package plugin // import ( // "fmt" // "strings" // "time" // "github.com/ssgo/u" // ) // // 腾讯云TC3签名 // func makeTC3Sign(req *Request, cfg *SignerConfig) error { // fmt.Println(u.JsonP(cfg), 111) // action := cfg.String("action", "") // service := cfg.String("service", "") // version := cfg.String("version", "") // region := cfg.String("region", "") // timestamp := time.Now().Unix() // if req.Url == "" { // req.Url = "https://" + service + ".tencentcloudapi.com" // req.MakeQuery() // } // algorithm := "TC3-HMAC-SHA256" // contentType := "application/json; charset=utf-8" // canonicalHeaders := fmt.Sprintf("content-type:%s\nhost:%s\nx-tc-action:%s\n", // contentType, req.FinalHost, strings.ToLower(action)) // signedHeaders := "content-type;host;x-tc-action" // hashedRequestPayload := u.Hex(u.Sha256(req.FinalBody)) // canonicalRequest := fmt.Sprintf("%s\n%s\n%s\n%s\n%s\n%s", // req.Method, // req.FinalPath, // req.FinalQuery, // canonicalHeaders, // signedHeaders, // hashedRequestPayload) // // fmt.Println(canonicalRequest) // date := time.Unix(timestamp, 0).UTC().Format("2006-01-02") // credentialScope := fmt.Sprintf("%s/%s/tc3_request", date, service) // hashedCanonicalRequest := u.Sha256String(canonicalRequest) // string2sign := fmt.Sprintf("%s\n%d\n%s\n%s", // algorithm, // timestamp, // credentialScope, // hashedCanonicalRequest) // // fmt.Println(string2sign) // // ************* 步骤 3:计算签名 ************* // secretDate := u.HmacSha256([]byte("TC3"+cfg.String("secretKey", "")), []byte(date)) // secretService := u.HmacSha256(secretDate, []byte(service)) // secretSigning := u.HmacSha256(secretService, []byte("tc3_request")) // signature := u.Hex(u.HmacSha256(secretSigning, []byte(string2sign))) // // fmt.Println(signature) // // ************* 步骤 4:拼接 Authorization ************* // authorization := fmt.Sprintf("%s Credential=%s/%s, SignedHeaders=%s, Signature=%s", // algorithm, // cfg.String("secretId", ""), // credentialScope, // signedHeaders, // signature) // // fmt.Println(u.BCyan(authorization)) // // fmt.Println(u.BCyan(string(req.finalBody))) // req.Headers["Host"] = req.FinalHost // req.Headers["Content-Type"] = contentType // req.Headers["X-TC-Action"] = action // req.Headers["X-TC-Timestamp"] = u.String(timestamp) // req.Headers["X-TC-Version"] = version // req.Headers["X-TC-Region"] = region // req.Headers["Authorization"] = authorization // return nil // } // // 腾讯云COS签名 // func makeCOSSign(req *Request, cfg *SignerConfig) error { // // 获取配置参数 // secretId := cfg.String("secretId", "") // secretKey := cfg.String("secretKey", "") // token := cfg.String("token", "") // 可选,用于临时安全凭证 // // 计算KeyTime(签名有效时间范围) // startTimestamp := time.Now().Unix() // expiredTime := cfg.Int("expiredTime", 600) // 默认10分钟 // endTimestamp := startTimestamp + expiredTime // keyTime := fmt.Sprintf("%d;%d", startTimestamp, endTimestamp) // // 步骤1:生成SignKey // signKey := u.Hex(u.HmacSha1([]byte(secretKey), []byte(keyTime))) // // 步骤2:生成HttpString // // 处理HTTP方法 // httpMethod := strings.ToLower(req.Method) // // 处理URI路径(需要URL解码?根据COS文档,可能需要原始路径) // uriPathname := req.FinalPath // // 处理查询参数(HttpParameters) // queryParams := req.Query // urlParamList, httpParameters := SortParams(queryParams, nil, nil) // // 处理请求头(HttpHeaders) // req.Headers["Host"] = req.FinalHost // // 如果有安全令牌,添加到Header // if token != "" { // req.Headers["x-cos-security-token"] = token // } // headerList, httpHeaders := SortParams(req.Headers, nil, nil) // // fmt.Println(u.BMagenta(httpHeaders)) // // 构建HttpString // httpString := fmt.Sprintf("%s\n%s\n%s\n%s\n", // httpMethod, // uriPathname, // httpParameters, // httpHeaders) // // 步骤3:生成StringToSign // hashedHttpString := u.Sha1String(httpString) // stringToSign := fmt.Sprintf("sha1\n%s\n%s\n", keyTime, hashedHttpString) // // 步骤4:生成Signature // signature := u.Hex(u.HmacSha1([]byte(signKey), []byte(stringToSign))) // // 步骤5:组装签名 // authorization := fmt.Sprintf("q-sign-algorithm=sha1&q-ak=%s&q-sign-time=%s&q-key-time=%s&q-header-list=%s&q-url-param-list=%s&q-signature=%s", // secretId, // keyTime, // keyTime, // headerList, // urlParamList, // signature) // // 将签名添加到Authorization头 // req.Headers["Authorization"] = authorization // return nil // }