diff --git a/csharp/core/Client.cs b/csharp/core/Client.cs index bf1d49f..f2bea37 100644 --- a/csharp/core/Client.cs +++ b/csharp/core/Client.cs @@ -79,6 +79,15 @@ public Client(Config config) credentialConfig.SecurityToken = config.SecurityToken; this._credential = new Aliyun.Credentials.Client(credentialConfig); } + else if (!AlibabaCloud.TeaUtil.Common.Empty(config.BearerToken)) + { + Aliyun.Credentials.Models.Config cc = new Aliyun.Credentials.Models.Config + { + Type = "bearer", + BearerToken = config.BearerToken, + }; + this._credential = new Aliyun.Credentials.Client(cc); + } else if (!AlibabaCloud.TeaUtil.Common.IsUnset(config.Credential)) { this._credential = config.Credential; @@ -249,27 +258,37 @@ public Dictionary DoRPCRequest(string action, string version, st } if (!AlibabaCloud.TeaUtil.Common.EqualString(authType, "Anonymous")) { - string accessKeyId = GetAccessKeyId(); - string accessKeySecret = GetAccessKeySecret(); - string securityToken = GetSecurityToken(); - if (!AlibabaCloud.TeaUtil.Common.Empty(securityToken)) + string credentialType = GetType(); + if (AlibabaCloud.TeaUtil.Common.EqualString(credentialType, "bearer")) { - request_.Query["SecurityToken"] = securityToken; + string bearerToken = GetBearerToken(); + request_.Query["BearerToken"] = bearerToken; + request_.Query["SignatureType"] = "BEARERTOKEN"; } - request_.Query["SignatureMethod"] = "HMAC-SHA1"; - request_.Query["SignatureVersion"] = "1.0"; - request_.Query["AccessKeyId"] = accessKeyId; - Dictionary t = null; - if (!AlibabaCloud.TeaUtil.Common.IsUnset(request.Body)) + else { - t = AlibabaCloud.TeaUtil.Common.AssertAsMap(request.Body); + string accessKeyId = GetAccessKeyId(); + string accessKeySecret = GetAccessKeySecret(); + string securityToken = GetSecurityToken(); + if (!AlibabaCloud.TeaUtil.Common.Empty(securityToken)) + { + request_.Query["SecurityToken"] = securityToken; + } + request_.Query["SignatureMethod"] = "HMAC-SHA1"; + request_.Query["SignatureVersion"] = "1.0"; + request_.Query["AccessKeyId"] = accessKeyId; + Dictionary t = null; + if (!AlibabaCloud.TeaUtil.Common.IsUnset(request.Body)) + { + t = AlibabaCloud.TeaUtil.Common.AssertAsMap(request.Body); + } + Dictionary signedParam = TeaConverter.merge + ( + request_.Query, + AlibabaCloud.OpenApiUtil.Client.Query(t) + ); + request_.Query["Signature"] = AlibabaCloud.OpenApiUtil.Client.GetRPCSignature(signedParam, request_.Method, accessKeySecret); } - Dictionary signedParam = TeaConverter.merge - ( - request_.Query, - AlibabaCloud.OpenApiUtil.Client.Query(t) - ); - request_.Query["Signature"] = AlibabaCloud.OpenApiUtil.Client.GetRPCSignature(signedParam, request_.Method, accessKeySecret); } _lastRequest = request_; TeaResponse response_ = TeaCore.DoAction(request_, runtime_); @@ -504,27 +523,37 @@ public async Task> DoRPCRequestAsync(string action, s } if (!AlibabaCloud.TeaUtil.Common.EqualString(authType, "Anonymous")) { - string accessKeyId = await GetAccessKeyIdAsync(); - string accessKeySecret = await GetAccessKeySecretAsync(); - string securityToken = await GetSecurityTokenAsync(); - if (!AlibabaCloud.TeaUtil.Common.Empty(securityToken)) + string credentialType = await GetTypeAsync(); + if (AlibabaCloud.TeaUtil.Common.EqualString(credentialType, "bearer")) { - request_.Query["SecurityToken"] = securityToken; + string bearerToken = await GetBearerTokenAsync(); + request_.Query["BearerToken"] = bearerToken; + request_.Query["SignatureType"] = "BEARERTOKEN"; } - request_.Query["SignatureMethod"] = "HMAC-SHA1"; - request_.Query["SignatureVersion"] = "1.0"; - request_.Query["AccessKeyId"] = accessKeyId; - Dictionary t = null; - if (!AlibabaCloud.TeaUtil.Common.IsUnset(request.Body)) + else { - t = AlibabaCloud.TeaUtil.Common.AssertAsMap(request.Body); + string accessKeyId = await GetAccessKeyIdAsync(); + string accessKeySecret = await GetAccessKeySecretAsync(); + string securityToken = await GetSecurityTokenAsync(); + if (!AlibabaCloud.TeaUtil.Common.Empty(securityToken)) + { + request_.Query["SecurityToken"] = securityToken; + } + request_.Query["SignatureMethod"] = "HMAC-SHA1"; + request_.Query["SignatureVersion"] = "1.0"; + request_.Query["AccessKeyId"] = accessKeyId; + Dictionary t = null; + if (!AlibabaCloud.TeaUtil.Common.IsUnset(request.Body)) + { + t = AlibabaCloud.TeaUtil.Common.AssertAsMap(request.Body); + } + Dictionary signedParam = TeaConverter.merge + ( + request_.Query, + AlibabaCloud.OpenApiUtil.Client.Query(t) + ); + request_.Query["Signature"] = AlibabaCloud.OpenApiUtil.Client.GetRPCSignature(signedParam, request_.Method, accessKeySecret); } - Dictionary signedParam = TeaConverter.merge - ( - request_.Query, - AlibabaCloud.OpenApiUtil.Client.Query(t) - ); - request_.Query["Signature"] = AlibabaCloud.OpenApiUtil.Client.GetRPCSignature(signedParam, request_.Method, accessKeySecret); } _lastRequest = request_; TeaResponse response_ = await TeaCore.DoActionAsync(request_, runtime_); @@ -739,16 +768,26 @@ public Dictionary DoROARequest(string action, string version, st } if (!AlibabaCloud.TeaUtil.Common.EqualString(authType, "Anonymous")) { - string accessKeyId = GetAccessKeyId(); - string accessKeySecret = GetAccessKeySecret(); - string securityToken = GetSecurityToken(); - if (!AlibabaCloud.TeaUtil.Common.Empty(securityToken)) + string credentialType = GetType(); + if (AlibabaCloud.TeaUtil.Common.EqualString(credentialType, "bearer")) + { + string bearerToken = GetBearerToken(); + request_.Headers["x-acs-bearer-token"] = bearerToken; + request_.Headers["x-acs-signature-type"] = "BEARERTOKEN"; + } + else { - request_.Headers["x-acs-accesskey-id"] = accessKeyId; - request_.Headers["x-acs-security-token"] = securityToken; + string accessKeyId = GetAccessKeyId(); + string accessKeySecret = GetAccessKeySecret(); + string securityToken = GetSecurityToken(); + if (!AlibabaCloud.TeaUtil.Common.Empty(securityToken)) + { + request_.Headers["x-acs-accesskey-id"] = accessKeyId; + request_.Headers["x-acs-security-token"] = securityToken; + } + string stringToSign = AlibabaCloud.OpenApiUtil.Client.GetStringToSign(request_); + request_.Headers["authorization"] = "acs " + accessKeyId + ":" + AlibabaCloud.OpenApiUtil.Client.GetROASignature(stringToSign, accessKeySecret); } - string stringToSign = AlibabaCloud.OpenApiUtil.Client.GetStringToSign(request_); - request_.Headers["authorization"] = "acs " + accessKeyId + ":" + AlibabaCloud.OpenApiUtil.Client.GetROASignature(stringToSign, accessKeySecret); } _lastRequest = request_; TeaResponse response_ = TeaCore.DoAction(request_, runtime_); @@ -971,16 +1010,26 @@ public async Task> DoROARequestAsync(string action, s } if (!AlibabaCloud.TeaUtil.Common.EqualString(authType, "Anonymous")) { - string accessKeyId = await GetAccessKeyIdAsync(); - string accessKeySecret = await GetAccessKeySecretAsync(); - string securityToken = await GetSecurityTokenAsync(); - if (!AlibabaCloud.TeaUtil.Common.Empty(securityToken)) + string credentialType = await GetTypeAsync(); + if (AlibabaCloud.TeaUtil.Common.EqualString(credentialType, "bearer")) { - request_.Headers["x-acs-accesskey-id"] = accessKeyId; - request_.Headers["x-acs-security-token"] = securityToken; + string bearerToken = await GetBearerTokenAsync(); + request_.Headers["x-acs-bearer-token"] = bearerToken; + request_.Headers["x-acs-signature-type"] = "BEARERTOKEN"; + } + else + { + string accessKeyId = await GetAccessKeyIdAsync(); + string accessKeySecret = await GetAccessKeySecretAsync(); + string securityToken = await GetSecurityTokenAsync(); + if (!AlibabaCloud.TeaUtil.Common.Empty(securityToken)) + { + request_.Headers["x-acs-accesskey-id"] = accessKeyId; + request_.Headers["x-acs-security-token"] = securityToken; + } + string stringToSign = AlibabaCloud.OpenApiUtil.Client.GetStringToSign(request_); + request_.Headers["authorization"] = "acs " + accessKeyId + ":" + AlibabaCloud.OpenApiUtil.Client.GetROASignature(stringToSign, accessKeySecret); } - string stringToSign = AlibabaCloud.OpenApiUtil.Client.GetStringToSign(request_); - request_.Headers["authorization"] = "acs " + accessKeyId + ":" + AlibabaCloud.OpenApiUtil.Client.GetROASignature(stringToSign, accessKeySecret); } _lastRequest = request_; TeaResponse response_ = await TeaCore.DoActionAsync(request_, runtime_); @@ -1204,16 +1253,26 @@ public Dictionary DoROARequestWithForm(string action, string ver } if (!AlibabaCloud.TeaUtil.Common.EqualString(authType, "Anonymous")) { - string accessKeyId = GetAccessKeyId(); - string accessKeySecret = GetAccessKeySecret(); - string securityToken = GetSecurityToken(); - if (!AlibabaCloud.TeaUtil.Common.Empty(securityToken)) + string credentialType = GetType(); + if (AlibabaCloud.TeaUtil.Common.EqualString(credentialType, "bearer")) { - request_.Headers["x-acs-accesskey-id"] = accessKeyId; - request_.Headers["x-acs-security-token"] = securityToken; + string bearerToken = GetBearerToken(); + request_.Headers["x-acs-bearer-token"] = bearerToken; + request_.Headers["x-acs-signature-type"] = "BEARERTOKEN"; + } + else + { + string accessKeyId = GetAccessKeyId(); + string accessKeySecret = GetAccessKeySecret(); + string securityToken = GetSecurityToken(); + if (!AlibabaCloud.TeaUtil.Common.Empty(securityToken)) + { + request_.Headers["x-acs-accesskey-id"] = accessKeyId; + request_.Headers["x-acs-security-token"] = securityToken; + } + string stringToSign = AlibabaCloud.OpenApiUtil.Client.GetStringToSign(request_); + request_.Headers["authorization"] = "acs " + accessKeyId + ":" + AlibabaCloud.OpenApiUtil.Client.GetROASignature(stringToSign, accessKeySecret); } - string stringToSign = AlibabaCloud.OpenApiUtil.Client.GetStringToSign(request_); - request_.Headers["authorization"] = "acs " + accessKeyId + ":" + AlibabaCloud.OpenApiUtil.Client.GetROASignature(stringToSign, accessKeySecret); } _lastRequest = request_; TeaResponse response_ = TeaCore.DoAction(request_, runtime_); @@ -1435,16 +1494,26 @@ public async Task> DoROARequestWithFormAsync(string a } if (!AlibabaCloud.TeaUtil.Common.EqualString(authType, "Anonymous")) { - string accessKeyId = await GetAccessKeyIdAsync(); - string accessKeySecret = await GetAccessKeySecretAsync(); - string securityToken = await GetSecurityTokenAsync(); - if (!AlibabaCloud.TeaUtil.Common.Empty(securityToken)) + string credentialType = await GetTypeAsync(); + if (AlibabaCloud.TeaUtil.Common.EqualString(credentialType, "bearer")) + { + string bearerToken = await GetBearerTokenAsync(); + request_.Headers["x-acs-bearer-token"] = bearerToken; + request_.Headers["x-acs-signature-type"] = "BEARERTOKEN"; + } + else { - request_.Headers["x-acs-accesskey-id"] = accessKeyId; - request_.Headers["x-acs-security-token"] = securityToken; + string accessKeyId = await GetAccessKeyIdAsync(); + string accessKeySecret = await GetAccessKeySecretAsync(); + string securityToken = await GetSecurityTokenAsync(); + if (!AlibabaCloud.TeaUtil.Common.Empty(securityToken)) + { + request_.Headers["x-acs-accesskey-id"] = accessKeyId; + request_.Headers["x-acs-security-token"] = securityToken; + } + string stringToSign = AlibabaCloud.OpenApiUtil.Client.GetStringToSign(request_); + request_.Headers["authorization"] = "acs " + accessKeyId + ":" + AlibabaCloud.OpenApiUtil.Client.GetROASignature(stringToSign, accessKeySecret); } - string stringToSign = AlibabaCloud.OpenApiUtil.Client.GetStringToSign(request_); - request_.Headers["authorization"] = "acs " + accessKeyId + ":" + AlibabaCloud.OpenApiUtil.Client.GetROASignature(stringToSign, accessKeySecret); } _lastRequest = request_; TeaResponse response_ = await TeaCore.DoActionAsync(request_, runtime_); @@ -1709,6 +1778,14 @@ public Dictionary DoRequest(Params params_, OpenApiRequest reque { string bearerToken = GetBearerToken(); request_.Headers["x-acs-bearer-token"] = bearerToken; + if (AlibabaCloud.TeaUtil.Common.EqualString(params_.Style, "RPC")) + { + request_.Query["SignatureType"] = "BEARERTOKEN"; + } + else + { + request_.Headers["x-acs-signature-type"] = "BEARERTOKEN"; + } } else { @@ -1991,6 +2068,14 @@ public async Task> DoRequestAsync(Params params_, Ope { string bearerToken = await GetBearerTokenAsync(); request_.Headers["x-acs-bearer-token"] = bearerToken; + if (AlibabaCloud.TeaUtil.Common.EqualString(params_.Style, "RPC")) + { + request_.Query["SignatureType"] = "BEARERTOKEN"; + } + else + { + request_.Headers["x-acs-signature-type"] = "BEARERTOKEN"; + } } else { diff --git a/csharp/core/Models/Config.cs b/csharp/core/Models/Config.cs index 72dd6e8..bc42142 100644 --- a/csharp/core/Models/Config.cs +++ b/csharp/core/Models/Config.cs @@ -33,6 +33,13 @@ public class Config : TeaModel { [Validation(Required=false)] public string SecurityToken { get; set; } + /// + /// bearer token + /// + [NameInMap("bearerToken")] + [Validation(Required=false)] + public string BearerToken { get; set; } + /// /// http protocol /// diff --git a/csharp/core/Properties/AssemblyInfo.cs b/csharp/core/Properties/AssemblyInfo.cs index b09b821..9da4c9b 100644 --- a/csharp/core/Properties/AssemblyInfo.cs +++ b/csharp/core/Properties/AssemblyInfo.cs @@ -29,5 +29,5 @@ // Build Number // Revision // -[assembly : AssemblyVersion("0.1.8.0")] -[assembly : AssemblyFileVersion("0.1.8.0")] +[assembly : AssemblyVersion("0.1.9.0")] +[assembly : AssemblyFileVersion("0.1.9.0")] diff --git a/golang/client/client.go b/golang/client/client.go index bdfdaa5..43bcb50 100644 --- a/golang/client/client.go +++ b/golang/client/client.go @@ -1,7 +1,7 @@ // This file is auto-generated, don't edit it. Thanks. -/** - * This is for OpenApi SDK - */ +// Description: +// +// This is for OpenApi SDK package client import ( @@ -38,66 +38,169 @@ func (s *GlobalParameters) SetQueries(v map[string]*string) *GlobalParameters { return s } -/** - * Model for initing client - */ +// Description: +// +// Model for initing client type Config struct { // accesskey id AccessKeyId *string `json:"accessKeyId,omitempty" xml:"accessKeyId,omitempty"` // accesskey secret AccessKeySecret *string `json:"accessKeySecret,omitempty" xml:"accessKeySecret,omitempty"` // security token + // + // example: + // + // a.txt SecurityToken *string `json:"securityToken,omitempty" xml:"securityToken,omitempty"` + // bearer token + // + // example: + // + // the-bearer-token + BearerToken *string `json:"bearerToken,omitempty" xml:"bearerToken,omitempty"` // http protocol + // + // example: + // + // http Protocol *string `json:"protocol,omitempty" xml:"protocol,omitempty"` // http method + // + // example: + // + // GET Method *string `json:"method,omitempty" xml:"method,omitempty"` // region id + // + // example: + // + // cn-hangzhou RegionId *string `json:"regionId,omitempty" xml:"regionId,omitempty"` // read timeout + // + // example: + // + // 10 ReadTimeout *int `json:"readTimeout,omitempty" xml:"readTimeout,omitempty"` // connect timeout + // + // example: + // + // 10 ConnectTimeout *int `json:"connectTimeout,omitempty" xml:"connectTimeout,omitempty"` // http proxy + // + // example: + // + // http://localhost HttpProxy *string `json:"httpProxy,omitempty" xml:"httpProxy,omitempty"` // https proxy + // + // example: + // + // https://localhost HttpsProxy *string `json:"httpsProxy,omitempty" xml:"httpsProxy,omitempty"` // credential Credential credential.Credential `json:"credential,omitempty" xml:"credential,omitempty"` // endpoint + // + // example: + // + // cs.aliyuncs.com Endpoint *string `json:"endpoint,omitempty" xml:"endpoint,omitempty"` // proxy white list + // + // example: + // + // http://localhost NoProxy *string `json:"noProxy,omitempty" xml:"noProxy,omitempty"` // max idle conns + // + // example: + // + // 3 MaxIdleConns *int `json:"maxIdleConns,omitempty" xml:"maxIdleConns,omitempty"` // network for endpoint + // + // example: + // + // public