You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

84 lines
2.8 KiB
PHP

<?php
/**
* Signature create related functions for authenticating with cos system.
*/
namespace qcloudcos;
/**
* Auth class for creating reusable or nonreusable signature.
*/
class Auth {
// Secret id or secret key is not valid.
const AUTH_SECRET_ID_KEY_ERROR = -1;
/**
* Create reusable signature for listDirectory in $bucket or uploadFile into $bucket.
* If $filepath is not null, this signature will be binded with this $filepath.
* This signature will expire at $expiration timestamp.
* Return the signature on success.
* Return error code if parameter is not valid.
*/
public static function createReusableSignature($expiration, $bucket,$appId,$secretId,$secretKey,$filepath = null) {
// $appId = Conf::APP_ID;
// $secretId = Conf::SECRET_ID;
// $secretKey = Conf::SECRET_KEY;
if (empty($appId) || empty($secretId) || empty($secretKey)) {
return self::AUTH_SECRET_ID_KEY_ERROR;
}
if (empty($filepath)) {
return self::createSignature($appId, $secretId, $secretKey, $expiration, $bucket, null);
} else {
if (preg_match('/^\//', $filepath) == 0) {
$filepath = '/' . $filepath;
}
return self::createSignature($appId, $secretId, $secretKey, $expiration, $bucket, $filepath);
}
}
/**
* Create nonreusable signature for delete $filepath in $bucket.
* This signature will expire after single usage.
* Return the signature on success.
* Return error code if parameter is not valid.
*/
public static function createNonreusableSignature($bucket, $filepath,$appId,$secretId,$secretKey) {
if (empty($appId) || empty($secretId) || empty($secretKey)) {
return self::AUTH_SECRET_ID_KEY_ERROR;
}
if (preg_match('/^\//', $filepath) == 0) {
$filepath = '/' . $filepath;
}
$fileId = '/' . $appId . '/' . $bucket . $filepath;
return self::createSignature($appId, $secretId, $secretKey, 0, $bucket, $fileId);
}
/**
* A helper function for creating signature.
* Return the signature on success.
* Return error code if parameter is not valid.
*/
private static function createSignature(
$appId, $secretId, $secretKey, $expiration, $bucket, $fileId) {
if (empty($secretId) || empty($secretKey)) {
return self::AUTH_SECRET_ID_KEY_ERROR;
}
$now = time();
$random = rand();
$plainText = "a=$appId&k=$secretId&e=$expiration&t=$now&r=$random&f=$fileId&b=$bucket";
$bin = hash_hmac('SHA1', $plainText, $secretKey, true);
$bin = $bin.$plainText;
$signature = base64_encode($bin);
return $signature;
}
}