Exemple #1
0
func get_svc_by_aksk(ak string, sk string, svc *s3.S3) bool {

	credentials := credentials.NewStaticCredentials(ak, sk, "")
	svc = s3.New(&aws.Config{
		Region:           "HANGZHOU",
		Credentials:      credentials,
		Endpoint:         "ks3.sdns.ksyun.com",
		DisableSSL:       true,
		LogLevel:         0,
		S3ForcePathStyle: true,
		LogHTTPBody:      true,
	})

	return true
}
func TestResignRequestExpiredCreds(t *testing.T) {
	creds := credentials.NewStaticCredentials("AKID", "SECRET", "SESSION")
	r := aws.NewRequest(
		aws.NewService(&aws.Config{Credentials: creds}),
		&aws.Operation{
			Name:       "BatchGetItem",
			HTTPMethod: "POST",
			HTTPPath:   "/",
		},
		nil,
		nil,
	)
	Sign(r)
	querySig := r.HTTPRequest.Header.Get("Authorization")

	creds.Expire()

	Sign(r)
	assert.NotEqual(t, querySig, r.HTTPRequest.Header.Get("Authorization"))
}
func TestIgnoreResignRequestWithValidCreds(t *testing.T) {
	r := aws.NewRequest(
		aws.NewService(&aws.Config{
			Credentials: credentials.NewStaticCredentials("AKID", "SECRET", "SESSION"),
			Region:      "us-west-2",
		}),
		&aws.Operation{
			Name:       "BatchGetItem",
			HTTPMethod: "POST",
			HTTPPath:   "/",
		},
		nil,
		nil,
	)

	Sign(r)
	sig := r.HTTPRequest.Header.Get("Authorization")

	Sign(r)
	assert.Equal(t, sig, r.HTTPRequest.Header.Get("Authorization"))
}
func buildSigner(serviceName string, region string, signTime time.Time, expireTime time.Duration, body string) signer {
	endpoint := "https://" + serviceName + "." + region + ".amazonaws.com"
	reader := strings.NewReader(body)
	req, _ := http.NewRequest("POST", endpoint, reader)
	req.URL.Opaque = "//example.org/bucket/key-._~,!@#$%^&*()"
	req.Header.Add("X-Amz-Target", "prefix.Operation")
	req.Header.Add("Content-Type", "application/x-amz-json-1.0")
	req.Header.Add("Content-Length", string(len(body)))
	req.Header.Add("X-Amz-Meta-Other-Header", "some-value=!@#$%^&* (+)")

	return signer{
		Request:     req,
		Time:        signTime,
		ExpireTime:  expireTime,
		Query:       req.URL.Query(),
		Body:        reader,
		ServiceName: serviceName,
		Region:      region,
		Credentials: credentials.NewStaticCredentials("AKID", "SECRET", "SESSION"),
	}
}
// test that the request is retried after the credentials are expired.
func TestRequestRecoverExpiredCreds(t *testing.T) {
	reqNum := 0
	reqs := []http.Response{
		{StatusCode: 400, Body: body(`{"__type":"ExpiredTokenException","message":"expired token"}`)},
		{StatusCode: 200, Body: body(`{"data":"valid"}`)},
	}

	s := NewService(&Config{MaxRetries: 10, Credentials: credentials.NewStaticCredentials("AKID", "SECRET", "")})
	s.Handlers.Validate.Clear()
	s.Handlers.Unmarshal.PushBack(unmarshal)
	s.Handlers.UnmarshalError.PushBack(unmarshalError)

	credExpiredBeforeRetry := false
	credExpiredAfterRetry := false

	s.Handlers.AfterRetry.PushBack(func(r *Request) {
		credExpiredAfterRetry = r.Config.Credentials.IsExpired()
	})

	s.Handlers.Sign.Clear()
	s.Handlers.Sign.PushBack(func(r *Request) {
		r.Config.Credentials.Get()
	})
	s.Handlers.Send.Clear() // mock sending
	s.Handlers.Send.PushBack(func(r *Request) {
		r.HTTPResponse = &reqs[reqNum]
		reqNum++
	})
	out := &testData{}
	r := NewRequest(s, &Operation{Name: "Operation"}, nil, out)
	err := r.Send()
	assert.Nil(t, err)