Network *string `json:"network,omitempty" xml:"network,omitempty"` // user agent + // + // example: + // + // Alibabacloud/1 UserAgent *string `json:"userAgent,omitempty" xml:"userAgent,omitempty"` // suffix for endpoint + // + // example: + // + // aliyun Suffix *string `json:"suffix,omitempty" xml:"suffix,omitempty"` // socks5 proxy Socks5Proxy *string `json:"socks5Proxy,omitempty" xml:"socks5Proxy,omitempty"` // socks5 network + // + // example: + // + // TCP Socks5NetWork *string `json:"socks5NetWork,omitempty" xml:"socks5NetWork,omitempty"` // endpoint type + // + // example: + // + // internal EndpointType *string `json:"endpointType,omitempty" xml:"endpointType,omitempty"` // OpenPlatform endpoint + // + // example: + // + // openplatform.aliyuncs.com OpenPlatformEndpoint *string `json:"openPlatformEndpoint,omitempty" xml:"openPlatformEndpoint,omitempty"` // Deprecated + // // credential type + // + // example: + // + // access_key Type *string `json:"type,omitempty" xml:"type,omitempty"` // Signature Version + // + // example: + // + // v1 SignatureVersion *string `json:"signatureVersion,omitempty" xml:"signatureVersion,omitempty"` // Signature Algorithm + // + // example: + // + // ACS3-HMAC-SHA256 SignatureAlgorithm *string `json:"signatureAlgorithm,omitempty" xml:"signatureAlgorithm,omitempty"` // Global Parameters GlobalParameters *GlobalParameters `json:"globalParameters,omitempty" xml:"globalParameters,omitempty"` // privite key for client certificate + // + // example: + // + // MIIEvQ Key *string `json:"key,omitempty" xml:"key,omitempty"` // client certificate + // + // example: + // + // -----BEGIN CERTIFICATE----- + // + // xxx-----END CERTIFICATE----- Cert *string `json:"cert,omitempty" xml:"cert,omitempty"` // server certificate + // + // example: + // + // -----BEGIN CERTIFICATE----- + // + // xxx-----END CERTIFICATE----- Ca *string `json:"ca,omitempty" xml:"ca,omitempty"` // disable HTTP/2 // @@ -130,6 +233,11 @@ func (s *Config) SetSecurityToken(v string) *Config { return s } +func (s *Config) SetBearerToken(v string) *Config { + s.BearerToken = &v + return s +} + func (s *Config) SetProtocol(v string) *Config { s.Protocol = &v return s @@ -405,10 +513,11 @@ type Client struct { DisableHttp2 *bool } -/** - * Init client with Config - * @param config config contains the necessary information to create a client - */ +// Description: +// +// # Init client with Config +// +// @param config - config contains the necessary information to create a client func NewClient(config *Config) (*Client, error) { client := new(Client) err := client.Init(config) @@ -442,6 +551,16 @@ func (client *Client) Init(config *Config) (_err error) { return _err } + } else if !tea.BoolValue(util.Empty(config.BearerToken)) { + cc := &credential.Config{ + Type: tea.String("bearer"), + BearerToken: config.BearerToken, + } + client.Credential, _err = credential.NewCredential(cc) + if _err != nil { + return _err + } + } else if !tea.BoolValue(util.IsUnset(config.Credential)) { client.Credential = config.Credential } @@ -472,18 +591,27 @@ func (client *Client) Init(config *Config) (_err error) { return nil } -/** - * Encapsulate the request and invoke the network - * @param action api name - * @param version product version - * @param protocol http or https - * @param method e.g. GET - * @param authType authorization type e.g. AK - * @param bodyType response body type e.g. String - * @param request object of OpenApiRequest - * @param runtime which controls some details of call api, such as retry times - * @return the response - */ +// Description: +// +// # Encapsulate the request and invoke the network +// +// @param action - api name +// +// @param version - product version +// +// @param protocol - http or https +// +// @param method - e.g. GET +// +// @param authType - authorization type e.g. AK +// +// @param bodyType - response body type e.g. String +// +// @param request - object of OpenApiRequest +// +// @param runtime - which controls some details of call api, such as retry times +// +// @return the response func (client *Client) DoRPCRequest(action *string, version *string, protocol *string, method *string, authType *string, bodyType *string, request *OpenApiRequest, runtime *util.RuntimeOptions) (_result map[string]interface{}, _err error) { _err = tea.Validate(request) if _err != nil { @@ -599,40 +727,56 @@ func (client *Client) DoRPCRequest(action *string, version *string, protocol *st } if !tea.BoolValue(util.EqualString(authType, tea.String("Anonymous"))) { - accessKeyId, _err := client.GetAccessKeyId() + credentialType, _err := client.GetType() if _err != nil { return _result, _err } - accessKeySecret, _err := client.GetAccessKeySecret() - if _err != nil { - return _result, _err - } + if tea.BoolValue(util.EqualString(credentialType, tea.String("bearer"))) { + bearerToken, _err := client.GetBearerToken() + if _err != nil { + return _result, _err + } - securityToken, _err := client.GetSecurityToken() - if _err != nil { - return _result, _err - } + request_.Query["BearerToken"] = bearerToken + request_.Query["SignatureType"] = tea.String("BEARERTOKEN") + } else { + accessKeyId, _err := client.GetAccessKeyId() + if _err != nil { + return _result, _err + } - if !tea.BoolValue(util.Empty(securityToken)) { - request_.Query["SecurityToken"] = securityToken - } + accessKeySecret, _err := client.GetAccessKeySecret() + if _err != nil { + return _result, _err + } - request_.Query["SignatureMethod"] = tea.String("HMAC-SHA1") - request_.Query["SignatureVersion"] = tea.String("1.0") - request_.Query["AccessKeyId"] = accessKeyId - var t map[string]interface{} - if !tea.BoolValue(util.IsUnset(request.Body)) { - t, _err = util.AssertAsMap(request.Body) + securityToken, _err := client.GetSecurityToken() if _err != nil { return _result, _err } + if !tea.BoolValue(util.Empty(securityToken)) { + request_.Query["SecurityToken"] = securityToken + } + + request_.Query["SignatureMethod"] = tea.String("HMAC-SHA1") + request_.Query["SignatureVersion"] = tea.String("1.0") + request_.Query["AccessKeyId"] = accessKeyId + var t map[string]interface{} + if !tea.BoolValue(util.IsUnset(request.Body)) { + t, _err = util.AssertAsMap(request.Body) + if _err != nil { + return _result, _err + } + + } + + signedParam := tea.Merge(request_.Query, + openapiutil.Query(t)) + request_.Query["Signature"] = openapiutil.GetRPCSignature(signedParam, request_.Method, accessKeySecret) } - signedParam := tea.Merge(request_.Query, - openapiutil.Query(t)) - request_.Query["Signature"] = openapiutil.GetRPCSignature(signedParam, request_.Method, accessKeySecret) } response_, _err := tea.DoRequest(request_, _runtime) @@ -745,19 +889,29 @@ func (client *Client) DoRPCRequest(action *string, version *string, protocol *st return _resp, _err } -/** - * Encapsulate the request and invoke the network - * @param action api name - * @param version product version - * @param protocol http or https - * @param method e.g. GET - * @param authType authorization type e.g. AK - * @param pathname pathname of every api - * @param bodyType response body type e.g. String - * @param request object of OpenApiRequest - * @param runtime which controls some details of call api, such as retry times - * @return the response - */ +// Description: +// +// # Encapsulate the request and invoke the network +// +// @param action - api name +// +// @param version - product version +// +// @param protocol - http or https +// +// @param method - e.g. GET +// +// @param authType - authorization type e.g. AK +// +// @param pathname - pathname of every api +// +// @param bodyType - response body type e.g. String +// +// @param request - object of OpenApiRequest +// +// @param runtime - which controls some details of call api, such as retry times +// +// @return the response func (client *Client) DoROARequest(action *string, version *string, protocol *string, method *string, authType *string, pathname *string, bodyType *string, request *OpenApiRequest, runtime *util.RuntimeOptions) (_result map[string]interface{}, _err error) { _err = tea.Validate(request) if _err != nil { @@ -853,28 +1007,44 @@ func (client *Client) DoROARequest(action *string, version *string, protocol *st } if !tea.BoolValue(util.EqualString(authType, tea.String("Anonymous"))) { - accessKeyId, _err := client.GetAccessKeyId() + credentialType, _err := client.GetType() if _err != nil { return _result, _err } - accessKeySecret, _err := client.GetAccessKeySecret() - if _err != nil { - return _result, _err - } + if tea.BoolValue(util.EqualString(credentialType, tea.String("bearer"))) { + bearerToken, _err := client.GetBearerToken() + if _err != nil { + return _result, _err + } - securityToken, _err := client.GetSecurityToken() - if _err != nil { - return _result, _err - } + request_.Headers["x-acs-bearer-token"] = bearerToken + request_.Headers["x-acs-signature-type"] = tea.String("BEARERTOKEN") + } else { + accessKeyId, _err := client.GetAccessKeyId() + if _err != nil { + return _result, _err + } - if !tea.BoolValue(util.Empty(securityToken)) { - request_.Headers["x-acs-accesskey-id"] = accessKeyId - request_.Headers["x-acs-security-token"] = securityToken + accessKeySecret, _err := client.GetAccessKeySecret() + if _err != nil { + return _result, _err + } + + securityToken, _err := client.GetSecurityToken() + if _err != nil { + return _result, _err + } + + if !tea.BoolValue(util.Empty(securityToken)) { + request_.Headers["x-acs-accesskey-id"] = accessKeyId + request_.Headers["x-acs-security-token"] = securityToken + } + + stringToSign := openapiutil.GetStringToSign(request_) + request_.Headers["authorization"] = tea.String("acs " + tea.StringValue(accessKeyId) + ":" + tea.StringValue(openapiutil.GetROASignature(stringToSign, accessKeySecret))) } - stringToSign := openapiutil.GetStringToSign(request_) - request_.Headers["authorization"] = tea.String("acs " + tea.StringValue(accessKeyId) + ":" + tea.StringValue(openapiutil.GetROASignature(stringToSign, accessKeySecret))) } response_, _err := tea.DoRequest(request_, _runtime) @@ -996,19 +1166,29 @@ func (client *Client) DoROARequest(action *string, version *string, protocol *st return _resp, _err } -/** - * Encapsulate the request and invoke the network with form body - * @param action api name - * @param version product version - * @param protocol http or https - * @param method e.g. GET - * @param authType authorization type e.g. AK - * @param pathname pathname of every api - * @param bodyType response body type e.g. String - * @param request object of OpenApiRequest - * @param runtime which controls some details of call api, such as retry times - * @return the response - */ +// Description: +// +// # Encapsulate the request and invoke the network with form body +// +// @param action - api name +// +// @param version - product version +// +// @param protocol - http or https +// +// @param method - e.g. GET +// +// @param authType - authorization type e.g. AK +// +// @param pathname - pathname of every api +// +// @param bodyType - response body type e.g. String +// +// @param request - object of OpenApiRequest +// +// @param runtime - which controls some details of call api, such as retry times +// +// @return the response func (client *Client) DoROARequestWithForm(action *string, version *string, protocol *string, method *string, authType *string, pathname *string, bodyType *string, request *OpenApiRequest, runtime *util.RuntimeOptions) (_result map[string]interface{}, _err error) { _err = tea.Validate(request) if _err != nil { @@ -1109,28 +1289,44 @@ func (client *Client) DoROARequestWithForm(action *string, version *string, prot } if !tea.BoolValue(util.EqualString(authType, tea.String("Anonymous"))) { - accessKeyId, _err := client.GetAccessKeyId() + credentialType, _err := client.GetType() if _err != nil { return _result, _err } - accessKeySecret, _err := client.GetAccessKeySecret() - if _err != nil { - return _result, _err - } + if tea.BoolValue(util.EqualString(credentialType, tea.String("bearer"))) { + bearerToken, _err := client.GetBearerToken() + if _err != nil { + return _result, _err + } - securityToken, _err := client.GetSecurityToken() - if _err != nil { - return _result, _err - } + request_.Headers["x-acs-bearer-token"] = bearerToken + request_.Headers["x-acs-signature-type"] = tea.String("BEARERTOKEN") + } else { + accessKeyId, _err := client.GetAccessKeyId() + if _err != nil { + return _result, _err + } + + accessKeySecret, _err := client.GetAccessKeySecret() + if _err != nil { + return _result, _err + } + + securityToken, _err := client.GetSecurityToken() + if _err != nil { + return _result, _err + } + + if !tea.BoolValue(util.Empty(securityToken)) { + request_.Headers["x-acs-accesskey-id"] = accessKeyId + request_.Headers["x-acs-security-token"] = securityToken + } - if !tea.BoolValue(util.Empty(securityToken)) { - request_.Headers["x-acs-accesskey-id"] = accessKeyId - request_.Headers["x-acs-security-token"] = securityToken + stringToSign := openapiutil.GetStringToSign(request_) + request_.Headers["authorization"] = tea.String("acs " + tea.StringValue(accessKeyId) + ":" + tea.StringValue(openapiutil.GetROASignature(stringToSign, accessKeySecret))) } - stringToSign := openapiutil.GetStringToSign(request_) - request_.Headers["authorization"] = tea.String("acs " + tea.StringValue(accessKeyId) + ":" + tea.StringValue(openapiutil.GetROASignature(stringToSign, accessKeySecret))) } response_, _err := tea.DoRequest(request_, _runtime) @@ -1250,18 +1446,27 @@ func (client *Client) DoROARequestWithForm(action *string, version *string, prot return _resp, _err } -/** - * Encapsulate the request and invoke the network - * @param action api name - * @param version product version - * @param protocol http or https - * @param method e.g. GET - * @param authType authorization type e.g. AK - * @param bodyType response body type e.g. String - * @param request object of OpenApiRequest - * @param runtime which controls some details of call api, such as retry times - * @return the response - */ +// Description: +// +// # Encapsulate the request and invoke the network +// +// @param action - api name +// +// @param version - product version +// +// @param protocol - http or https +// +// @param method - e.g. GET +// +// @param authType - authorization type e.g. AK +// +// @param bodyType - response body type e.g. String +// +// @param request - object of OpenApiRequest +// +// @param runtime - which controls some details of call api, such as retry times +// +// @return the response func (client *Client) DoRequest(params *Params, request *OpenApiRequest, runtime *util.RuntimeOptions) (_result map[string]interface{}, _err error) { _err = tea.Validate(params) if _err != nil { @@ -1416,6 +1621,12 @@ func (client *Client) DoRequest(params *Params, request *OpenApiRequest, runtime if tea.BoolValue(util.EqualString(authType, tea.String("bearer"))) { bearerToken := credentialModel.BearerToken request_.Headers["x-acs-bearer-token"] = bearerToken + if tea.BoolValue(util.EqualString(params.Style, tea.String("RPC"))) { + request_.Query["SignatureType"] = tea.String("BEARERTOKEN") + } else { + request_.Headers["x-acs-signature-type"] = tea.String("BEARERTOKEN") + } + } else { accessKeyId := credentialModel.AccessKeyId accessKeySecret := credentialModel.AccessKeySecret @@ -1561,18 +1772,27 @@ func (client *Client) DoRequest(params *Params, request *OpenApiRequest, runtime return _resp, _err } -/** - * Encapsulate the request and invoke the network - * @param action api name - * @param version product version - * @param protocol http or https - * @param method e.g. GET - * @param authType authorization type e.g. AK - * @param bodyType response