feat: support bearer token credentials request

aliyun · Jun 2, 2024 · e2ba783 · e2ba783
1 parent 2fc1b2d
commit e2ba783
Show file tree

Hide file tree

Showing 17 changed files with 1,070 additions and 410 deletions.
diff --git a/csharp/core/Client.cs b/csharp/core/Client.cs
diff --git a/csharp/core/Properties/AssemblyInfo.cs b/csharp/core/Properties/AssemblyInfo.cs
@@ -29,5 +29,5 @@
 //      Build Number
 //      Revision
 //
-[assembly : AssemblyVersion("0.1.8.0")]
-[assembly : AssemblyFileVersion("0.1.8.0")]
+[assembly : AssemblyVersion("0.1.9.0")]
+[assembly : AssemblyFileVersion("0.1.9.0")]
diff --git a/golang/client/client.go b/golang/client/client.go
@@ -599,40 +599,57 @@ func (client *Client) DoRPCRequest(action *string, version *string, protocol *st
 			}
 
 			if !tea.BoolValue(util.EqualString(authType, tea.String("Anonymous"))) {
-				accessKeyId, _err := client.GetAccessKeyId()
+				credentialType, _err := client.GetType()
 				if _err != nil {
 					return _result, _err
 				}
 
-				accessKeySecret, _err := client.GetAccessKeySecret()
-				if _err != nil {
-					return _result, _err
-				}
+				if tea.BoolValue(util.EqualString(credentialType, tea.String("bearer"))) {
+					bearerToken, _err := client.GetBearerToken()
+					if _err != nil {
+						return _result, _err
+					}
 
-				securityToken, _err := client.GetSecurityToken()
-				if _err != nil {
-					return _result, _err
-				}
+					request_.Query["BearerToken"] = bearerToken
+					request_.Query["SignatureType"] = tea.String("BEARERTOKEN")
+					request_.Headers["authorization"] = tea.String("bearer " + tea.StringValue(bearerToken))
+				} else {
+					accessKeyId, _err := client.GetAccessKeyId()
+					if _err != nil {
+						return _result, _err
+					}
 
-				if !tea.BoolValue(util.Empty(securityToken)) {
-					request_.Query["SecurityToken"] = securityToken
-				}
+					accessKeySecret, _err := client.GetAccessKeySecret()
+					if _err != nil {
+						return _result, _err
+					}
 
-				request_.Query["SignatureMethod"] = tea.String("HMAC-SHA1")
-				request_.Query["SignatureVersion"] = tea.String("1.0")
-				request_.Query["AccessKeyId"] = accessKeyId
-				var t map[string]interface{}
-				if !tea.BoolValue(util.IsUnset(request.Body)) {
-					t, _err = util.AssertAsMap(request.Body)
+					securityToken, _err := client.GetSecurityToken()
 					if _err != nil {
 						return _result, _err
 					}
 
+					if !tea.BoolValue(util.Empty(securityToken)) {
+						request_.Query["SecurityToken"] = securityToken
+					}
+
+					request_.Query["SignatureMethod"] = tea.String("HMAC-SHA1")
+					request_.Query["SignatureVersion"] = tea.String("1.0")
+					request_.Query["AccessKeyId"] = accessKeyId
+					var t map[string]interface{}
+					if !tea.BoolValue(util.IsUnset(request.Body)) {
+						t, _err = util.AssertAsMap(request.Body)
+						if _err != nil {
+							return _result, _err
+						}
+
+					}
+
+					signedParam := tea.Merge(request_.Query,
+						openapiutil.Query(t))
+					request_.Query["Signature"] = openapiutil.GetRPCSignature(signedParam, request_.Method, accessKeySecret)
 				}
 