	assert.False(t, credExpiredBeforeRetry, "Expect valid creds before retry check")
	assert.True(t, credExpiredAfterRetry, "Expect expired creds after retry check")
	assert.False(t, s.Config.Credentials.IsExpired(), "Expect valid creds after cred expired recovery")

	assert.Equal(t, 1, int(r.RetryCount))
	assert.Equal(t, "valid", out.Data)
}
Exemple #6
0
func start_upload_process(idx_file IndexFileT, idx_cfg IndexConfigT) bool {

	var ak string
	var sk string
	ak, sk, err := get_aksk_by_userid(idx_cfg.userid)
	if err != nil {
		return false
	}

	credentials := credentials.NewStaticCredentials(ak, sk, "")
	svc := s3.New(&aws.Config{
		Region:           "HANGZHOU",
		Credentials:      credentials,
		Endpoint:         "ks3.sdns.ksyun.com",
		DisableSSL:       true,
		LogLevel:         0,
		S3ForcePathStyle: true,
		LogHTTPBody:      true,
	})

	directory := fmt.Sprintf("%s%s/%s/%s/%s/", idx_file.root, idx_file.vhost, idx_file.app,
		idx_file.name, idx_file.time)

	upload := false
	nupload := 0
	for i := 0; i < len(idx_cfg.files); i++ {
		key := fmt.Sprintf("record/%s/%s/%s/%s", idx_file.app, idx_file.name, idx_file.time, idx_cfg.files[i])
		file := directory + idx_cfg.files[i]
		_, err := os.Stat(directory + idx_cfg.files[i])
		if err != nil {
			// delete already.
			nupload++
			continue
		}

		if !ks3_flv_upload(svc, idx_cfg, ak, sk, key, file) {
			// upload failed.
			break
		}

		os.Remove(file)
		log.Info(fmt.Sprintf("remove .flv file %s", file))
		nupload++
	}

	if nupload == len(idx_cfg.files) {
		now := time.Now().Unix()
		if idx_cfg.upload || (now-idx_file.modtime) > (idx_cfg.interval+g_gout_config.timeout) {
			upload = true
		}
	}

	if upload {
		if ks3_mp4_merge(svc, idx_file, idx_cfg) {
			// we need upload file
			os.RemoveAll(directory)
			log.Info(fmt.Sprintf("remove directory %s", directory))
		}
	}

	return true
}
	//	"io"
	"fmt"
	"github.com/kingsoft-avteam/aws-sdk-go/aws"
	"github.com/kingsoft-avteam/aws-sdk-go/aws/credentials"
	"github.com/kingsoft-avteam/aws-sdk-go/internal/apierr"
	"github.com/kingsoft-avteam/aws-sdk-go/service/s3"
	"github.com/stretchr/testify/assert"
	"net/http"
)

var bucket = string("aa-go-sdk")
var key = string("中文/test.go")
var key_encode = string("%E4%B8%AD%E6%96%87/test.go")
var key_copy = string("中文/test.go.copy")
var content = string("content")
var cre = credentials.NewStaticCredentials("lMQTr0hNlMpB0iOk/i+x", "D4CsYLs75JcWEjbiI22zR3P7kJ/+5B1qdEje7A7I", "")
var svc = s3.New(&aws.Config{
	Region:           "HANGZHOU",
	Credentials:      cre,
	Endpoint:         "kssws.ks-cdn.com",
	DisableSSL:       true,
	LogLevel:         1,
	S3ForcePathStyle: false,
	LogHTTPBody:      true,
})

func TestCreateBucket(t *testing.T) {
	_, err := svc.CreateBucket(&s3.CreateBucketInput{
		ACL:    aws.String("public-read"),
		Bucket: aws.String(bucket),
	})
Exemple #8
0
func init() {
	// mock region and credentials
	aws.DefaultConfig.Credentials =
		credentials.NewStaticCredentials("AKID", "SECRET", "SESSION")
	aws.DefaultConfig.Region = "mock-region"
}