body type e.g. String - * @param request object of OpenApiRequest - * @param runtime which controls some details of call api, such as retry times - * @return the response - */ +// Description: +// +// # Encapsulate the request and invoke the network +// +// @param action - api name +// +// @param version - product version +// +// @param protocol - http or https +// +// @param method - e.g. GET +// +// @param authType - authorization type e.g. AK +// +// @param bodyType - response body type e.g. String +// +// @param request - object of OpenApiRequest +// +// @param runtime - which controls some details of call api, such as retry times +// +// @return the response func (client *Client) Execute(params *Params, request *OpenApiRequest, runtime *util.RuntimeOptions) (_result map[string]interface{}, _err error) { _err = tea.Validate(params) if _err != nil { @@ -1782,20 +2002,22 @@ func (client *Client) CallApi(params *Params, request *OpenApiRequest, runtime * } -/** - * Get user agent - * @return user agent - */ +// Description: +// +// # Get user agent +// +// @return user agent func (client *Client) GetUserAgent() (_result *string) { userAgent := util.GetUserAgent(client.UserAgent) _result = userAgent return _result } -/** - * Get accesskey id by using credential - * @return accesskey id - */ +// Description: +// +// # Get accesskey id by using credential +// +// @return accesskey id func (client *Client) GetAccessKeyId() (_result *string, _err error) { if tea.BoolValue(util.IsUnset(client.Credential)) { _result = tea.String("") @@ -1811,10 +2033,11 @@ func (client *Client) GetAccessKeyId() (_result *string, _err error) { return _result, _err } -/** - * Get accesskey secret by using credential - * @return accesskey secret - */ +// Description: +// +// # Get accesskey secret by using credential +// +// @return accesskey secret func (client *Client) GetAccessKeySecret() (_result *string, _err error) { if tea.BoolValue(util.IsUnset(client.Credential)) { _result = tea.String("") @@ -1830,10 +2053,11 @@ func (client *Client) GetAccessKeySecret() (_result *string, _err error) { return _result, _err } -/** - * Get security token by using credential - * @return security token - */ +// Description: +// +// # Get security token by using credential +// +// @return security token func (client *Client) GetSecurityToken() (_result *string, _err error) { if tea.BoolValue(util.IsUnset(client.Credential)) { _result = tea.String("") @@ -1849,10 +2073,11 @@ func (client *Client) GetSecurityToken() (_result *string, _err error) { return _result, _err } -/** - * Get bearer token by credential - * @return bearer token - */ +// Description: +// +// # Get bearer token by credential +// +// @return bearer token func (client *Client) GetBearerToken() (_result *string, _err error) { if tea.BoolValue(util.IsUnset(client.Credential)) { _result = tea.String("") @@ -1864,10 +2089,11 @@ func (client *Client) GetBearerToken() (_result *string, _err error) { return _result, _err } -/** - * Get credential type by credential - * @return credential type e.g. access_key - */ +// Description: +// +// # Get credential type by credential +// +// @return credential type e.g. access_key func (client *Client) GetType() (_result *string, _err error) { if tea.BoolValue(util.IsUnset(client.Credential)) { _result = tea.String("") @@ -1879,12 +2105,15 @@ func (client *Client) GetType() (_result *string, _err error) { return _result, _err } -/** - * If inputValue is not null, return it or return defaultValue - * @param inputValue users input value - * @param defaultValue default value - * @return the final result - */ +// Description: +// +// # If inputValue is not null, return it or return defaultValue +// +// @param inputValue - users input value +// +// @param defaultValue - default value +// +// @return the final result func DefaultAny(inputValue interface{}, defaultValue interface{}) (_result interface{}) { if tea.BoolValue(util.IsUnset(inputValue)) { _result = defaultValue @@ -1895,10 +2124,11 @@ func DefaultAny(inputValue interface{}, defaultValue interface{}) (_result inter return _result } -/** - * If the endpointRule and config.endpoint are empty, throw error - * @param config config contains the necessary information to create a client - */ +// Description: +// +// # If the endpointRule and config.endpoint are empty, throw error +// +// @param config - config contains the necessary information to create a client func (client *Client) CheckConfig(config *Config) (_err error) { if tea.BoolValue(util.Empty(client.EndpointRule)) && tea.BoolValue(util.Empty(config.Endpoint)) { _err = tea.NewSDKError(map[string]interface{}{ @@ -1911,27 +2141,29 @@ func (client *Client) CheckConfig(config *Config) (_err error) { return _err } -/** - * set gateway client - * @param spi. - */ +// Description: +// +// set gateway client +// +// @param spi - . func (client *Client) SetGatewayClient(spi spi.ClientInterface) (_err error) { client.Spi = spi return _err } -/** - * set RPC header for debug - * @param headers headers for debug, this header can be used only once. - */ +// Description: +// +// set RPC header for debug +// +// @param headers - headers for debug, this header can be used only once. func (client *Client) SetRpcHeaders(headers map[string]*string) (_err error) { client.Headers = headers return _err } -/** - * get RPC header for debug - */ +// Description: +// +// get RPC header for debug func (client *Client) GetRpcHeaders() (_result map[string]*string, _err error) { headers := client.Headers client.Headers = nil diff --git a/golang/client/client_test.go b/golang/client/client_test.go index 3bab138..eff4a42 100644 --- a/golang/client/client_test.go +++ b/golang/client/client_test.go @@ -108,10 +108,10 @@ func TestConfig(t *testing.T) { SecurityToken: tea.String("securityToken"), Type: tea.String("sts"), } - credential, _err := credential.NewCredential(creConfig) + cred, _err := credential.NewCredential(creConfig) tea_util.AssertNil(t, _err) - config.Credential = credential + config.Credential = cred config.String() config.GoString() client, _err := NewClient(nil) @@ -129,6 +129,28 @@ func TestConfig(t *testing.T) { ty, _ := client.GetType() tea_util.AssertEqual(t, "sts", tea.StringValue(ty)) + // bearer token + creConfig = &credential.Config{ + BearerToken: tea.String("token"), + Type: tea.String("bearer"), + } + cred, _err = credential.NewCredential(creConfig) + tea_util.AssertNil(t, _err) + + config.Credential = cred + client, _err = NewClient(config) + tea_util.AssertNil(t, _err) + ak, _ = client.GetAccessKeyId() + tea_util.AssertEqual(t, "", tea.StringValue(ak)) + sk, _ = client.GetAccessKeySecret() + tea_util.AssertEqual(t, "", tea.StringValue(sk)) + token, _ = client.GetSecurityToken() + tea_util.AssertEqual(t, "", tea.StringValue(token)) + bearer, _ := client.GetBearerToken() + tea_util.AssertEqual(t, "token", tea.StringValue(bearer)) + ty, _ = client.GetType() + tea_util.AssertEqual(t, "bearer", tea.StringValue(ty)) + config.AccessKeyId = tea.String("ak") config.AccessKeySecret = tea.String("secret") config.SecurityToken = tea.String("token") @@ -212,6 +234,22 @@ func CreateConfig() (_result *Config) { return _result } +func CreateBearerTokenConfig() (_result *Config) { + creConfig := &credential.Config{ + BearerToken: tea.String("token"), + Type: tea.String("bearer"), + } + cred, _err := credential.NewCredential(creConfig) + if _err != nil { + return nil + } + config := &Config{ + Credential: cred, + } + _result = config + return _result +} + func CreateRuntimeOptions() (_result *util.RuntimeOptions) { extendsParameters := &util.ExtendsParameters{ Headers: map[string]*string{ @@ -310,6 +348,27 @@ func TestCallApiForRPCWithV2Sign_AK_Form(t *testing.T) { tea_util.AssertEqual(t, "test", body["ClassId"]) tea_util.AssertEqual(t, "123", body["UserId"].(json.Number).String()) tea_util.AssertEqual(t, "200", result["statusCode"].(json.Number).String()) + + // bearer token + config = CreateBearerTokenConfig() + config.Protocol = tea.String("HTTP") + config.SignatureAlgorithm = tea.String("v2") + config.Endpoint = tea.String("127.0.0.1:9001") + client, _err = NewClient(config) + tea_util.AssertNil(t, _err) + result, _err = client.CallApi(params, request, runtime) + tea_util.AssertNil(t, _err) + + headers, _err = util.AssertAsMap(result["headers"]) + tea_util.AssertNil(t, _err) + regx, _ = regexp.Compile("Action=TestAPI&BearerToken=token&Format=json" + + "&SignatureNonce=.+&SignatureType=BEARERTOKEN&Timestamp=.+&Version=2022-06-01" + + "&key1=value&key2=1&key3=true") + str, _ = util.AssertAsString(headers["raw-query"]) + find = regx.FindAllString(tea.StringValue(str), -1) + tea_util.AssertNotNil(t, find) + // tea_util.AssertEqual(t, "bearer token", headers["authorization"]) + } func TestCallApiForRPCWithV2Sign_Anonymous_JSON(t *testing.T) { @@ -451,6 +510,42 @@ func TestCallApiForROAWithV2Sign_HTTPS_AK_Form(t *testing.T) { headers, _err = util.AssertAsMap(result["headers"]) tea_util.AssertNil(t, _err) tea_util.AssertEqual(t, "extends-value", headers["extends-key"]) + + // bearer token + config = CreateBearerTokenConfig() + config.Protocol = tea.String("HTTP") + config.SignatureAlgorithm = tea.String("v2") + config.Endpoint = tea.String("127.0.0.1:9003") + client, _err = NewClient(config) + tea_util.AssertNil(t, _err) + result, _err = client.CallApi(params, request, runtime) + tea_util.AssertNil(t, _err) + + headers, _err = util.AssertAsMap(result["headers"]) + tea_util.AssertNil(t, _err) + // tea_util.AssertEqual(t, "bearer token", headers["authorization"]) + tea_util.AssertEqual(t, "token", headers["x-acs-bearer-token"]) + tea_util.AssertEqual(t, "BEARERTOKEN", headers["x-acs-signature-type"]) + + params = &Params{ + Action: tea.String("TestAPI"), + Version: tea.String("2022-06-01"), + Protocol: tea.String("HTTPS"), + Pathname: tea.String("/test"), + Method: tea.String("POST"), + AuthType: tea.String("AK"), + Style: tea.String("ROA"), + ReqBodyType: tea.String("json"), + BodyType: tea.String("json"), + } + result, _err = client.CallApi(params, request, runtime) + tea_util.AssertNil(t, _err) + + headers, _err = util.AssertAsMap(result["headers"]) + tea_util.AssertNil(t, _err) + // tea_util.AssertEqual(t, "bearer token", headers["authorization"]) + tea_util.AssertEqual(t, "token", headers["x-acs-bearer-token"]) + tea_util.AssertEqual(t, "BEARERTOKEN", headers["x-acs-signature-type"]) } func TestCallApiForROAWithV2Sign_Anonymous_JSON(t *testing.T) { @@ -594,6 +689,21 @@ func TestCallApiForRPCWithV3Sign_AK_Form(t *testing.T) { headers, _err = util.AssertAsMap(result["headers"]) tea_util.AssertNil(t, _err) tea_util.AssertEqual(t, "test", headers["extends-key"]) + + // bearer token + config = CreateBearerTokenConfig() + config.Protocol = tea.String("HTTP") + config.Endpoint = tea.String("127.0.0.1:9005") + client, _err = NewClient(config) + tea_util.AssertNil(t, _err) + result, _err = client.CallApi(params, request, runtime) + tea_util.AssertNil(t, _err) + + headers, _err = util.AssertAsMap(result["headers"]) + tea_util.AssertNil(t, _err) + // tea_util.AssertEqual(t, "bearer token", headers["authorization"]) + tea_util.AssertEqual(t, "token", headers["x-acs-bearer-token"]) + tea_util.AssertEqual(t, "SignatureType=BEARERTOKEN&key1=value&key2=1&key3=true", headers["raw-query"]) } func TestCallApiForRPCWithV3Sign_Anonymous_JSON(t *testing.T) { @@ -735,6 +845,21 @@ func TestCallApiForROAWithV3Sign_AK_Form(t *testing.T) { headers, _err = util.AssertAsMap(result["headers"]) tea_util.AssertNil(t, _err) tea_util.AssertEqual(t, "extends-value", headers["extends-key"]) + + // bearer token + config = CreateBearerTokenConfig() + config.Protocol = tea.String("HTTP") + config.Endpoint = tea.String("127.0.0.1:9007") + client, _err = NewClient(config) + tea_util.AssertNil(t, _err) + result, _err = client.CallApi(params, request, runtime) + tea_util.AssertNil(t, _err) + + headers, _err = util.AssertAsMap(result["headers"]) + tea_util.AssertNil(t, _err) + // tea_util.AssertEqual(t, "bearer token", headers["authorization"]) + tea_util.AssertEqual(t, "token", headers["x-acs-bearer-token"]) + tea_util.AssertEqual(t, "BEARERTOKEN", headers["x-acs-signature-type"]) } func TestCallApiForROAWithV3Sign_Anonymous_JSON(t *testing.T) { diff --git a/java/pom.xml b/java/pom.xml index a30360b..2c45fce 100644 --- a/java/pom.xml +++ b/java/pom.xml @@ -1,6 +1,7 @@ - + 4.0.0 com.aliyun tea-openapi @@ -42,9 +43,9 @@ - - - + + + @@ -55,7 +56,7 @@ com.aliyun credentials-java - 0.3.0 + 0.3.3 com.aliyun @@ -81,7 +82,7 @@ com.aliyun tea-xml - 0.1.5 + 0.1.6 com.github.tomakehurst diff --git a/java/src/main/java/com/aliyun/teaopenapi/Client.java b/java/src/main/java/com/aliyun/teaopenapi/Client.java index 00f8ffe..5c10f72 100644 --- a/java/src/main/java/com/aliyun/teaopenapi/Client.java +++ b/java/src/main/java/com/aliyun/teaopenapi/Client.java @@ -68,6 +68,12 @@ public Client(com.aliyun.teaopenapi.models.Config config) throws Exception { )); credentialConfig.securityToken = config.securityToken; this._credential = new com.aliyun.credentials.Client(credentialConfig); + } else if (!com.aliyun.teautil.Common.empty(config.bearerToken)) { + com.aliyun.credentials.models.Config cc = com.aliyun.credentials.models.Config.build(TeaConverter.buildMap( + new TeaPair("type", "bearer"), + new TeaPair("bearerToken", config.bearerToken) + )); + this._credential = new com.aliyun.credentials.Client(cc); } else if (!com.aliyun.teautil.Common.isUnset(config.credential)) { this._credential = config.credential; } @@ -221,26 +227,34 @@ public Client(com.aliyun.teaopenapi.models.Config config) throws Exception { } if (!com.aliyun.teautil.Common.equalString(authType, "Anonymous")) { - String accessKeyId = this.getAccessKeyId(); - String accessKeySecret = this.getAccessKeySecret(); - String securityToken = this.getSecurityToken(); - if (!com.aliyun.teautil.Common.empty(securityToken)) { - request_.query.put("SecurityToken", securityToken); - } + String credentialType = this.getType(); + if (com.aliyun.teautil.Common.equalString(credentialType, "bearer")) { + String bearerToken = this.getBearerToken(); + request_.query.put("BearerToken", bearerToken); + request_.query.put("SignatureType", "BEARERTOKEN"); + } else { + String accessKeyId = this.getAccessKeyId(); + String accessKeySecret = this.getAccessKeySecret(); + String securityToken = this.getSecurityToken(); + if (!com.aliyun.teautil.Common.empty(securityToken)) { + request_.query.put("SecurityToken", securityToken); + } - request_.query.put("SignatureMethod", "HMAC-SHA1"); - request_.query.put("SignatureVersion", "1.0"); - request_.query.put("AccessKeyId", accessKeyId); - java.util.Map t = null; - if (!com.aliyun.teautil.Common.isUnset(request.body)) { - t = com.aliyun.teautil.Common.assertAsMap(request.body); + request_.query.put("SignatureMethod", "HMAC-SHA1"); + request_.query.put("SignatureVersion", "1.0"); + request_.query.put("AccessKeyId", accessKeyId); + java.util.Map t = null; + if (!com.aliyun.teautil.Common.isUnset(request.body)) { + t = com.aliyun.teautil.Common.assertAsMap(request.body); + } + + java.util.Map signedParam = TeaConverter.merge(String.class, + request_.query, + com.aliyun.openapiutil.Client.query(t) + ); + request_.query.put("Signature", com.aliyun.openapiutil.Client.getRPCSignature(signedParam, request_.method, accessKeySecret)); } - java.util.Map signedParam = TeaConverter.merge(String.class, - request_.query, - com.aliyun.openapiutil.Client.query(t) - ); - request_.query.put("Signature", com.aliyun.openapiutil.Client.getRPCSignature(signedParam, request_.method, accessKeySecret)); } _lastRequest = request_; @@ -423,16 +437,24 @@ public Client(com.aliyun.teaopenapi.models.Config config) throws