accessKey = $accessKey; $this->secretKey = $secretKey; } public function getAccessKey() { return $this->accessKey; } public function sign($data) { $hmac = hash_hmac('sha1', $data, $this->secretKey, true); return $this->accessKey . ':' . \Qiniu\base64_urlSafeEncode($hmac); } public function signWithData($data) { $encodedData = \Qiniu\base64_urlSafeEncode($data); return $this->sign($encodedData) . ':' . $encodedData; } public function signRequest($urlString, $body, $contentType = null) { $url = parse_url($urlString); $data = ''; if (array_key_exists('path', $url)) { $data = $url['path']; } if (array_key_exists('query', $url)) { $data .= '?' . $url['query']; } $data .= "\n"; if ($body !== null && $contentType === 'application/x-www-form-urlencoded') { $data .= $body; } return $this->sign($data); } public function verifyCallback($contentType, $originAuthorization, $url, $body) { $authorization = 'QBox ' . $this->signRequest($url, $body, $contentType); return $originAuthorization === $authorization; } public function privateDownloadUrl($baseUrl, $expires = 3600) { $deadline = time() + $expires; $pos = strpos($baseUrl, '?'); if ($pos !== false) { $baseUrl .= '&e='; } else { $baseUrl .= '?e='; } $baseUrl .= $deadline; $token = $this->sign($baseUrl); return "$baseUrl&token=$token"; } public function uploadToken($bucket, $key = null, $expires = 3600, $policy = null, $strictPolicy = true) { $deadline = time() + $expires; $scope = $bucket; if ($key !== null) { $scope .= ':' . $key; } $args = self::copyPolicy($args, $policy, $strictPolicy); $args['scope'] = $scope; $args['deadline'] = $deadline; $b = json_encode($args); return $this->signWithData($b); } /** *上传策略,参数规格详见 *http://developer.qiniu.com/docs/v6/api/reference/security/put-policy.html */ private static $policyFields = array( 'callbackUrl', 'callbackBody', 'callbackHost', 'callbackBodyType', 'callbackFetchKey', 'returnUrl', 'returnBody', 'endUser', 'saveKey', 'insertOnly', 'detectMime', 'mimeLimit', 'fsizeMin', 'fsizeLimit', 'persistentOps', 'persistentNotifyUrl', 'persistentPipeline', 'deleteAfterDays', 'fileType', 'isPrefixalScope', ); private static function copyPolicy(&$policy, $originPolicy, $strictPolicy) { if ($originPolicy === null) { return array(); } foreach ($originPolicy as $key => $value) { if (!$strictPolicy || in_array((string)$key, self::$policyFields, true)) { $policy[$key] = $value; } } return $policy; } public function authorization($url, $body = null, $contentType = null) { $authorization = 'QBox ' . $this->signRequest($url, $body, $contentType); return array('Authorization' => $authorization); } public function authorizationV2($url, $method, $body = null, $contentType = null) { $urlItems = parse_url($url); $host = $urlItems['host']; if (isset($urlItems['port'])) { $port = $urlItems['port']; } else { $port = ''; } $path = $urlItems['path']; if (isset($urlItems['query'])) { $query = $urlItems['query']; } else { $query = ''; } //write request uri $toSignStr = $method . ' ' . $path; if (!empty($query)) { $toSignStr .= '?' . $query; } //write host and port $toSignStr .= "\nHost: " . $host; if (!empty($port)) { $toSignStr .= ":" . $port; } //write content type if (!empty($contentType)) { $toSignStr .= "\nContent-Type: " . $contentType; } $toSignStr .= "\n\n"; //write body if (!empty($body)) { $toSignStr .= $body; } $sign = $this->sign($toSignStr); $auth = 'Qiniu ' . $sign; return array('Authorization' => $auth); } public static function isModuleAllow() { $config = get_addon_config('qiniu'); $module = \addons\bos\library\request()->module(); $module = $module ? strtolower($module) : 'index'; $noNeedLogin = array_filter(explode(',', $config['noneedlogin'] ?? '')); $isModuleLogin = false; $tagName = 'upload_config_checklogin'; foreach (\think\Hook::get($tagName) as $index => $name) { if (\think\Hook::exec($name, $tagName)) { $isModuleLogin = true; break; } } if (in_array($module, $noNeedLogin) || ($module == 'admin' && \app\admin\library\Auth::instance()->id) || ($module != 'admin' && \app\common\library\Auth::instance()->id) || $isModuleLogin) { return true; } else { return false; } } }