = new StringBuffer(); + signData.append(request.getMethod() + "\n"); + signData.append(request.getContent_md5() + "\n"); + signData.append(request.getContent_type() + "\n"); + signData.append(request.getDate() + "\n"); + signData.append("/" + request.getBucket()); + signData.append("/" + request.getKey()); + + String signature = signature(privateKey, signData.toString()); + + return "UCloud " + publicKey + ":" + signature; + } catch (ValidatorException e) { + return e.getMessage(); + } catch (Exception e) { + return e.getMessage(); + } + } + + public String calculatePrivateUrlAuthroization(AuthPrivateUrlRequest request) { + try { + ParameterValidator.validator(request); + + StringBuffer signData = new StringBuffer(); + signData.append(request.getMethod() + "\n"); + signData.append("\n"); + signData.append("\n"); + signData.append(request.getExpires() + "\n"); + signData.append("/" + request.getBucket()); + signData.append("/" + request.getKey()); + + return signature(privateKey, signData.toString()); + } catch (ValidatorException e) { + return e.getMessage(); + } catch (Exception e) { + return e.getMessage(); + } + } + + private String signature(String key, String data) throws Exception { + byte[] hmacSha1 = null; + hmacSha1 = Encryptor.Hmac_SHA1(key, data); + + if (hmacSha1 == null || hmacSha1.length == 0) + throw new Exception("Encrypt Hmac-SHA1 failed!"); + + return Base64.getEncoder().encodeToString(hmacSha1); + } +} diff --git a/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/util/Encryptor.java b/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/util/Encryptor.java new file mode 100644 index 0000000..733f0a9 --- /dev/null +++ b/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/util/Encryptor.java @@ -0,0 +1,108 @@ +package cn.ucloud.ufile.auth.util; + +import javax.crypto.Mac; +import javax.crypto.SecretKey; +import javax.crypto.spec.SecretKeySpec; +import java.io.*; +import java.security.InvalidKeyException; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; + +/** + * @description: + * @author: joshua + * @E-mail: joshua.yin@ucloud.cn + * @date: 2018/11/8 10:57 + */ +public class Encryptor { + public final static String TYPE_HMAC_SHA1 = "HmacSHA1"; + public final static String TYPE_SHA1 = "SHA1"; + + /** + * Hmac-SHA1 加密 + * + * @param key 加密秘钥 + * @param data 加密内容 + * @return 加密结果 + * @throws InvalidKeyException + * @throws NoSuchAlgorithmException + * @throws IllegalStateException + */ + public static byte[] Hmac_SHA1(byte[] key, byte[] data) throws NoSuchAlgorithmException, InvalidKeyException, IllegalStateException { + if (key == null || key.length == 0) + return null; + + if (data == null || data.length == 0) + return null; + + byte[] result = null; + SecretKey secret = new SecretKeySpec(key, TYPE_HMAC_SHA1); + Mac mac = Mac.getInstance(TYPE_HMAC_SHA1); + mac.init(secret); + result = mac.doFinal(data); + + return result; + } + + /** + * Hmac-SHA1 加密 + * + * @param key 加密秘钥 + * @param data 加密内容 + * @return 加密结果 + * @throws UnsupportedEncodingException + * @throws InvalidKeyException + * @throws NoSuchAlgorithmException + * @throws IllegalStateException + */ + public static byte[] Hmac_SHA1(String key, String data) throws UnsupportedEncodingException, InvalidKeyException, NoSuchAlgorithmException, IllegalStateException { + if (key == null || key.length() == 0) + return null; + + if (data == null || data.length() == 0) + return null; + + return Hmac_SHA1(key.getBytes("UTF-8"), data.getBytes("UTF-8")); + } + + /** + * SHA1 加密 + * + * @param data 加密内容 + * @return 加密结果 + * @throws NoSuchAlgorithmException + */ + public static byte[] SHA1(byte[] data) throws NoSuchAlgorithmException { + if (data == null || data.length == 0) + return null; + + MessageDigest digest = MessageDigest.getInstance(TYPE_SHA1); + return digest.digest(data); + } + + public static byte[] SHA1(File file) throws NoSuchAlgorithmException, IOException { + if (!file.exists() || !file.isFile()) + return null; + + FileInputStream fis = null; + return SHA1(new FileInputStream(file)); + } + + public static byte[] SHA1(InputStream inputStream) throws NoSuchAlgorithmException, IOException { + if (inputStream == null) + return null; + + MessageDigest sha1 = MessageDigest.getInstance(TYPE_SHA1); + try { + byte[] buff = new byte[64 * 1024]; + int len = 0; + while ((len = inputStream.read(buff)) > 0) + sha1.update(buff, 0, len); + } finally { + if (inputStream != null) + inputStream.close(); + } + + return sha1.digest(); + } +} diff --git a/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/util/ParameterValidator.java b/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/util/ParameterValidator.java new file mode 100644 index 0000000..a25feb2 --- /dev/null +++ b/ufile-auth-server-java/src/main/java/cn/ucloud/ufile/auth/util/ParameterValidator.java @@ -0,0 +1,31 @@ +package cn.ucloud.ufile.auth.util; + +import sun.security.validator.ValidatorException; + +import javax.validation.ConstraintViolation; +import javax.validation.Validation; +import javax.validation.Validator; +import javax.validation.ValidatorFactory; +import java.util.Iterator; +import java.util.Set; + +/** + * @description: + * @author: joshua + * @E-mail: joshua.yin@ucloud.cn + * @date: 2018-11-29 15:07 + */ +public class ParameterValidator { + /** + * 校验器工厂 + */ + private static ValidatorFactory factory = Validation.buildDefaultValidatorFactory(); + + public static void validator(T obj) throws ValidatorException { + Validator validator = factory.getValidator(); + Set> constraintViolations = validator.validate(obj); + Iterator> it = constraintViolations.iterator(); + while (it.hasNext()) + throw new ValidatorException(it.next().getMessage()); + } +} diff --git a/ufile-auth-server-java/src/main/resources/application.properties b/ufile-auth-server-java/src/main/resources/application.properties new file mode 100644 index 0000000..e69de29 diff --git a/ufile-auth-server-java/src/test/java/cn/ucloud/ufile/auth/AuthServerApplicationTests.java b/ufile-auth-server-java/src/test/java/cn/ucloud/ufile/auth/AuthServerApplicationTests.java new file mode 100644 index 0000000..88cbfe4 --- /dev/null +++ b/ufile-auth-server-java/src/test/java/cn/ucloud/ufile/auth/AuthServerApplicationTests.java @@ -0,0 +1,16 @@ +package cn.ucloud.ufile.auth; + +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.test.context.junit4.SpringRunner; + +@RunWith(SpringRunner.class) +@SpringBootTest +public class AuthServerApplicationTests { + + @Test + public void contextLoads() { + } + +}