Exception { } if (!com.aliyun.teautil.Common.equalString(authType, "Anonymous")) { - String accessKeyId = this.getAccessKeyId(); - String accessKeySecret = this.getAccessKeySecret(); - String securityToken = this.getSecurityToken(); - if (!com.aliyun.teautil.Common.empty(securityToken)) { - request_.headers.put("x-acs-accesskey-id", accessKeyId); - request_.headers.put("x-acs-security-token", securityToken); + String credentialType = this.getType(); + if (com.aliyun.teautil.Common.equalString(credentialType, "bearer")) { + String bearerToken = this.getBearerToken(); + request_.headers.put("x-acs-bearer-token", bearerToken); + request_.headers.put("x-acs-signature-type", "BEARERTOKEN"); + } else { + String accessKeyId = this.getAccessKeyId(); + String accessKeySecret = this.getAccessKeySecret(); + String securityToken = this.getSecurityToken(); + if (!com.aliyun.teautil.Common.empty(securityToken)) { + request_.headers.put("x-acs-accesskey-id", accessKeyId); + request_.headers.put("x-acs-security-token", securityToken); + } + + String stringToSign = com.aliyun.openapiutil.Client.getStringToSign(request_); + request_.headers.put("authorization", "acs " + accessKeyId + ":" + com.aliyun.openapiutil.Client.getROASignature(stringToSign, accessKeySecret) + ""); } - String stringToSign = com.aliyun.openapiutil.Client.getStringToSign(request_); - request_.headers.put("authorization", "acs " + accessKeyId + ":" + com.aliyun.openapiutil.Client.getROASignature(stringToSign, accessKeySecret) + ""); } _lastRequest = request_; @@ -623,16 +645,24 @@ public Client(com.aliyun.teaopenapi.models.Config config) throws Exception { } if (!com.aliyun.teautil.Common.equalString(authType, "Anonymous")) { - String accessKeyId = this.getAccessKeyId(); - String accessKeySecret = this.getAccessKeySecret(); - String securityToken = this.getSecurityToken(); - if (!com.aliyun.teautil.Common.empty(securityToken)) { - request_.headers.put("x-acs-accesskey-id", accessKeyId); - request_.headers.put("x-acs-security-token", securityToken); + String credentialType = this.getType(); + if (com.aliyun.teautil.Common.equalString(credentialType, "bearer")) { + String bearerToken = this.getBearerToken(); + request_.headers.put("x-acs-bearer-token", bearerToken); + request_.headers.put("x-acs-signature-type", "BEARERTOKEN"); + } else { + String accessKeyId = this.getAccessKeyId(); + String accessKeySecret = this.getAccessKeySecret(); + String securityToken = this.getSecurityToken(); + if (!com.aliyun.teautil.Common.empty(securityToken)) { + request_.headers.put("x-acs-accesskey-id", accessKeyId); + request_.headers.put("x-acs-security-token", securityToken); + } + + String stringToSign = com.aliyun.openapiutil.Client.getStringToSign(request_); + request_.headers.put("authorization", "acs " + accessKeyId + ":" + com.aliyun.openapiutil.Client.getROASignature(stringToSign, accessKeySecret) + ""); } - String stringToSign = com.aliyun.openapiutil.Client.getStringToSign(request_); - request_.headers.put("authorization", "acs " + accessKeyId + ":" + com.aliyun.openapiutil.Client.getROASignature(stringToSign, accessKeySecret) + ""); } _lastRequest = request_; @@ -857,6 +887,12 @@ public Client(com.aliyun.teaopenapi.models.Config config) throws Exception { if (com.aliyun.teautil.Common.equalString(authType, "bearer")) { String bearerToken = credentialModel.bearerToken; request_.headers.put("x-acs-bearer-token", bearerToken); + if (com.aliyun.teautil.Common.equalString(params.style, "RPC")) { + request_.query.put("SignatureType", "BEARERTOKEN"); + } else { + request_.headers.put("x-acs-signature-type", "BEARERTOKEN"); + } + } else { String accessKeyId = credentialModel.accessKeyId; String accessKeySecret = credentialModel.accessKeySecret; diff --git a/java/src/main/java/com/aliyun/teaopenapi/models/Config.java b/java/src/main/java/com/aliyun/teaopenapi/models/Config.java index 470dcce..92cf4f1 100644 --- a/java/src/main/java/com/aliyun/teaopenapi/models/Config.java +++ b/java/src/main/java/com/aliyun/teaopenapi/models/Config.java @@ -25,6 +25,12 @@ public class Config extends TeaModel { @NameInMap("securityToken") public String securityToken; + /** + *

bearer token

+ */ + @NameInMap("bearerToken") + public String bearerToken; + /** *

http protocol

*/ @@ -211,6 +217,14 @@ public String getSecurityToken() { return this.securityToken; } + public Config setBearerToken(String bearerToken) { + this.bearerToken = bearerToken; + return this; + } + public String getBearerToken() { + return this.bearerToken; + } + public Config setProtocol(String protocol) { this.protocol = protocol; return this; diff --git a/java/src/test/java/com/aliyun/teaopenapi/ClientTest.java b/java/src/test/java/com/aliyun/teaopenapi/ClientTest.java index 7e5472c..bcf2648 100644 --- a/java/src/test/java/com/aliyun/teaopenapi/ClientTest.java +++ b/java/src/test/java/com/aliyun/teaopenapi/ClientTest.java @@ -69,6 +69,20 @@ public void testConfig() throws Exception { Assert.assertEquals("accessKeySecret", client.getAccessKeySecret()); Assert.assertEquals("securityToken", client.getSecurityToken()); Assert.assertEquals("sts", client.getType()); + + creConfig = com.aliyun.credentials.models.Config.build(TeaConverter.buildMap( + new TeaPair("bearerToken", "token"), + new TeaPair("type", "bearer") + )); + credential = new com.aliyun.credentials.Client(creConfig); + config.credential = credential; + client = new Client(config); + Assert.assertNull(client.getAccessKeyId()); + Assert.assertNull(client.getAccessKeySecret()); + Assert.assertNull(client.getSecurityToken()); + Assert.assertEquals("token", client.getBearerToken()); + Assert.assertEquals("bearer", client.getType()); + config.accessKeyId = "ak"; config.accessKeySecret = "secret"; config.securityToken = "token"; @@ -134,6 +148,18 @@ public static Config createConfig() throws Exception { return config; } + public static Config createBearerTokenConfig() throws Exception { + com.aliyun.credentials.models.Config creConfig = com.aliyun.credentials.models.Config.build(TeaConverter.buildMap( + new TeaPair("bearerToken", "token"), + new TeaPair("type", "bearer") + )); + com.aliyun.credentials.Client credential = new com.aliyun.credentials.Client(creConfig); + Config config = Config.build(TeaConverter.buildMap( + new TeaPair("credential", credential) + )); + return config; + } + public static RuntimeOptions createRuntimeOptions() throws Exception { ExtendsParameters extendsParameters = ExtendsParameters.build(TeaConverter.buildMap( new TeaPair("headers", TeaConverter.buildMap( @@ -230,6 +256,24 @@ public void testCallApiForRPCWithV2Sign_AK_Form() throws Exception { Assert.assertEquals("test", ((Map) result.get("body")).get("ClassId")); Assert.assertEquals(123L, ((Map) result.get("body")).get("UserId")); Assert.assertEquals(200, result.get("statusCode")); + + // bearer token + config = ClientTest.createBearerTokenConfig(); + config.protocol = "HTTP"; + config.signatureAlgorithm = "v2"; + config.endpoint = "localhost:" + wireMock.port(); + client = new Client(config); + stubFor(post(anyUrl()) + .withQueryParam("Action", equalTo("TestAPI")) + .withQueryParam("Version", equalTo("2022-06-01")) + .withQueryParam("Format", equalTo("json")) + .withQueryParam("BearerToken", equalTo("token")) + .withQueryParam("SignatureType", equalTo("BEARERTOKEN")) + // .withHeader("authorization", equalTo("bearer token")) + .willReturn(aResponse().withStatus(200).withBody(responseBody) + .withHeader("x-acs-request-id", "A45EE076-334D-5012-9746-A8F828D20FD4"))); + result = client.callApi(params, request, runtime); + Assert.assertEquals(200, result.get("statusCode")); } @Test @@ -340,6 +384,47 @@ public void testCallApiForROAWithV2Sign_AK_Form() throws Exception { Assert.assertEquals("test", ((Map) result.get("body")).get("ClassId")); Assert.assertEquals(123L, ((Map) result.get("body")).get("UserId")); Assert.assertEquals(200, result.get("statusCode")); + + // bearer token + config = ClientTest.createBearerTokenConfig(); + config.protocol = "HTTP"; + config.signatureAlgorithm = "v2"; + config.endpoint = "localhost:" + wireMock.port(); + client = new Client(config); + stubFor(post(anyUrl()) + .withHeader("x-acs-version", equalTo("2022-06-01")) + .withHeader("x-acs-action", equalTo("TestAPI")) + .withHeader("accept", equalTo("application/json")) + .withHeader("x-acs-bearer-token", equalTo("token")) + .withHeader("x-acs-signature-type", equalTo("BEARERTOKEN")) + // .withHeader("authorization", equalTo("bearer token")) + .willReturn(aResponse().withStatus(200).withBody(responseBody) + .withHeader("x-acs-request-id", "A45EE076-334D-5012-9746-A8F828D20FD4"))); + result = client.callApi(params, request, runtime); + Assert.assertEquals(200, result.get("statusCode")); + + params = Params.build(TeaConverter.buildMap( + new TeaPair("action", "TestAPI"), + new TeaPair("version", "2022-06-01"), + new TeaPair("protocol", "HTTPS"), + new TeaPair("pathname", "/test"), + new TeaPair("method", "POST"), + new TeaPair("authType", "AK"), + new TeaPair("style", "ROA"), + new TeaPair("reqBodyType", "json"), + new TeaPair("bodyType", "json") + )); + stubFor(post(anyUrl()) + .withHeader("x-acs-version", equalTo("2022-06-01")) + .withHeader("x-acs-action", equalTo("TestAPI")) + .withHeader("accept", equalTo("application/json")) + .withHeader("x-acs-bearer-token", equalTo("token")) + .withHeader("x-acs-signature-type", equalTo("BEARERTOKEN")) + // .withHeader("authorization", equalTo("bearer token")) + .willReturn(aResponse().withStatus(200).withBody(responseBody) + .withHeader("x-acs-request-id", "A45EE076-334D-5012-9746-A8F828D20FD4"))); + result = client.callApi(params, request, runtime); + Assert.assertEquals(200, result.get("statusCode")); } @Test @@ -447,6 +532,23 @@ public void testCallApiForRPCWithV3Sign_AK_Form() throws Exception { Assert.assertEquals("test", ((Map) result.get("body")).get("ClassId")); Assert.assertEquals(123L, ((Map) result.get("body")).get("UserId")); Assert.assertEquals(200, result.get("statusCode")); + + // bearer token + config = ClientTest.createBearerTokenConfig(); + config.protocol = "HTTP"; + config.endpoint = "localhost:" + wireMock.port(); + client = new Client(config); + stubFor(post(anyUrl()) + .withHeader("x-acs-version", equalTo("2022-06-01")) + .withHeader("x-acs-action", equalTo("TestAPI")) + .withHeader("accept", equalTo("application/json")) + .withHeader("x-acs-bearer-token", equalTo("token")) + .withQueryParam("SignatureType", equalTo("BEARERTOKEN")) + // .withHeader("authorization", equalTo("bearer token")) + .willReturn(aResponse().withStatus(200).withBody(responseBody) + .withHeader("x-acs-request-id", "A45EE076-334D-5012-9746-A8F828D20FD4"))); + result = client.callApi(params, request, runtime); + Assert.assertEquals(200, result.get("statusCode")); } @Test @@ -552,6 +654,23 @@ public void testCallApiForROAWithV3Sign_AK_Form() throws Exception { Assert.assertEquals("test", ((Map) result.get("body")).get("ClassId")); Assert.assertEquals(123L, ((Map) result.get("body")).get("UserId")); Assert.assertEquals(200, result.get("statusCode")); + + // bearer token + config = ClientTest.createBearerTokenConfig(); + config.protocol = "HTTP"; + config.endpoint = "localhost:" + wireMock.port(); + client = new Client(config); + stubFor(post(anyUrl()) + .withHeader("x-acs-version", equalTo("2022-06-01")) + .withHeader("x-acs-action", equalTo("TestAPI")) + .withHeader("accept", equalTo("application/json")) + .withHeader("x-acs-bearer-token", equalTo("token")) + .withHeader("x-acs-signature-type", equalTo("BEARERTOKEN")) + // .withHeader("authorization", equalTo("bearer token")) + .willReturn(aResponse().withStatus(200).withBody(responseBody) + .withHeader("x-acs-request-id", "A45EE076-334D-5012-9746-A8F828D20FD4"))); + result = client.callApi(params, request, runtime); + Assert.assertEquals(200, result.get("statusCode")); } @Test diff --git a/main.tea b/main.tea index 3e06d84..5998a46 100644 --- a/main.tea +++ b/main.tea @@ -214,8 +214,6 @@ api doRPCRequest(action: string, version: string, protocol: string, method: stri }; } - - if (!Util.isUnset(request.body)) { var m = Util.assertAsMap(request.body); var tmp = Util.anyifyMapValue(OpenApiUtil.query(m)); @@ -223,27 +221,32 @@ api doRPCRequest(action: string, version: string, protocol: string, method: stri __request.headers.content-type = 'application/x-www-form-urlencoded'; } - if (!Util.equalString(authType, 'Anonymous')) { - var accessKeyId = getAccessKeyId(); - var accessKeySecret = getAccessKeySecret(); - var securityToken = getSecurityToken(); - - if (!Util.empty(securityToken)) { - __request.query.SecurityToken = securityToken; - } - __request.query.SignatureMethod = 'HMAC-SHA1'; - __request.query.SignatureVersion = '1.0'; - __request.query.AccessKeyId = accessKeyId; - var t : map[string]any = null; - if (!Util.isUnset(request.body)) { - t = Util.assertAsMap(request.body); + var credentialType = getType(); + if (Util.equalString(credentialType, 'bearer')) { + var bearerToken = getBearerToken(); + __request.query.BearerToken = bearerToken; + __request.query.SignatureType = 'BEARERTOKEN'; + } else { + var accessKeyId = getAccessKeyId(); + var accessKeySecret = getAccessKeySecret(); + var securityToken = getSecurityToken(); + if (!Util.empty(securityToken)) { + __request.query.SecurityToken = securityToken; + } + __request.query.SignatureMethod = 'HMAC-SHA1'; + __request.query.SignatureVersion = '1.0'; + __request.query.AccessKeyId = accessKeyId; + var t : map[string]any = null; + if (!Util.isUnset(request.body)) { + t = Util.assertAsMap(request.body); + } + var signedParam = { + ...__request.query, + ...OpenApiUtil.query(t) + }; + __request.query.Signature = OpenApiUtil.getRPCSignature(signedParam, __request.method, accessKeySecret); } - var signedParam = { - ...