-				signedParam := tea.Merge(request_.Query,
-					openapiutil.Query(t))
-				request_.Query["Signature"] = openapiutil.GetRPCSignature(signedParam, request_.Method, accessKeySecret)
 			}
 
 			response_, _err := tea.DoRequest(request_, _runtime)
@@ -853,28 +870,45 @@ func (client *Client) DoROARequest(action *string, version *string, protocol *st
 			}
 
 			if !tea.BoolValue(util.EqualString(authType, tea.String("Anonymous"))) {
-				accessKeyId, _err := client.GetAccessKeyId()
+				credentialType, _err := client.GetType()
 				if _err != nil {
 					return _result, _err
 				}
 
-				accessKeySecret, _err := client.GetAccessKeySecret()
-				if _err != nil {
-					return _result, _err
-				}
+				if tea.BoolValue(util.EqualString(credentialType, tea.String("bearer"))) {
+					bearerToken, _err := client.GetBearerToken()
+					if _err != nil {
+						return _result, _err
+					}
 
-				securityToken, _err := client.GetSecurityToken()
-				if _err != nil {
-					return _result, _err
-				}
+					request_.Headers["x-acs-bearer-token"] = bearerToken
+					request_.Headers["x-acs-signature-type"] = tea.String("BEARERTOKEN")
+					request_.Headers["authorization"] = tea.String("bearer " + tea.StringValue(bearerToken))
+				} else {
+					accessKeyId, _err := client.GetAccessKeyId()
+					if _err != nil {
+						return _result, _err
+					}
 
-				if !tea.BoolValue(util.Empty(securityToken)) {
-					request_.Headers["x-acs-accesskey-id"] = accessKeyId
-					request_.Headers["x-acs-security-token"] = securityToken
+					accessKeySecret, _err := client.GetAccessKeySecret()
+					if _err != nil {
+						return _result, _err
+					}
+
+					securityToken, _err := client.GetSecurityToken()
+					if _err != nil {
+						return _result, _err
+					}
+
+					if !tea.BoolValue(util.Empty(securityToken)) {
+						request_.Headers["x-acs-accesskey-id"] = accessKeyId
+						request_.Headers["x-acs-security-token"] = securityToken
+					}
+
+					stringToSign := openapiutil.GetStringToSign(request_)
+					request_.Headers["authorization"] = tea.String("acs " + tea.StringValue(accessKeyId) + ":" + tea.StringValue(openapiutil.GetROASignature(stringToSign, accessKeySecret)))
 				}
 
-				stringToSign := openapiutil.GetStringToSign(request_)
-				request_.Headers["authorization"] = tea.String("acs " + tea.StringValue(accessKeyId) + ":" + tea.StringValue(openapiutil.GetROASignature(stringToSign, accessKeySecret)))
 			}
 
 			response_, _err := tea.DoRequest(request_, _runtime)
@@ -1109,28 +1143,45 @@ func (client *Client) DoROARequestWithForm(action *string, version *string, prot
 			}
 
 			if !tea.BoolValue(util.EqualString(authType, tea.String("Anonymous"))) {
-				accessKeyId, _err := client.GetAccessKeyId()
+				credentialType, _err := client.GetType()
 				if _err != nil {
 					return _result, _err
 				}
 
-				accessKeySecret, _err := client.GetAccessKeySecret()
-				if _err != nil {
-					return _result, _err
-				}
+				if tea.BoolValue(util.EqualString(credentialType, tea.String("bearer"))) {
+					bearerToken, _err := client.GetBearerToken()
+					if _err != nil {
+						return _result, _err
+					}
 
-				securityToken, _err := client.GetSecurityToken()
-				if _err != nil {
-					return _result, _err
-				}
+					request_.Headers["x-acs-bearer-token"] = bearerToken
+					request_.Headers["x-acs-signature-type"] = tea.String("BEARERTOKEN")
+					request_.Headers["authorization"] = tea.String("bearer " + tea.StringValue(bearerToken))
+				} else {
+					accessKeyId, _err := client.GetAccessKeyId()
+					if _err != nil {
+						return _result, _err
+					}
+
+					accessKeySecret, _err := client.GetAccessKeySecret()
+					if _err != nil {
+						return _result, _err
+					}
+
+					securityToken, _err := client.GetSecurityToken()
+					if _err != nil {
+						return _result, _err
+					}
+
+					if !tea.BoolValue(util.Empty(securityToken)) {
+						request_.Headers["x-acs-accesskey-id"] = accessKeyId
+						request_.Headers["x-acs-security-token"] = securityToken
+					}
 
