hello-dd-code
99 lines
2.9 KiB
Go
99 lines
2.9 KiB
Go
package service
|
|
|
|
import (
|
|
"encoding/base64"
|
|
"encoding/json"
|
|
"net/http/httptest"
|
|
"strings"
|
|
"testing"
|
|
|
|
"wx_service/config"
|
|
)
|
|
|
|
func TestCreateUploadTokenWithCallbackPolicy(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
svc := NewQiniuService(config.QiniuConfig{
|
|
AccessKey: "ak-test",
|
|
SecretKey: "sk-test",
|
|
Bucket: "bucket-test",
|
|
UploadURL: "https://upload.qiniup.com",
|
|
KeyPrefix: "uploads/",
|
|
CallbackURL: "https://api.example.com/api/v1/common/upload/qiniu/callback",
|
|
CallbackBody: "key=$(key)&hash=$(etag)",
|
|
CallbackBodyType: "application/x-www-form-urlencoded",
|
|
})
|
|
|
|
token, err := svc.CreateUploadToken(1, 2, "avatar.png")
|
|
if err != nil {
|
|
t.Fatalf("CreateUploadToken: %v", err)
|
|
}
|
|
|
|
tokenParts := strings.Split(token.Token, ":")
|
|
if len(tokenParts) != 3 {
|
|
t.Fatalf("unexpected token format: %s", token.Token)
|
|
}
|
|
|
|
policyRaw, err := base64.URLEncoding.WithPadding(base64.NoPadding).DecodeString(tokenParts[2])
|
|
if err != nil {
|
|
t.Fatalf("decode policy: %v", err)
|
|
}
|
|
|
|
var policy map[string]any
|
|
if err := json.Unmarshal(policyRaw, &policy); err != nil {
|
|
t.Fatalf("unmarshal policy: %v", err)
|
|
}
|
|
|
|
if got, _ := policy["callbackUrl"].(string); got != "https://api.example.com/api/v1/common/upload/qiniu/callback" {
|
|
t.Fatalf("callbackUrl=%q, want callback endpoint", got)
|
|
}
|
|
if got, _ := policy["callbackBody"].(string); got != "key=$(key)&hash=$(etag)" {
|
|
t.Fatalf("callbackBody=%q, want callback body", got)
|
|
}
|
|
if got, _ := policy["callbackBodyType"].(string); got != "application/x-www-form-urlencoded" {
|
|
t.Fatalf("callbackBodyType=%q, want form type", got)
|
|
}
|
|
}
|
|
|
|
func TestVerifyCallbackSignature(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
cfg := config.QiniuConfig{
|
|
AccessKey: "ak-test",
|
|
SecretKey: "sk-test",
|
|
}
|
|
svc := NewQiniuService(cfg)
|
|
|
|
body := []byte("key=uploads/test.png&hash=abc")
|
|
req := httptest.NewRequest("POST", "http://example.com/api/v1/common/upload/qiniu/callback?x=1", strings.NewReader(string(body)))
|
|
signing := req.URL.Path + "?" + req.URL.RawQuery + "\n" + string(body)
|
|
sign := urlSafeBase64NoPad(hmacSHA1([]byte(cfg.SecretKey), []byte(signing)))
|
|
req.Header.Set("Authorization", "QBox "+cfg.AccessKey+":"+sign)
|
|
|
|
if err := svc.VerifyCallbackSignature(req, body); err != nil {
|
|
t.Fatalf("VerifyCallbackSignature: %v", err)
|
|
}
|
|
}
|
|
|
|
func TestVerifyCallbackSignatureInvalid(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
cfg := config.QiniuConfig{
|
|
AccessKey: "ak-test",
|
|
SecretKey: "sk-test",
|
|
}
|
|
svc := NewQiniuService(cfg)
|
|
|
|
body := []byte("key=uploads/test.png&hash=abc")
|
|
req := httptest.NewRequest("POST", "http://example.com/api/v1/common/upload/qiniu/callback", strings.NewReader(string(body)))
|
|
req.Header.Set("Authorization", "QBox ak-test:bad-sign")
|
|
|
|
err := svc.VerifyCallbackSignature(req, body)
|
|
if err == nil {
|
|
t.Fatalf("expected signature verification error")
|
|
}
|
|
if err != ErrQiniuCallbackUnauthorized {
|
|
t.Fatalf("error=%v, want=%v", err, ErrQiniuCallbackUnauthorized)
|
|
}
|
|
}
|