__request.query, - ...OpenApiUtil.query(t) - }; - __request.query.Signature = OpenApiUtil.getRPCSignature(signedParam, __request.method, accessKeySecret); } } returns { if (Util.is4xx(__response.statusCode) || Util.is5xx(__response.statusCode)) { @@ -389,16 +392,23 @@ api doROARequest(action: string, version: string, protocol: string, method: stri } if (!Util.equalString(authType, 'Anonymous')) { - var accessKeyId = getAccessKeyId(); - var accessKeySecret = getAccessKeySecret(); - var securityToken = getSecurityToken(); - if (!Util.empty(securityToken)) { - __request.headers.x-acs-accesskey-id = accessKeyId; - __request.headers.x-acs-security-token = securityToken; - } + var credentialType = getType(); + if (Util.equalString(credentialType, 'bearer')) { + var bearerToken = getBearerToken(); + __request.headers.x-acs-bearer-token = bearerToken; + __request.headers.x-acs-signature-type = 'BEARERTOKEN'; + } else { + var accessKeyId = getAccessKeyId(); + var accessKeySecret = getAccessKeySecret(); + var securityToken = getSecurityToken(); + if (!Util.empty(securityToken)) { + __request.headers.x-acs-accesskey-id = accessKeyId; + __request.headers.x-acs-security-token = securityToken; + } - var stringToSign = OpenApiUtil.getStringToSign(__request); - __request.headers.authorization = `acs ${accessKeyId}:${OpenApiUtil.getROASignature(stringToSign, accessKeySecret)}`; + var stringToSign = OpenApiUtil.getStringToSign(__request); + __request.headers.authorization = `acs ${accessKeyId}:${OpenApiUtil.getROASignature(stringToSign, accessKeySecret)}`; + } } } returns { if (Util.equalNumber(__response.statusCode, 204)) { @@ -553,16 +563,23 @@ api doROARequestWithForm(action: string, version: string, protocol: string, meth } if (!Util.equalString(authType, 'Anonymous')) { - var accessKeyId = getAccessKeyId(); - var accessKeySecret = getAccessKeySecret(); - var securityToken = getSecurityToken(); - if (!Util.empty(securityToken)) { - __request.headers.x-acs-accesskey-id = accessKeyId; - __request.headers.x-acs-security-token = securityToken; - } + var credentialType = getType(); + if (Util.equalString(credentialType, 'bearer')) { + var bearerToken = getBearerToken(); + __request.headers.x-acs-bearer-token = bearerToken; + __request.headers.x-acs-signature-type = 'BEARERTOKEN'; + } else { + var accessKeyId = getAccessKeyId(); + var accessKeySecret = getAccessKeySecret(); + var securityToken = getSecurityToken(); + if (!Util.empty(securityToken)) { + __request.headers.x-acs-accesskey-id = accessKeyId; + __request.headers.x-acs-security-token = securityToken; + } - var stringToSign = OpenApiUtil.getStringToSign(__request); - __request.headers.authorization = `acs ${accessKeyId}:${OpenApiUtil.getROASignature(stringToSign, accessKeySecret)}`; + var stringToSign = OpenApiUtil.getStringToSign(__request); + __request.headers.authorization = `acs ${accessKeyId}:${OpenApiUtil.getROASignature(stringToSign, accessKeySecret)}`; + } } } returns { if (Util.equalNumber(__response.statusCode, 204)) { @@ -777,6 +794,12 @@ api doRequest(params: Params, request: OpenApiRequest, runtime: Util.RuntimeOpti if (Util.equalString(authType, 'bearer')) { var bearerToken = credentialModel.bearerToken; __request.headers.x-acs-bearer-token = bearerToken; + if (Util.equalString(params.style, 'RPC')) { + __request.query.SignatureType = 'BEARERTOKEN'; + } else { + __request.headers.x-acs-signature-type = 'BEARERTOKEN'; + } + } else { var accessKeyId = credentialModel.accessKeyId; var accessKeySecret = credentialModel.accessKeySecret; diff --git a/php/src/Models/Config.php b/php/src/Models/Config.php index eea7836..6e8e187 100644 --- a/php/src/Models/Config.php +++ b/php/src/Models/Config.php @@ -17,6 +17,7 @@ class Config extends Model 'accessKeyId' => '', 'accessKeySecret' => '', 'securityToken' => '', + 'bearerToken' => '', 'protocol' => 'http', 'method' => '', 'regionId' => '', @@ -57,6 +58,9 @@ public function toMap() if (null !== $this->securityToken) { $res['securityToken'] = $this->securityToken; } + if (null !== $this->bearerToken) { + $res['bearerToken'] = $this->bearerToken; + } if (null !== $this->protocol) { $res['protocol'] = $this->protocol; } @@ -153,6 +157,9 @@ public static function fromMap($map = []) if (isset($map['securityToken'])) { $model->securityToken = $map['securityToken']; } + if (isset($map['bearerToken'])) { + $model->bearerToken = $map['bearerToken']; + } if (isset($map['protocol'])) { $model->protocol = $map['protocol']; } @@ -252,6 +259,13 @@ public static function fromMap($map = []) */ public $securityToken; + /** + * @description bearer token + * @example the-bearer-token + * @var string + */ + public $bearerToken; + /** * @description http protocol * @example http @@ -432,4 +446,5 @@ public static function fromMap($map = []) * @var bool */ public $disableHttp2; + } diff --git a/php/src/Models/GlobalParameters.php b/php/src/Models/GlobalParameters.php index 37505de..b09df09 100644 --- a/php/src/Models/GlobalParameters.php +++ b/php/src/Models/GlobalParameters.php @@ -39,4 +39,5 @@ public static function fromMap($map = []) public $headers; public $queries; + } diff --git a/php/src/Models/OpenApiRequest.php b/php/src/Models/OpenApiRequest.php index 2796eca..d8a4a30 100644 --- a/php/src/Models/OpenApiRequest.php +++ b/php/src/Models/OpenApiRequest.php @@ -71,4 +71,5 @@ public static function fromMap($map = []) public $hostMap; public $endpointOverride; + } diff --git a/php/src/Models/Params.php b/php/src/Models/Params.php index 3838659..77687ac 100644 --- a/php/src/Models/Params.php +++ b/php/src/Models/Params.php @@ -127,4 +127,5 @@ public static function fromMap($map = []) public $reqBodyType; public $style; + } diff --git a/php/src/OpenApiClient.php b/php/src/OpenApiClient.php index 7532d3c..c332ed8 100644 --- a/php/src/OpenApiClient.php +++ b/php/src/OpenApiClient.php @@ -113,6 +113,12 @@ public function __construct($config) ]); $credentialConfig->securityToken = $config->securityToken; $this->_credential = new Credential($credentialConfig); + } else if (!Utils::empty_($config->bearerToken)) { + $cc = new Config([ + "type" => "bearer", + "bearerToken" => $config->bearerToken + ]); + $this->_credential = new Credential($cc); } else if (!Utils::isUnset($config->credential)) { $this->_credential = $config->credential; } @@ -249,21 +255,28 @@ public function doRPCRequest($action, $version, $protocol, $method, $authType, $ $_request->headers["content-type"] = "application/x-www-form-urlencoded"; } if (!Utils::equalString($authType, "Anonymous")) { - $accessKeyId = $this->getAccessKeyId(); - $accessKeySecret = $this->getAccessKeySecret(); - $securityToken = $this->getSecurityToken(); - if (!Utils::empty_($securityToken)) { - $_request->query["SecurityToken"] = $securityToken; - } - $_request->query["SignatureMethod"] = "HMAC-SHA1"; - $_request->query["SignatureVersion"] = "1.0"; - $_request->query["AccessKeyId"] = $accessKeyId; - $t = null; - if (!Utils::isUnset($request->body)) { - $t = Utils::assertAsMap($request->body); + $credentialType = $this->getType(); + if (Utils::equalString($credentialType, "bearer")) { + $bearerToken = $this->getBearerToken(); + $_request->query["BearerToken"] = $bearerToken; + $_request->query["SignatureType"] = "BEARERTOKEN"; + } else { + $accessKeyId = $this->getAccessKeyId(); + $accessKeySecret = $this->getAccessKeySecret(); + $securityToken = $this->getSecurityToken(); + if (!Utils::empty_($securityToken)) { + $_request->query["SecurityToken"] = $securityToken; + } + $_request->query["SignatureMethod"] = "HMAC-SHA1"; + $_request->query["SignatureVersion"] = "1.0"; + $_request->query["AccessKeyId"] = $accessKeyId; + $t = null; + if (!Utils::isUnset($request->body)) { + $t = Utils::assertAsMap($request->body); + } + $signedParam = Tea::merge($_request->query, OpenApiUtilClient::query($t)); + $_request->query["Signature"] = OpenApiUtilClient::getRPCSignature($signedParam, $_request->method, $accessKeySecret); } - $signedParam = Tea::merge($_request->query, OpenApiUtilClient::query($t)); - $_request->query["Signature"] = OpenApiUtilClient::getRPCSignature($signedParam, $_request->method, $accessKeySecret); } $_lastRequest = $_request; $_response = Tea::send($_request, $_runtime); @@ -434,15 +447,22 @@ public function doROARequest($action, $version, $protocol, $method, $authType, $ $_request->query = Tea::merge($_request->query, $request->query); } if (!Utils::equalString($authType, "Anonymous")) { - $accessKeyId = $this->getAccessKeyId(); - $accessKeySecret = $this->getAccessKeySecret(); - $securityToken = $this->getSecurityToken(); - if (!Utils::empty_($securityToken)) { - $_request->headers["x-acs-accesskey-id"] = $accessKeyId; - $_request->headers["x-acs-security-token"] = $securityToken; + $credentialType = $this->getType(); + if (Utils::equalString($credentialType, "bearer")) { + $bearerToken = $this->getBearerToken(); + $_request->headers["x-acs-bearer-token"] = $bearerToken; + $_request->headers["x-acs-signature-type"] = "BEARERTOKEN"; + } else { + $accessKeyId = $this->getAccessKeyId(); + $accessKeySecret = $this->getAccessKeySecret(); + $securityToken = $this->getSecurityToken(); + if (!Utils::empty_($securityToken)) { + $_request->headers["x-acs-accesskey-id"] = $accessKeyId; + $_request->headers["x-acs-security-token"] = $securityToken; + } + $stringToSign = OpenApiUtilClient::getStringToSign($_request); + $_request->headers["authorization"] = "acs " . $accessKeyId . ":" . OpenApiUtilClient::getROASignature($stringToSign, $accessKeySecret) . ""; } - $stringToSign = OpenApiUtilClient::getStringToSign($_request); - $_request->headers["authorization"] = "acs " . $accessKeyId . ":" . OpenApiUtilClient::getROASignature($stringToSign, $accessKeySecret) . ""; } $_lastRequest = $_request; $_response = Tea::send($_request, $_runtime); @@ -620,15 +640,22 @@ public function doROARequestWithForm($action, $version, $protocol, $method, $aut $_request->query = Tea::merge($_request->query, $request->query); } if (!Utils::equalString($authType, "Anonymous")) { - $accessKeyId = $this->getAccessKeyId(); - $accessKeySecret = $this->getAccessKeySecret(); - $securityToken = $this->getSecurityToken(); - if (!Utils::empty_($securityToken)) { - $_request->headers["x-acs-accesskey-id"] = $accessKeyId; - $_request->headers["x-acs-security-token"] = $securityToken; + $credentialType = $this->getType(); + if (Utils::equalString($credentialType, "bearer")) { + $bearerToken = $this->getBearerToken(); + $_request->headers["x-acs-bearer-token"] = $bearerToken; + $_request->headers["x-acs-signature-type"] = "BEARERTOKEN"; + } else { + $accessKeyId = $this->getAccessKeyId(); + $accessKeySecret = $this->getAccessKeySecret(); + $securityToken = $this->getSecurityToken(); + if (!Utils::empty_($securityToken)) { + $_request->headers["x-acs-accesskey-id"] = $accessKeyId; + $_request->headers["x-acs-security-token"] = $securityToken; + } + $stringToSign = OpenApiUtilClient::getStringToSign($_request); + $_request->headers["authorization"] = "acs " . $accessKeyId . ":" . OpenApiUtilClient::getROASignature($stringToSign, $accessKeySecret) . ""; } - $stringToSign = OpenApiUtilClient::getStringToSign($_request); - $_request->headers["authorization"] = "acs " . $accessKeyId . ":" . OpenApiUtilClient::getROASignature($stringToSign, $accessKeySecret) . ""; } $_lastRequest = $_request; $_response = Tea::send($_request, $_runtime); @@ -828,6 +855,11 @@ public function doRequest($params, $request, $runtime) if (Utils::equalString($authType, "bearer")) { $bearerToken = $this->getBearerToken(); $_request->headers["x-acs-bearer-token"] = $bearerToken; + if (Utils::equalString($params->style, "RPC")) { + $_request->query["SignatureType"] = "BEARERTOKEN"; + } else { + $_request->headers["x-acs-signature-type"] = "BEARERTOKEN"; + } } else { $accessKeyId = $this->getAccessKeyId(); $accessKeySecret = $this->getAccessKeySecret(); diff --git a/python/alibabacloud_tea_openapi/client.py b/python/alibabacloud_tea_openapi/client.py index e4b6b35..7cc9008 100644 --- a/python/alibabacloud_tea_openapi/client.py +++ b/python/alibabacloud_tea_openapi/client.py @@ -78,6 +78,12 @@ def __init__( ) credential_config.security_token = config.security_token self._credential = CredentialClient(credential_config) + elif not UtilClient.empty(config.bearer_token): + cc = credential_models.Config( + type='bearer', + bearer_token=config.bearer_token + ) + self._credential = CredentialClient(cc) elif not UtilClient.is_unset(config.credential): self._credential = config.credential self._endpoint = config.endpoint @@ -213,20 +219,26 @@ def do_rpcrequest( _request.body = UtilClient.to_form_string(tmp) _request.headers['content-type'] = 'application/x-www-form-urlencoded' if not UtilClient.equal_string(auth_type, 'Anonymous'): - access_key_id = self.get_access_key_id() - access_key_secret = self.get_access_key_secret() - security_token = self.get_security_token() - if not UtilClient.empty(security_token): - _request.query['SecurityToken'] = security_token - _request.query['SignatureMethod'] = 'HMAC-SHA1' - _request.query['SignatureVersion'] = '1.0' - _request.query['AccessKeyId'] = access_key_id - t = None - if not UtilClient.is_unset(request.body): - t = UtilClient.assert_as_map(request.body) - signed_param = TeaCore.merge(_request.query, - OpenApiUtilClient.query(t)) - _request.query['Signature'] = OpenApiUtilClient.get_rpcsignature(signed_param, _request.method, access_key_secret) + credential_type = self.get_type() + if UtilClient.equal_string(credential_type, 'bearer'): + bearer_token = self.get_bearer_token() + _request.query['BearerToken'] = bearer_token + _request.query['SignatureType'] = 'BEARERTOKEN' + else: + access_key_id = self.get_access_key_id() + access_key_secret = self.get_access_key_secret() + security_token = self.get_security_token() + if not UtilClient.empty(security_token): + _request.query['SecurityToken'] = security_token + _request.query['SignatureMethod'] = 'HMAC-SHA1' + _request.query['SignatureVersion'] = '1.0' + _request.query['AccessKeyId'] = access_key_id + t = None + if not UtilClient.is_unset(request.body): + t = UtilClient.assert_as_map(request.body) + signed_param = TeaCore.merge(_request.query, + OpenApiUtilClient.query(t)) + _request.query['Signature'] = OpenApiUtilClient.get_rpcsignature(signed_param, _request.method, access_key_secret) _last_request = _request _response = TeaCore.do_action(_request, _runtime) if UtilClient.is_4xx(_response.status_code) or UtilClient.is_5xx(_response.status_code): @@ -398,20 +410,26 @@ async def do_rpcrequest_async( _request.body = UtilClient.to_form_string(tmp) _request.headers['content-type'] = 'application/x-www-form-urlencoded' if not UtilClient.equal_string(auth_type, 'Anonymous'): - access_key_id = await self.get_access_key_id_async() - access_key_secret = await self.get_access_key_secret_async() - security_token = await self.get_security_token_async() - if not UtilClient.empty(security_token): - _request.query['SecurityToken'] = security_token - _request.query['SignatureMethod'] = 'HMAC-SHA1' - _request.query['SignatureVersion'] = '1.0' - _request.query['AccessKeyId'] = access_key_id - t = None - if not UtilClient.is_unset(request.body): - t = UtilClient.assert_as_map(request.body) - signed_param = TeaCore.merge(_request.query, - OpenApiUtilClient.query(t)) - _request.query['Signature'] = OpenApiUtilClient.get_rpcsignature(signed_param, _request.method, access_key_secret) + credential_type = await self.get_type_async() + if UtilClient.equal_string(credential_type, 'bearer'): + bearer_token = await self.get_bearer_token_async() + _request.query['BearerToken'] = bearer_token + _request.query['SignatureType'] = 'BEARERTOKEN' + else: + access_key_id = await self.get_access_key_id_async() + access_key_secret = await self.get_access_key_secret_async() + security_token = await self.get_security_token_async() + if not UtilClient.empty(security_token): + _request.query['SecurityToken'] = security_token + _request.query['SignatureMethod'] = 'HMAC-SHA1' + _request.query['SignatureVersion'] = '1.0' + _request.query['AccessKeyId'] = access_key_id + t = None + if not UtilClient.is_unset(request.body): + t = UtilClient.assert_as_map(request.body) + signed_param = TeaCore.merge(_request.query, + OpenApiUtilClient.query(t)) + _request.query['Signature'] = OpenApiUtilClient.get_rpcsignature(signed_param, _request.method, access_key_secret) _last_request = _request _response = await TeaCore.async_do_action(_request, _runtime) if UtilClient.is_4xx(_response.status_code) or UtilClient.is_5xx(_response.status_code): @@ -573,14 +591,20 @@ def do_roarequest( _request.query = TeaCore.merge(_request.query, request.query) if not UtilClient.equal_string(auth_type, 'Anonymous'): - access_key_id = self.get_access_key_id() - access_key_secret = self.get_access_key_secret() - security_token = self.get_security_token() - if not UtilClient.empty(security_token): - _request.headers['x-acs-accesskey-id'] = access_key_id - _request.headers['x-acs-security-token'] = security_token - string_to_sign = OpenApiUtilClient.get_string_to_sign(_request) - _request.headers['authorization'] = f'acs {access_key_id}:{OpenApiUtilClient.get_roasignature(string_to_sign, access_key_secret)}' + credential_type = self.get_type() + if UtilClient.equal_string(credential_type, 'bearer'): + bearer_token = self.get_bearer_token() + _request.headers['x-acs-bearer-token'] = bearer_token + _request.headers['x-acs-signature-type'] = 'BEARERTOKEN' + else: + access_key_id = self.get_access_key_id() + access_key_secret = self.get_access_key_secret() + security_token = self.get_security_token() + if not