-				if !tea.BoolValue(util.Empty(securityToken)) {
-					request_.Headers["x-acs-accesskey-id"] = accessKeyId
-					request_.Headers["x-acs-security-token"] = securityToken
+					stringToSign := openapiutil.GetStringToSign(request_)
+					request_.Headers["authorization"] = tea.String("acs " + tea.StringValue(accessKeyId) + ":" + tea.StringValue(openapiutil.GetROASignature(stringToSign, accessKeySecret)))
 				}
 
-				stringToSign := openapiutil.GetStringToSign(request_)
-				request_.Headers["authorization"] = tea.String("acs " + tea.StringValue(accessKeyId) + ":" + tea.StringValue(openapiutil.GetROASignature(stringToSign, accessKeySecret)))
 			}
 
 			response_, _err := tea.DoRequest(request_, _runtime)

diff --git a/golang/client/client_test.go b/golang/client/client_test.go
@@ -108,10 +108,10 @@ func TestConfig(t *testing.T) {
 		SecurityToken:   tea.String("securityToken"),
 		Type:            tea.String("sts"),
 	}
-	credential, _err := credential.NewCredential(creConfig)
+	cred, _err := credential.NewCredential(creConfig)
 	tea_util.AssertNil(t, _err)
 
-	config.Credential = credential
+	config.Credential = cred
 	config.String()
 	config.GoString()
 	client, _err := NewClient(nil)
@@ -129,6 +129,28 @@ func TestConfig(t *testing.T) {
 	ty, _ := client.GetType()
 	tea_util.AssertEqual(t, "sts", tea.StringValue(ty))
 
+	// bearer token
+	creConfig = &credential.Config{
+		BearerToken: tea.String("token"),
+		Type:        tea.String("bearer"),
+	}
+	cred, _err = credential.NewCredential(creConfig)
+	tea_util.AssertNil(t, _err)
+
+	config.Credential = cred
+	client, _err = NewClient(config)
+	tea_util.AssertNil(t, _err)
+	ak, _ = client.GetAccessKeyId()
+	tea_util.AssertEqual(t, "", tea.StringValue(ak))
+	sk, _ = client.GetAccessKeySecret()
+	tea_util.AssertEqual(t, "", tea.StringValue(sk))
+	token, _ = client.GetSecurityToken()
+	tea_util.AssertEqual(t, "", tea.StringValue(token))
+	bearer, _ := client.GetBearerToken()
+	tea_util.AssertEqual(t, "token", tea.StringValue(bearer))
+	ty, _ = client.GetType()
+	tea_util.AssertEqual(t, "bearer", tea.StringValue(ty))
+
 	config.AccessKeyId = tea.String("ak")
 	config.AccessKeySecret = tea.String("secret")
 	config.SecurityToken = tea.String("token")
@@ -212,6 +234,22 @@ func CreateConfig() (_result *Config) {
 	return _result
 }
 