UtilClient.empty(security_token): + _request.headers['x-acs-accesskey-id'] = access_key_id + _request.headers['x-acs-security-token'] = security_token + string_to_sign = OpenApiUtilClient.get_string_to_sign(_request) + _request.headers['authorization'] = f'acs {access_key_id}:{OpenApiUtilClient.get_roasignature(string_to_sign, access_key_secret)}' _last_request = _request _response = TeaCore.do_action(_request, _runtime) if UtilClient.equal_number(_response.status_code, 204): @@ -747,14 +771,20 @@ async def do_roarequest_async( _request.query = TeaCore.merge(_request.query, request.query) if not UtilClient.equal_string(auth_type, 'Anonymous'): - access_key_id = await self.get_access_key_id_async() - access_key_secret = await self.get_access_key_secret_async() - security_token = await self.get_security_token_async() - if not UtilClient.empty(security_token): - _request.headers['x-acs-accesskey-id'] = access_key_id - _request.headers['x-acs-security-token'] = security_token - string_to_sign = OpenApiUtilClient.get_string_to_sign(_request) - _request.headers['authorization'] = f'acs {access_key_id}:{OpenApiUtilClient.get_roasignature(string_to_sign, access_key_secret)}' + credential_type = await self.get_type_async() + if UtilClient.equal_string(credential_type, 'bearer'): + bearer_token = await self.get_bearer_token_async() + _request.headers['x-acs-bearer-token'] = bearer_token + _request.headers['x-acs-signature-type'] = 'BEARERTOKEN' + else: + access_key_id = await self.get_access_key_id_async() + access_key_secret = await self.get_access_key_secret_async() + security_token = await self.get_security_token_async() + if not UtilClient.empty(security_token): + _request.headers['x-acs-accesskey-id'] = access_key_id + _request.headers['x-acs-security-token'] = security_token + string_to_sign = OpenApiUtilClient.get_string_to_sign(_request) + _request.headers['authorization'] = f'acs {access_key_id}:{OpenApiUtilClient.get_roasignature(string_to_sign, access_key_secret)}' _last_request = _request _response = await TeaCore.async_do_action(_request, _runtime) if UtilClient.equal_number(_response.status_code, 204): @@ -922,14 +952,20 @@ def do_roarequest_with_form( _request.query = TeaCore.merge(_request.query, request.query) if not UtilClient.equal_string(auth_type, 'Anonymous'): - access_key_id = self.get_access_key_id() - access_key_secret = self.get_access_key_secret() - security_token = self.get_security_token() - if not UtilClient.empty(security_token): - _request.headers['x-acs-accesskey-id'] = access_key_id - _request.headers['x-acs-security-token'] = security_token - string_to_sign = OpenApiUtilClient.get_string_to_sign(_request) - _request.headers['authorization'] = f'acs {access_key_id}:{OpenApiUtilClient.get_roasignature(string_to_sign, access_key_secret)}' + credential_type = self.get_type() + if UtilClient.equal_string(credential_type, 'bearer'): + bearer_token = self.get_bearer_token() + _request.headers['x-acs-bearer-token'] = bearer_token + _request.headers['x-acs-signature-type'] = 'BEARERTOKEN' + else: + access_key_id = self.get_access_key_id() + access_key_secret = self.get_access_key_secret() + security_token = self.get_security_token() + if not UtilClient.empty(security_token): + _request.headers['x-acs-accesskey-id'] = access_key_id + _request.headers['x-acs-security-token'] = security_token + string_to_sign = OpenApiUtilClient.get_string_to_sign(_request) + _request.headers['authorization'] = f'acs {access_key_id}:{OpenApiUtilClient.get_roasignature(string_to_sign, access_key_secret)}' _last_request = _request _response = TeaCore.do_action(_request, _runtime) if UtilClient.equal_number(_response.status_code, 204): @@ -1095,14 +1131,20 @@ async def do_roarequest_with_form_async( _request.query = TeaCore.merge(_request.query, request.query) if not UtilClient.equal_string(auth_type, 'Anonymous'): - access_key_id = await self.get_access_key_id_async() - access_key_secret = await self.get_access_key_secret_async() - security_token = await self.get_security_token_async() - if not UtilClient.empty(security_token): - _request.headers['x-acs-accesskey-id'] = access_key_id - _request.headers['x-acs-security-token'] = security_token - string_to_sign = OpenApiUtilClient.get_string_to_sign(_request) - _request.headers['authorization'] = f'acs {access_key_id}:{OpenApiUtilClient.get_roasignature(string_to_sign, access_key_secret)}' + credential_type = await self.get_type_async() + if UtilClient.equal_string(credential_type, 'bearer'): + bearer_token = await self.get_bearer_token_async() + _request.headers['x-acs-bearer-token'] = bearer_token + _request.headers['x-acs-signature-type'] = 'BEARERTOKEN' + else: + access_key_id = await self.get_access_key_id_async() + access_key_secret = await self.get_access_key_secret_async() + security_token = await self.get_security_token_async() + if not UtilClient.empty(security_token): + _request.headers['x-acs-accesskey-id'] = access_key_id + _request.headers['x-acs-security-token'] = security_token + string_to_sign = OpenApiUtilClient.get_string_to_sign(_request) + _request.headers['authorization'] = f'acs {access_key_id}:{OpenApiUtilClient.get_roasignature(string_to_sign, access_key_secret)}' _last_request = _request _response = await TeaCore.async_do_action(_request, _runtime) if UtilClient.equal_number(_response.status_code, 204): @@ -1289,6 +1331,10 @@ def do_request( if UtilClient.equal_string(auth_type, 'bearer'): bearer_token = self.get_bearer_token() _request.headers['x-acs-bearer-token'] = bearer_token + if UtilClient.equal_string(params.style, 'RPC'): + _request.query['SignatureType'] = 'BEARERTOKEN' + else: + _request.headers['x-acs-signature-type'] = 'BEARERTOKEN' else: access_key_id = self.get_access_key_id() access_key_secret = self.get_access_key_secret() @@ -1487,6 +1533,10 @@ async def do_request_async( if UtilClient.equal_string(auth_type, 'bearer'): bearer_token = await self.get_bearer_token_async() _request.headers['x-acs-bearer-token'] = bearer_token + if UtilClient.equal_string(params.style, 'RPC'): + _request.query['SignatureType'] = 'BEARERTOKEN' + else: + _request.headers['x-acs-signature-type'] = 'BEARERTOKEN' else: access_key_id = await self.get_access_key_id_async() access_key_secret = await self.get_access_key_secret_async() diff --git a/python/alibabacloud_tea_openapi/models.py b/python/alibabacloud_tea_openapi/models.py index 58760c2..d921b53 100644 --- a/python/alibabacloud_tea_openapi/models.py +++ b/python/alibabacloud_tea_openapi/models.py @@ -48,6 +48,7 @@ def __init__( access_key_id: str = None, access_key_secret: str = None, security_token: str = None, + bearer_token: str = None, protocol: str = None, method: str = None, region_id: str = None, @@ -81,6 +82,8 @@ def __init__( self.access_key_secret = access_key_secret # security token self.security_token = security_token + # bearer token + self.bearer_token = bearer_token # http protocol self.protocol = protocol # http method @@ -150,6 +153,8 @@ def to_map(self): result['accessKeySecret'] = self.access_key_secret if self.security_token is not None: result['securityToken'] = self.security_token + if self.bearer_token is not None: + result['bearerToken'] = self.bearer_token if self.protocol is not None: result['protocol'] = self.protocol if self.method is not None: @@ -212,6 +217,8 @@ def from_map(self, m: dict = None): self.access_key_secret = m.get('accessKeySecret') if m.get('securityToken') is not None: self.security_token = m.get('securityToken') + if m.get('bearerToken') is not None: + self.bearer_token = m.get('bearerToken') if m.get('protocol') is not None: self.protocol = m.get('protocol') if m.get('method') is not None: diff --git a/python/setup.py b/python/setup.py index fc92179..4acbbbd 100644 --- a/python/setup.py +++ b/python/setup.py @@ -24,7 +24,7 @@ """ setup module for alibabacloud_tea_openapi. -Created on 13/05/2024 +Created on 21/06/2024 @author: Alibaba Cloud SDK """ diff --git a/python/tests/test_client.py b/python/tests/test_client.py index 14293e4..4c51d7c 100644 --- a/python/tests/test_client.py +++ b/python/tests/test_client.py @@ -63,6 +63,20 @@ def test_config(self): self.assertEqual('accessKeySecret', client.get_access_key_secret()) self.assertEqual('securityToken', client.get_security_token()) self.assertEqual('sts', client.get_type()) + + cre_config = credential_models.Config( + bearer_token='token', + type='bearer' + ) + credential = CredentialClient(cre_config) + config.credential = credential + client = OpenApiClient(config) + self.assertIsNone(client.get_access_key_id()) + self.assertIsNone(client.get_access_key_secret()) + self.assertIsNone(client.get_security_token()) + self.assertEqual('token', client.get_bearer_token()) + self.assertEqual('bearer', client.get_type()) + config.access_key_id = 'ak' config.access_key_secret = 'secret' config.security_token = 'token' @@ -123,6 +137,17 @@ def create_config(self) -> open_api_models.Config: global_parameters=global_parameters ) return config + + def create_bearer_token_config(self) -> open_api_models.Config: + cre_config = credential_models.Config( + bearer_token='token', + type='bearer' + ) + credential = CredentialClient(cre_config) + config = open_api_models.Config( + credential=credential + ) + return config def create_runtime_options(self) -> util_models.RuntimeOptions: extends_parameters = util_models.ExtendsParameters( @@ -224,6 +249,34 @@ def request_callback(request: HTTPrettyRequest, uri: str, headers: dict): self.assertEqual(123, result.get('body').get('UserId')) self.assertEqual(200, result.get('statusCode')) + # bearer token + config = self.create_bearer_token_config() + config.protocol = 'HTTP' + config.signature_algorithm = 'v2' + config.endpoint = 'test1.aliyuncs.com' + client = OpenApiClient(config) + def bearer_request_callback(request: HTTPrettyRequest, uri: str, headers: dict): + assert 'TestAPI' == request.querystring['Action'][0] + assert '2022-06-01' == request.querystring['Version'][0] + assert 'json' == request.querystring['Format'][0] + assert None is not request.querystring['Timestamp'][0] + assert None is not request.querystring['SignatureNonce'][0] + assert 'token' == request.querystring['BearerToken'][0] + assert 'BEARERTOKEN' == request.querystring['SignatureType'][0] + # assert 'bearer token' == request.headers.get('authorization') + content_type = request.headers.get('content-type') + assert request.body.decode('utf-8') == requestBody, 'unexpected body: {}'.format(request.body) + assert content_type == 'application/x-www-form-urlencoded', 'expected application/x-www-form-urlencoded but received Content-Type: {}'.format( + content_type) + headers['x-acs-request-id'] = 'A45EE076-334D-5012-9746-A8F828D20FD4' + return [200, headers, responseBody] + httpretty.register_uri( + httpretty.POST, "http://test1.aliyuncs.com", + body=bearer_request_callback) + result = client.call_api(params, request, runtime) + self.assertEqual('A45EE076-334D-5012-9746-A8F828D20FD4', result.get("headers").get("x-acs-request-id")) + self.assertEqual(200, result.get('statusCode')) + @httpretty.activate(allow_net_connect=False) def test_call_api_for_rpcwith_v2sign_anonymous_json(self): requestBody = 'key1=value&key2=1&key3=True' @@ -342,6 +395,66 @@ def request_callback(request: HTTPrettyRequest, uri: str, headers: dict): self.assertEqual(123, result.get('body').get('UserId')) self.assertEqual(200, result.get('statusCode')) + # bearer token + config = self.create_bearer_token_config() + config.protocol = 'HTTP' + config.signature_algorithm = 'v2' + config.endpoint = 'test1.aliyuncs.com' + client = OpenApiClient(config) + def bearer_request_callback(request: HTTPrettyRequest, uri: str, headers: dict): + assert '2022-06-01' == request.headers.get('x-acs-version') + assert 'TestAPI' == request.headers.get('x-acs-action') + assert 'application/json' == request.headers.get('accept') + assert 'token' == request.headers.get('x-acs-bearer-token') + assert 'BEARERTOKEN' == request.headers.get('x-acs-signature-type') + # assert 'bearer token' == request.headers.get('authorization') + content_type = request.headers.get('content-type') + assert request.body.decode('utf-8') == requestBody, 'unexpected body: {}'.format(request.body) + assert content_type == 'application/x-www-form-urlencoded', 'expected application/x-www-form-urlencoded but received Content-Type: {}'.format( + content_type) + headers['x-acs-request-id'] = 'A45EE076-334D-5012-9746-A8F828D20FD4' + return [200, headers, responseBody] + httpretty.register_uri( + httpretty.POST, "http://test1.aliyuncs.com/test", + body=bearer_request_callback) + result = client.call_api(params, request, runtime) + self.assertEqual('A45EE076-334D-5012-9746-A8F828D20FD4', result.get("headers").get("x-acs-request-id")) + self.assertEqual(200, result.get('statusCode')) + + requestBody = '{"key1":"value","key2":1,"key3":true}' + config.endpoint = 'test2.aliyuncs.com' + client = OpenApiClient(config) + params = open_api_models.Params( + action='TestAPI', + version='2022-06-01', + protocol='HTTPS', + pathname='/test', + method='POST', + auth_type='AK', + style='ROA', + req_body_type='json', + body_type='json' + ) + def bearer_json_request_callback(request: HTTPrettyRequest, uri: str, headers: dict): + assert '2022-06-01' == request.headers.get('x-acs-version') + assert 'TestAPI' == request.headers.get('x-acs-action') + assert 'application/json' == request.headers.get('accept') + assert 'token' == request.headers.get('x-acs-bearer-token') + assert 'BEARERTOKEN' == request.headers.get('x-acs-signature-type') + # assert 'bearer token' == request.headers.get('authorization') + content_type = request.headers.get('content-type') + assert request.body.decode('utf-8') == requestBody, 'unexpected body: {}'.format(request.body) + assert content_type == 'application/json; charset=utf-8', 'expected application/json but received Content-Type: {}'.format( + content_type) + headers['x-acs-request-id'] = 'A45EE076-334D-5012-9746-A8F828D20FD4' + return [200, headers, responseBody] + httpretty.register_uri( + httpretty.POST, "http://test2.aliyuncs.com/test", + body=bearer_json_request_callback) + result = client.call_api(params, request, runtime) + self.assertEqual('A45EE076-334D-5012-9746-A8F828D20FD4', result.get("headers").get("x-acs-request-id")) + self.assertEqual(200, result.get('statusCode')) + @httpretty.activate(allow_net_connect=False) def test_call_api_for_roawith_v2sign_anonymous_json(self): requestBody = '{"key1":"value","key2":1,"key3":true}' @@ -461,6 +574,31 @@ def request_callback(request: HTTPrettyRequest, uri: str, headers: dict): self.assertEqual(123, result.get('body').get('UserId')) self.assertEqual(200, result.get('statusCode')) + # bearer token + config = self.create_bearer_token_config() + config.protocol = 'HTTP' + config.endpoint = 'test1.aliyuncs.com' + client = OpenApiClient(config) + def bearer_request_callback(request: HTTPrettyRequest, uri: str, headers: dict): + assert '2022-06-01' == request.headers.get('x-acs-version') + assert 'TestAPI' == request.headers.get('x-acs-action') + assert 'application/json' == request.headers.get('accept') + assert 'token' == request.headers.get('x-acs-bearer-token') + assert 'BEARERTOKEN' == request.querystring['SignatureType'][0] + # assert 'bearer token' == request.headers.get('authorization') + content_type = request.headers.get('content-type') + assert request.body.decode('utf-8') == requestBody, 'unexpected body: {}'.format(request.body) + assert content_type == 'application/x-www-form-urlencoded', 'expected application/x-www-form-urlencoded but received Content-Type: {}'.format( + content_type) + headers['x-acs-request-id'] = 'A45EE076-334D-5012-9746-A8F828D20FD4' + return [200, headers, responseBody] + httpretty.register_uri( + httpretty.POST, "http://test1.aliyuncs.com", + body=bearer_request_callback) + result = client.call_api(params, request, runtime) + self.assertEqual('A45EE076-334D-5012-9746-A8F828D20FD4', result.get("headers").get("x-acs-request-id")) + self.assertEqual(200, result.get('statusCode')) + @httpretty.activate(allow_net_connect=False) def test_call_api_for_rpcwith_v3sign_anonymous_json(self): requestBody = '{"key1":"value","key2":1,"key3":true}' @@ -579,6 +717,31 @@ def request_callback(request: HTTPrettyRequest, uri: str, headers: dict): self.assertEqual(123, result.get('body').get('UserId')) self.assertEqual(200, result.get('statusCode')) + # bearer token + config = self.create_bearer_token_config() + config.protocol = 'HTTP' + config.endpoint = 'test1.aliyuncs.com' + client = OpenApiClient(config) + def bearer_request_callback(request: HTTPrettyRequest, uri: str, headers: dict): + assert '2022-06-01' == request.headers.get('x-acs-version') + assert 'TestAPI' == request.headers.get('x-acs-action') + assert 'application/json' == request.headers.get('accept') + assert 'token' == request.headers.get('x-acs-bearer-token') + assert 'BEARERTOKEN' == request.headers.get('x-acs-signature-type') + # assert 'bearer token' == request.headers.get('authorization') + content_type = request.headers.get('content-type') + assert request.body.decode('utf-8') == requestBody, 'unexpected body: {}'.format(request.body) + assert content_type == 'application/x-www-form-urlencoded', 'expected application/x-www-form-urlencoded but received Content-Type: {}'.format( + content_type) + headers['x-acs-request-id'] = 'A45EE076-334D-5012-9746-A8F828D20FD4' + return [200, headers, responseBody] + httpretty.register_uri( + httpretty.POST, "http://test1.aliyuncs.com/test", + body=bearer_request_callback) + result = client.call_api(params, request, runtime) + self.assertEqual('A45EE076-334D-5012-9746-A8F828D20FD4', result.get("headers").get("x-acs-request-id")) + self.assertEqual(200, result.get('statusCode')) + @httpretty.activate(allow_net_connect=False) def test_call_api_for_roawith_v3sign_anonymous_json(self): requestBody = '{"key1":"value","key2":1,"key3":true}' diff --git a/swift/Sources/AlibabacloudOpenApi/Client.swift b/swift/Sources/AlibabacloudOpenApi/Client.swift index 74f27af..0d43b7c 100644 --- a/swift/Sources/AlibabacloudOpenApi/Client.swift +++ b/swift/Sources/AlibabacloudOpenApi/Client.swift @@ -83,7 +83,14 @@ open class Client { "accessKeySecret": config.accessKeySecret ?? "" ]) credentialConfig.securityToken = config.securityToken - self._credential = AlibabaCloudCredentials.Client(credentialConfig) + self._credential = try AlibabaCloudCredentials.Client(credentialConfig) + } + else if (!TeaUtils.Client.empty(config.bearerToken)) { + var cc: AlibabaCloudCredentials.Config = AlibabaCloudCredentials.Config([ + "type": "bearer", + "bearerToken": config.bearerToken ?? "" + ]) + self._credential = try AlibabaCloudCredentials.Client(cc) } else if (!TeaUtils.Client.isUnset(config.credential)) { self._credential = config.credential @@ -206,21 +213,29 @@ open class Client { _request.headers["content-type"] = "application/x-www-form-urlencoded"; } if (!TeaUtils.Client.equalString(authType, "Anonymous")) { - var accessKeyId: String = try await getAccessKeyId() - var accessKeySecret: String = try await getAccessKeySecret() - var securityToken: String = try await getSecurityToken() - if (!TeaUtils.Client.empty(securityToken)) { - _request.query["SecurityToken"] = securityToken as! String; + var credentialType: String = try await getType() + if (TeaUtils.Client.equalString(credentialType, "bearer")) { + var bearerToken: String = try await getBearerToken() + _request.query["BearerToken"] = bearerToken as! String; + _request.query["SignatureType"] = "BEARERTOKEN"; } - _request.query["SignatureMethod"] = "HMAC-SHA1"; - _request.query["SignatureVersion"] = "1.0"; - _request.query["AccessKeyId"] = accessKeyId as! String; - var t: [String: Any]? = nil - if (!TeaUtils.Client.isUnset(request.body)) { - t = try TeaUtils.Client.assertAsMap(request.body) + else { + var accessKeyId: String = try await getAccessKeyId() + var accessKeySecret: String = try await getAccessKeySecret() + var securityToken: String = try await getSecurityToken() + if (!TeaUtils.Client.empty(securityToken)) { + _request.query["SecurityToken"] = securityToken as! String; + } + _request.query["SignatureMethod"] = "HMAC-SHA1"; + _request.query["SignatureVersion"] = "1.0"; + _request.query["AccessKeyId"] = accessKeyId as! String; + var t: [String: Any]? = nil + if (!TeaUtils.Client.isUnset(request.body)) { + t = try TeaUtils.Client.assertAsMap(request.body) + } + var signedParam: [String: String] = Tea.TeaConverter.merge([:], _request.query, AlibabaCloudOpenApiUtil.Client.query(t)) + _request.query["Signature"] = AlibabaCloudOpenApiUtil.Client.getRPCSignature(signedParam, _request.method, accessKeySecret); } - var signedParam: [String: String] = Tea.TeaConverter.merge([:], _request.query, AlibabaCloudOpenApiUtil.Client.query(t)) - _request.query["Signature"] = AlibabaCloudOpenApiUtil.Client.getRPCSignature(signedParam, _request.method, accessKeySecret); } _lastRequest = _request var _response: Tea.TeaResponse = try await Tea.TeaCore.doAction(_request, _runtime) @@ -378,15 +393,23 @@ open class Client { _request.query = Tea.TeaConverter.merge([:], _request.query, request.query ?? [:]) } if (!TeaUtils.Client.equalString(authType, "Anonymous")) { - var accessKeyId: String = try await getAccessKeyId() - var accessKeySecret: String = try await getAccessKeySecret() - var securityToken: String = try await getSecurityToken() - if (!TeaUtils.Client.empty(securityToken)) { - _request.headers["x-acs-accesskey-id"] = accessKeyId as! String; - _request.headers["x-acs-security-token"] = securityToken as! String; + var credentialType: String = try await getType() + if (TeaUtils.Client.equalString(credentialType, "bearer")) { + var bearerToken: String = try await getBearerToken() + _request.headers["x-acs-bearer-token"] = bearerToken as! String; + _request.headers["x-acs-signature-type"] = "BEARERTOKEN"; + } + else { + var accessKeyId: String = try await getAccessKeyId() + var accessKeySecret: String = try await getAccessKeySecret() + var securityToken: String = try await getSecurityToken() + if (!TeaUtils.Client.empty(securityToken)) { + _request.headers["x-acs-accesskey-id"] = accessKeyId as! String; + _request.headers["x-acs-security-token"] = securityToken as! String; + } + var stringToSign: String = AlibabaCloudOpenApiUtil.Client.getStringToSign(_request) + _request.headers["authorization"] = "acs " + (accessKeyId as! String) + ":" + (AlibabaCloudOpenApiUtil.Client.getROASignature(stringToSign, accessKeySecret)); } - var stringToSign: String = AlibabaCloudOpenApiUtil.Client.getStringToSign(_request) - _request.headers["authorization"] = "acs " + accessKeyId + ":" + AlibabaCloudOpenApiUtil.Client.getROASignature(stringToSign, accessKeySecret); } _lastRequest = _request var _response: Tea.TeaResponse = try await Tea.TeaCore.doAction(_request, _runtime) @@ -551,15 +574,23 @@ open class Client { _request.query = Tea.TeaConverter.merge([:], _request.query, request.query ?? [:]) } if (!TeaUtils.Client.equalString(authType, "Anonymous")) { - var accessKeyId: String = try await getAccessKeyId() - var accessKeySecret: String = try await getAccessKeySecret() - var securityToken: String = try await getSecurityToken() - if (!TeaUtils.Client.empty(securityToken)) { - _request.headers["x-acs-accesskey-id"] = accessKeyId as! String; - _request.headers["x-acs-security-token"] = securityToken as! String; + var credentialType: String = try await getType() + if (TeaUtils.Client.equalString(credentialType, "bearer")) { + var bearerToken: String = try await getBearerToken() + _request.headers["x-acs-bearer-token"] = bearerToken as! String; + _request.headers["x-acs-signature-type"] = "BEARERTOKEN"; + } + else { + var accessKeyId: String = try await getAccessKeyId() + var accessKeySecret: String = try await getAccessKeySecret() + var securityToken: String = try await getSecurityToken() + if (!TeaUtils.Client.empty(securityToken)) { + _request.headers["x-acs-accesskey-id"] = accessKeyId as! String; + _request.headers["x-acs-security-token"] = securityToken as! String; + } + var stringToSign: String = AlibabaCloudOpenApiUtil.Client.getStringToSign(_request) + _request.headers["authorization"] = "acs " + (accessKeyId as! String) + ":" + (AlibabaCloudOpenApiUtil.Client.getROASignature(stringToSign, accessKeySecret)); } - var stringToSign: String = AlibabaCloudOpenApiUtil.Client.getStringToSign(_request) - _request.headers["authorization"] = "acs " + accessKeyId + ":" + AlibabaCloudOpenApiUtil.Client.getROASignature(stringToSign, accessKeySecret); } _lastRequest = _request var _response: Tea.TeaResponse = try await Tea.TeaCore.doAction(_request, _runtime) @@ -754,6 +785,12 @@ open class Client { if (TeaUtils.Client.equalString(authType, "bearer")) { var bearerToken: String = try await getBearerToken() _request.headers["x-acs-bearer-token"] = bearerToken as! String; + if (TeaUtils.Client.equalString(params.style, "RPC")) { + _request.query["SignatureType"] = "BEARERTOKEN"; + } + else { + _request.headers["x-acs-signature-type"] = "BEARERTOKEN"; + } } else { var accessKeyId: String = try await getAccessKeyId() diff --git a/swift/Sources/AlibabacloudOpenApi/Models.swift b/swift/Sources/AlibabacloudOpenApi/Models.swift index 8e4b1e3..5e71767 100644 --- a/swift/Sources/AlibabacloudOpenApi/Models.swift +++ b/swift/Sources/AlibabacloudOpenApi/Models.swift @@ -33,10 +33,10 @@ public class GlobalParameters : Tea.TeaModel { } public override func fromMap(_ dict: [String: Any]) -> Void { - if dict.keys.contains("headers") && dict["headers"] != nil { + if dict.keys.contains("headers") { self.headers = dict["headers"] as! [String: String] } - if dict.keys.contains("queries") && dict["queries"] != nil { + if dict.keys.contains("queries") { self.queries = dict["queries"] as! [String: String] } } @@ -49,6 +49,8 @@ public class Config : Tea.TeaModel { public var securityToken: String? + public var bearerToken: String? + public var protocol_: String? public var method: String? @@ -125,6 +127,9 @@ public class Config : Tea.TeaModel { if self.securityToken != nil { map["securityToken"] = self.securityToken! } + if self.bearerToken != nil { + map["bearerToken"] = self.bearerToken! + } if self.protocol_ != nil { map["protocol"] = self.protocol_! } @@ -207,93 +212,96 @@ public class Config : Tea.TeaModel { } public override func fromMap(_ dict: [String: Any]) -> Void { - if dict.keys.contains("accessKeyId") && dict["accessKeyId"] != nil { + if dict.keys.contains("accessKeyId") { self.accessKeyId = dict["accessKeyId"] as! String } - if dict.keys.contains("accessKeySecret") && dict["accessKeySecret"] != nil { + if dict.keys.contains("accessKeySecret") { self.accessKeySecret = dict["accessKeySecret"] as! String } - if dict.keys.contains("securityToken") && dict["securityToken"] != nil { + if dict.keys.contains("securityToken") { self.securityToken = dict["securityToken"] as! String } - if dict.keys.contains("protocol") && dict["protocol"] != nil { + if dict.keys.contains("bearerToken") { + self.bearerToken = dict["bearerToken"] as! String + } + if dict.keys.contains("protocol") { self.protocol_ = dict["protocol"] as! String } - if dict.keys.contains("method") && dict["method"] != nil { + if dict.keys.contains("method") { self.method = dict["method"] as! String } - if dict.keys.contains("regionId") && dict["regionId"] != nil { + if dict.keys.contains("regionId") { self.regionId = dict["regionId"] as! String } - if dict.keys.contains("readTimeout") && dict["readTimeout"] != nil { + if dict.keys.contains("readTimeout") { self.readTimeout = dict["readTimeout"] as! Int } - if dict.keys.contains("connectTimeout") && dict["connectTimeout"] != nil { + if dict.keys.contains("connectTimeout") { self.connectTimeout = dict["connectTimeout"] as! Int } - if dict.keys.contains("httpProxy") && dict["httpProxy"] != nil { + if dict.keys.contains("httpProxy") { self.httpProxy = dict["httpProxy"] as! String } - if dict.keys.contains("httpsProxy") && dict["httpsProxy"] != nil { + if dict.keys.contains("httpsProxy") { self.httpsProxy = dict["httpsProxy"] as! String } - if dict.keys.contains("credential") && dict["credential"] != nil { + if dict.keys.contains("credential") { self.credential = dict["credential"] as! AlibabaCloudCredentials.Client } - if dict.keys.contains("endpoint") && dict["endpoint"] != nil { + if dict.keys.contains("endpoint") { self.endpoint = dict["endpoint"] as! String } - if dict.keys.contains("noProxy") && dict["noProxy"] != nil { + if dict.keys.contains("noProxy") { self.noProxy = dict["noProxy"] as! String } - if dict.keys.contains("maxIdleConns") && dict["maxIdleConns"] != nil { + if dict.keys.contains("maxIdleConns") { self.maxIdleConns = dict["maxIdleConns"] as! Int } - if dict.keys.contains("network") && dict["network"] != nil { + if dict.keys.contains("network") { self.network = dict["network"] as! String } - if dict.keys.contains("userAgent") && dict["userAgent"] != nil { + if dict.keys.contains("userAgent") { self.userAgent = dict["userAgent"] as! String } - if dict.keys.contains("suffix") && dict["suffix"] != nil { + if dict.keys.contains("suffix") { self.suffix = dict["suffix"] as! String } - if dict.keys.contains("socks5Proxy") && dict["socks5Proxy"] != nil { + if dict.keys.contains("socks5Proxy") { self.socks5Proxy = dict["socks5Proxy"] as! String } - if dict.keys.contains("socks5NetWork") && dict["socks5NetWork"] != nil { + if dict.keys.contains("socks5NetWork") { self.socks5NetWork = dict["socks5NetWork"] as! String } - if dict.keys.contains("endpointType") && dict["endpointType"] != nil { + if dict.keys.contains("endpointType") { self.endpointType = dict["endpointType"] as! String } - if dict.keys.contains("openPlatformEndpoint") && dict["openPlatformEndpoint"] != nil { + if dict.keys.contains("openPlatformEndpoint") { self.openPlatformEndpoint = dict["openPlatformEndpoint"] as! String } - if dict.keys.contains("type") && dict["type"] != nil { + if dict.keys.contains("type") { self.type = dict["type"] as! String } - if dict.keys.contains("signatureVersion") && dict["signatureVersion"] != nil { + if dict.keys.contains("signatureVersion") { self.signatureVersion = dict["signatureVersion"] as! String } - if dict.keys.contains("signatureAlgorithm") && dict["signatureAlgorithm"] != nil { + if dict.keys.contains("signatureAlgorithm") { self.signatureAlgorithm = dict["signatureAlgorithm"] as! String } - if dict.keys.contains("globalParameters") && dict["globalParameters"] != nil { + if dict.keys.contains("globalParameters") { var model = GlobalParameters() model.fromMap(dict["globalParameters"] as! [String: Any]) self.globalParameters = model } - if dict.keys.contains("key") && dict["key"] != nil { + if dict.keys.contains("key") { self.key = dict["key"] as! String } - if dict.keys.contains("cert") && dict["cert"] != nil { + if dict.keys.contains("cert") { self.cert = dict["cert"] as! String } - if dict.keys.contains("ca") && dict["ca"] != nil { + if dict.keys.contains("ca") { self.ca = dict["ca"] as! String } - if dict.keys.contains("disableHttp2") && dict["disableHttp2"] != nil { + if dict.keys.contains("disableHttp2") { self.disableHttp2 = dict["disableHttp2"] as! Bool } } @@ -348,22 +356,22 @@ public class OpenApiRequest : Tea.TeaModel { } public override func fromMap(_ dict: [String: Any]) -> Void { - if dict.keys.contains("headers") && dict["headers"] != nil { + if dict.keys.contains("headers") { self.headers = dict["headers"] as! [String: String] } - if dict.keys.contains("query") && dict["query"] != nil { + if dict.keys.contains("query") { self.query = dict["query"] as! [String: String] } - if dict.keys.contains("body") && dict["body"] != nil { + if dict.keys.contains("body") { self.body = dict["body"] as! Any } - if dict.keys.contains("stream") && dict["stream"] != nil { + if dict.keys.contains("stream") { self.stream = dict["stream"] as! InputStream } - if dict.keys.contains("hostMap") && dict["hostMap"] != nil { + if dict.keys.contains("hostMap") { self.hostMap = dict["hostMap"] as! [String: String] } - if dict.keys.contains("endpointOverride") && dict["endpointOverride"] != nil { + if dict.keys.contains("endpointOverride") { self.endpointOverride = dict["endpointOverride"] as! String } } @@ -441,31 +449,31 @@ public class Params : Tea.TeaModel { } public override func fromMap(_ dict: [String: Any]) -> Void { - if dict.keys.contains("action") && dict["action"] != nil { + if dict.keys.contains("action") { self.action = dict["action"] as! String } - if dict.keys.contains("version") && dict["version"] != nil { + if dict.keys.contains("version") { self.version = dict["version"] as! String } - if dict.keys.contains("protocol") && dict["protocol"] != nil { + if dict.keys.contains("protocol") { self.protocol_ = dict["protocol"] as! String } - if dict.keys.contains("pathname") && dict["pathname"] != nil { + if dict.keys.contains("pathname") { self.pathname = dict["pathname"] as! String } - if dict.keys.contains("method") && dict["method"] != nil { + if dict.keys.contains("method") { self.method = dict["method"] as! String } - if dict.keys.contains("authType") && dict["authType"] != nil { + if dict.keys.contains("authType") { self.authType = dict["authType"] as! String } - if dict.keys.contains("bodyType") && dict["bodyType"] != nil { + if dict.keys.contains("bodyType") { self.bodyType = dict["bodyType"] as! String } - if dict.keys.contains("reqBodyType") && dict["reqBodyType"] != nil { + if dict.keys.contains("reqBodyType") { self.reqBodyType = dict["reqBodyType"] as! String } - if dict.keys.contains("style") && dict["style"] != nil { + if dict.keys.contains("style") { self.style = dict["style"] as! String } } diff --git a/ts/src/client.ts b/ts/src/client.ts index 1253ef6..63ddf90 100644 --- a/ts/src/client.ts +++ b/ts/src/client.ts @@ -39,6 +39,7 @@ export class Config extends $tea.Model { accessKeyId?: string; accessKeySecret?: string; securityToken?: string; + bearerToken?: string; protocol?: string; method?: string; regionId?: string; @@ -70,6 +71,7 @@ export class Config extends $tea.Model { accessKeyId: 'accessKeyId', accessKeySecret: 'accessKeySecret', securityToken: 'securityToken', + bearerToken: 'bearerToken', protocol: 'protocol', method: 'method', regionId: 'regionId', @@ -104,6 +106,7 @@ export class Config extends $tea.Model { accessKeyId: 'string', accessKeySecret: 'string', securityToken: 'string', + bearerToken: 'string', protocol: 'string', method: 'string', regionId: 'string', @@ -274,6 +277,12 @@ export default class Client { }); credentialConfig.securityToken = config.securityToken; this._credential = new Credential(credentialConfig); + } else if (!Util.empty(config.bearerToken)) { + let cc = new $Credential.Config({ + type: "bearer", + bearerToken: config.bearerToken, + }); + this._credential = new Credential(cc); } else if (!Util.isUnset(config.credential)) { this._credential = config.credential; } @@ -420,26 +429,34 @@ export default class Client { } if (!Util.equalString(authType, "Anonymous")) { - let accessKeyId = await this.getAccessKeyId(); - let accessKeySecret = await this.getAccessKeySecret(); - let securityToken = await this.getSecurityToken(); - if (!Util.empty(securityToken)) { - request_.query["SecurityToken"] = securityToken; - } + let credentialType = await this.getType(); + if (Util.equalString(credentialType, "bearer")) { + let bearerToken = await this.getBearerToken(); + request_.query["BearerToken"] = bearerToken; + request_.query["SignatureType"] = "BEARERTOKEN"; + } else { + let accessKeyId = await this.getAccessKeyId(); + let accessKeySecret = await this.getAccessKeySecret(); + let securityToken = await this.getSecurityToken(); + if (!Util.empty(securityToken)) { + request_.query["SecurityToken"] = securityToken; + } - request_.query["SignatureMethod"] = "HMAC-SHA1"; - request_.query["SignatureVersion"] = "1.0"; - request_.query["AccessKeyId"] = accessKeyId; - let t : {[key: string ]: any} = null; - if (!Util.isUnset(request.body)) { - t = Util.assertAsMap(request.body); + request_.query["SignatureMethod"] = "HMAC-SHA1"; + request_.query["SignatureVersion"] = "1.0"; + request_.query["AccessKeyId"] = accessKeyId; + let t : {[key: string ]: any} = null; + if (!Util.isUnset(request.body)) { + t = Util.assertAsMap(request.body); + } + + let signedParam = { + ...request_.query, + ...OpenApiUtil.query(t), + }; + request_.query["Signature"] = OpenApiUtil.getRPCSignature(signedParam, request_.method, accessKeySecret); } - let signedParam = { - ...request_.query, - ...OpenApiUtil.query(t), - }; - request_.query["Signature"] = OpenApiUtil.getRPCSignature(signedParam, request_.method, accessKeySecret); } _lastRequest = request_; @@ -619,16 +636,24 @@ export default class Client { } if (!Util.equalString(authType, "Anonymous")) { - let accessKeyId = await this.getAccessKeyId(); - let accessKeySecret = await this.getAccessKeySecret(); - let securityToken = await this.getSecurityToken(); - if (!Util.empty(securityToken)) { - request_.headers["x-acs-accesskey-id"] = accessKeyId; - request_.headers["x-acs-security-token"] = securityToken; + let credentialType = await this.getType(); + if (Util.equalString(credentialType, "bearer")) { + let bearerToken = await this.getBearerToken(); + request_.headers["x-acs-bearer-token"] = bearerToken; + request_.headers["x-acs-signature-type"] = "BEARERTOKEN"; + } else { + let accessKeyId = await this.getAccessKeyId(); + let accessKeySecret = await this.getAccessKeySecret(); + let securityToken = await this.getSecurityToken(); + if (!Util.empty(securityToken)) { + request_.headers["x-acs-accesskey-id"] = accessKeyId; + request_.headers["x-acs-security-token"] = securityToken; + } + + let stringToSign = OpenApiUtil.getStringToSign(request_); + request_.headers["authorization"] = `acs ${accessKeyId}:${OpenApiUtil.getROASignature(stringToSign, accessKeySecret)}`; } - let stringToSign = OpenApiUtil.getStringToSign(request_); - request_.headers["authorization"] = `acs ${accessKeyId}:${OpenApiUtil.getROASignature(stringToSign, accessKeySecret)}`; } _lastRequest = request_; @@ -816,16 +841,24 @@ export default class Client { } if (!Util.equalString(authType, "Anonymous")) { - let accessKeyId = await this.getAccessKeyId(); - let accessKeySecret = await this.getAccessKeySecret(); - let securityToken = await this.getSecurityToken(); - if (!Util.empty(securityToken)) { - request_.headers["x-acs-accesskey-id"] = accessKeyId; - request_.headers["x-acs-security-token"] = securityToken; + let credentialType = await this.getType(); + if (Util.equalString(credentialType, "bearer")) { + let bearerToken = await this.getBearerToken(); + request_.headers["x-acs-bearer-token"] = bearerToken; + request_.headers["x-acs-signature-type"] = "BEARERTOKEN"; + } else { + let accessKeyId = await this.getAccessKeyId(); + let accessKeySecret = await this.getAccessKeySecret(); + let securityToken = await this.getSecurityToken(); + if (!Util.empty(securityToken)) { + request_.headers["x-acs-accesskey-id"] = accessKeyId; + request_.headers["x-acs-security-token"] = securityToken; + } + + let stringToSign = OpenApiUtil.getStringToSign(request_); + request_.headers["authorization"] = `acs ${accessKeyId}:${OpenApiUtil.getROASignature(stringToSign, accessKeySecret)}`; } - let stringToSign = OpenApiUtil.getStringToSign(request_); - request_.headers["authorization"] = `acs ${accessKeyId}:${OpenApiUtil.getROASignature(stringToSign, accessKeySecret)}`; } _lastRequest = request_; @@ -1041,14 +1074,21 @@ export default class Client { request_.headers["x-acs-content-sha256"] = hashedRequestPayload; if (!Util.equalString(params.authType, "Anonymous")) { - let authType = await this.getType(); + let credentialModel = await this._credential.getCredential(); + let authType = credentialModel.type; if (Util.equalString(authType, "bearer")) { - let bearerToken = await this.getBearerToken(); + let bearerToken = credentialModel.bearerToken; request_.headers["x-acs-bearer-token"] = bearerToken; + if (Util.equalString(params.style, "RPC")) { + request_.query["SignatureType"] = "BEARERTOKEN"; + } else { + request_.headers["x-acs-signature-type"] = "BEARERTOKEN"; + } + } else { - let accessKeyId = await this.getAccessKeyId(); - let accessKeySecret = await this.getAccessKeySecret(); - let securityToken = await this.getSecurityToken(); + let accessKeyId = credentialModel.accessKeyId; + let accessKeySecret = credentialModel.accessKeySecret; + let securityToken = credentialModel.securityToken; if (!Util.empty(securityToken)) { request_.headers["x-acs-accesskey-id"] = accessKeyId; request_.headers["x-acs-security-token"] = securityToken; diff --git a/ts/test/client.spec.ts b/ts/test/client.spec.ts index 8f911b7..44114a9 100644 --- a/ts/test/client.spec.ts +++ b/ts/test/client.spec.ts @@ -115,6 +115,18 @@ function createConfig(): $OpenApi.Config { return config; } +function createBearerTokenConfig(): $OpenApi.Config { + let creConfig = new $Credential.Config({ + bearerToken: "token", + type: "bearer", + }); + let credential = new Credential(creConfig); + let config = new $OpenApi.Config({ + credential: credential, + }); + return config; +} + function createRuntimeOptions(): $Util.RuntimeOptions { let extendsParameters = new $Util.ExtendsParameters({ headers: { @@ -213,6 +225,19 @@ describe('$openapi', function () { assert.strictEqual(await client.getSecurityToken(), 'securityToken'); assert.strictEqual(await client.getType(), 'sts'); + creConfig = new $Credential.Config({ + bearerToken: "token", + type: "bearer", + }); + credential = new Credential(creConfig); + config.credential = credential; + client = new OpenApi(config); + assert.strictEqual(await client.getAccessKeyId(), ''); + assert.strictEqual(await client.getAccessKeySecret(), ''); + assert.strictEqual(await client.getSecurityToken(), ''); + assert.strictEqual(await client.getBearerToken(), 'token'); + assert.strictEqual(await client.getType(), 'bearer'); + config.accessKeyId = "ak"; config.accessKeySecret = "secret"; config.securityToken = "token"; @@ -292,6 +317,18 @@ describe('$openapi', function () { assert.strictEqual(body["ClassId"], "test"); assert.strictEqual(body["UserId"], 123); assert.strictEqual(result["statusCode"], 200); + + // bearer token + config = createBearerTokenConfig(); + config.protocol = "HTTP"; + config.signatureAlgorithm = "v2"; + config.endpoint = `127.0.0.1:${port}`; + client = new OpenApi(config); + result = await client.callApi(params, request, runtime); + headers = result["headers"]; + regexp = /Action=TestAPI&Format=json&Version=2022-06-01&Timestamp=.+&SignatureNonce=.+&key1=value&key2=1&key3=true&BearerToken=token&SignatureType=BEARERTOKEN/; + assert.ok(regexp.test(headers["raw-query"])); + // assert.strictEqual(headers["authorization"], "bearer token"); }); it("call api for RPC With V2Sign Anonymous JSON should ok", async function () { @@ -386,6 +423,50 @@ describe('$openapi', function () { assert.strictEqual(body["ClassId"], "test"); assert.strictEqual(body["UserId"], 123); assert.strictEqual(result["statusCode"], 200); + + // bearer token + config = createBearerTokenConfig(); + config.protocol = "HTTP"; + config.signatureAlgorithm = "v2"; + config.endpoint = `127.0.0.1:${port}`; + client = new OpenApi(config); + result = await client.callApi(params, request, runtime); + headers = result["headers"]; + assert.strictEqual(headers["x-acs-version"], "2022-06-01"); + assert.strictEqual(headers["x-acs-action"], "TestAPI"); + assert.strictEqual(headers["content-type"], "application/x-www-form-urlencoded"); + assert.strictEqual(headers["x-acs-request-id"], "A45EE076-334D-5012-9746-A8F828D20FD4"); + assert.strictEqual(headers["accept"], "application/json"); + assert.strictEqual(headers["x-acs-bearer-token"], "token"); + assert.strictEqual(headers["x-acs-signature-type"], "BEARERTOKEN"); + // assert.strictEqual(headers["authorization"], "bearer token"); + + config = createBearerTokenConfig(); + config.protocol = "HTTP"; + config.signatureAlgorithm = "v2"; + config.endpoint = `127.0.0.1:${port}`; + client = new OpenApi(config); + params = new $OpenApi.Params({ + action: "TestAPI", + version: "2022-06-01", + protocol: "HTTPS", + pathname: "/test", + method: "POST", + authType: "AK", + style: "ROA", + reqBodyType: "json", + bodyType: "json", + }); + result = await client.callApi(params, request, runtime); + headers = result["headers"]; + assert.strictEqual(headers["x-acs-version"], "2022-06-01"); + assert.strictEqual(headers["x-acs-action"], "TestAPI"); + assert.strictEqual(headers["content-type"], "application/json; charset=utf-8"); + assert.strictEqual(headers["x-acs-request-id"], "A45EE076-334D-5012-9746-A8F828D20FD4"); + assert.strictEqual(headers["accept"], "application/json"); + assert.strictEqual(headers["x-acs-bearer-token"], "token"); + assert.strictEqual(headers["x-acs-signature-type"], "BEARERTOKEN"); + // assert.strictEqual(headers["authorization"], "bearer token"); }); it("call api for ROA With V2Sign Anonymous JSON should ok", async function () { @@ -485,6 +566,23 @@ describe('$openapi', function () { assert.strictEqual(body["ClassId"], "test"); assert.strictEqual(body["UserId"], 123); assert.strictEqual(result["statusCode"], 200); + + // bearer token + config = createBearerTokenConfig(); + config.protocol = "HTTP"; + config.endpoint = `127.0.0.1:${port}`; + client = new OpenApi(config); + result = await client.callApi(params, request, runtime); + headers = result["headers"]; + assert.strictEqual(headers["x-acs-version"], "2022-06-01"); + assert.strictEqual(headers["x-acs-action"], "TestAPI"); + assert.strictEqual(headers["content-type"], "application/x-www-form-urlencoded"); + assert.strictEqual(headers["x-acs-request-id"], "A45EE076-334D-5012-9746-A8F828D20FD4"); + assert.strictEqual(headers["accept"], "application/json"); + assert.strictEqual(headers["x-acs-bearer-token"], "token"); + const regexp = /SignatureType=BEARERTOKEN/; + assert.ok(regexp.test(headers["raw-query"])); + // assert.strictEqual(headers["authorization"], "bearer token"); }); it("call api for RPC With V3Sign Anonymous JSON should ok", async function () { @@ -581,6 +679,22 @@ describe('$openapi', function () { assert.strictEqual(body["ClassId"], "test"); assert.strictEqual(body["UserId"], 123); assert.strictEqual(result["statusCode"], 200); + + // bearer token + config = createBearerTokenConfig(); + config.protocol = "HTTP"; + config.endpoint = `127.0.0.1:${port}`; + client = new OpenApi(config); + result = await client.callApi(params, request, runtime); + headers = result["headers"]; + assert.strictEqual(headers["x-acs-version"], "2022-06-01"); + assert.strictEqual(headers["x-acs-action"], "TestAPI"); + assert.strictEqual(headers["content-type"], "application/x-www-form-urlencoded"); + assert.strictEqual(headers["x-acs-request-id"], "A45EE076-334D-5012-9746-A8F828D20FD4"); + assert.strictEqual(headers["accept"], "application/json"); + assert.strictEqual(headers["x-acs-bearer-token"], "token"); + assert.strictEqual(headers["x-acs-signature-type"], "BEARERTOKEN"); + // assert.strictEqual(headers["authorization"], "bearer token"); }); it("call api for ROA With V3Sign Anonymous JSON should ok", async function () {