+func CreateBearerTokenConfig() (_result *Config) {
+	creConfig := &credential.Config{
+		BearerToken: tea.String("token"),
+		Type:        tea.String("bearer"),
+	}
+	cred, _err := credential.NewCredential(creConfig)
+	if _err != nil {
+		return nil
+	}
+	config := &Config{
+		Credential: cred,
+	}
+	_result = config
+	return _result
+}
+
 func CreateRuntimeOptions() (_result *util.RuntimeOptions) {
 	extendsParameters := &util.ExtendsParameters{
 		Headers: map[string]*string{
@@ -310,6 +348,27 @@ func TestCallApiForRPCWithV2Sign_AK_Form(t *testing.T) {
 	tea_util.AssertEqual(t, "test", body["ClassId"])
 	tea_util.AssertEqual(t, "123", body["UserId"].(json.Number).String())
 	tea_util.AssertEqual(t, "200", result["statusCode"].(json.Number).String())
+
+	// bearer token
+	config = CreateBearerTokenConfig()
+	config.Protocol = tea.String("HTTP")
+	config.SignatureAlgorithm = tea.String("v2")
+	config.Endpoint = tea.String("127.0.0.1:9001")
+	client, _err = NewClient(config)
+	tea_util.AssertNil(t, _err)
+	result, _err = client.CallApi(params, request, runtime)
+	tea_util.AssertNil(t, _err)
+
+	headers, _err = util.AssertAsMap(result["headers"])
+	tea_util.AssertNil(t, _err)
+	regx, _ = regexp.Compile("Action=TestAPI&BearerToken=token&Format=json" +
+		"&SignatureNonce=.+&SignatureType=BEARERTOKEN&Timestamp=.+&Version=2022-06-01" +
+		"&key1=value&key2=1&key3=true")
+	str, _ = util.AssertAsString(headers["raw-query"])
+	find = regx.FindAllString(tea.StringValue(str), -1)
+	tea_util.AssertNotNil(t, find)
+	tea_util.AssertEqual(t, "bearer token", headers["authorization"])
+
 }
 
 func TestCallApiForRPCWithV2Sign_Anonymous_JSON(t *testing.T) {
@@ -451,6 +510,42 @@ func TestCallApiForROAWithV2Sign_HTTPS_AK_Form(t *testing.T) {
 	headers, _err = util.AssertAsMap(result["headers"])
 	tea_util.AssertNil(t, _err)
 	tea_util.AssertEqual(t, "extends-value", headers["extends-key"])
+
+	// bearer token
+	config = CreateBearerTokenConfig()
+	config.Protocol = tea.String("HTTP")
+	config.SignatureAlgorithm = tea.String("v2")
+	config.Endpoint = tea.String("127.0.0.1:9003")
+	client, _err = NewClient(config)
+	tea_util.AssertNil(t, _err)
+	result, _err = client.CallApi(params, request, runtime)
+	tea_util.AssertNil(t, _err)
+
+	headers, _err = util.AssertAsMap(result["headers"])
+	tea_util.AssertNil(t, _err)
+	tea_util.AssertEqual(t, "bearer token", headers["authorization"])
+	tea_util.AssertEqual(t, "token", headers["x-acs-bearer-token"])
+	tea_util.AssertEqual(t, "BEARERTOKEN", headers["x-acs-signature-type"])
+
+	params = &Params{
+		Action:      tea.String("TestAPI"),
+		Version:     tea.String("2022-06-01"),
+		Protocol:    tea.String("HTTPS"),
+		Pathname:    tea.String("/test"),
+		Method:      tea.String("POST"),
+		AuthType:    tea.String("AK"),
+		Style:       tea.String("ROA"),
+		ReqBodyType: tea.String("json"),
+		BodyType:    tea.String("json"),
+	}
+	result, _err = client.CallApi(params, request, runtime)
+	tea_util.AssertNil(t, _err)
+
+	headers, _err = util.AssertAsMap(result["headers"])
+	tea_util.AssertNil(t, _err)
+	tea_util.AssertEqual(t, "bearer token", headers["authorization"])
+	tea_util.AssertEqual(t, "token", headers["x-acs-bearer-token"])
+	tea_util.AssertEqual(t, "BEARERTOKEN", headers["x-acs-signature-type"])
 }
 
 func TestCallApiForROAWithV2Sign_Anonymous_JSON(t *testing.T) {

diff --git a/java/pom.xml b/java/pom.xml
@@ -1,6 +1,7 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
     <groupId>com.aliyun</groupId>
     <artifactId>tea-openapi</artifactId>
@@ -81,7 +82,7 @@
         <dependency>
             <groupId>com.aliyun</groupId>
             <artifactId>tea-xml</artifactId>
-            <version>0.1.5</version>
+            <version>0.1.6</version>
         </dependency>
         <dependency>
             <groupId>com.github.tomakehurst</groupId>