add auth

Author: dfounderliu

deploy/tencentDeploy.js

@@ -26,17 +26,19 @@ class TencentDeploy {
   }
 
   async deploy() {
+    const provider = new tencentProvider(this.serverless, this.options)
     if (!this.options.credentials || !this.options.credentials.tencent_secret_id) {
-      const provider = new tencentProvider(this.serverless, this.options)
       const tencentTemp = await provider.getTempKey()
       this.options.credentials = {
         tencent_secret_id: tencentTemp.tencent_secret_id,
         tencent_secret_key: tencentTemp.tencent_secret_key,
-        tencent_appid: tencentTemp.tencent_appid
+        tencent_appid: tencentTemp.tencent_appid,
+        tencent_owneruin: tencentTemp.tencent_owneruin
       }
       this.options.token = tencentTemp.token
       this.options.timestamp = tencentTemp.timestamp
     }
+    await provider.getUserAuth(this.options.credentials.tencent_owneruin)
 
     const services = this.provider.getServiceResource()
     const func = new DeployFunction(this.options, this.serverless)

deploy/tencentDeployFunction.js

@@ -31,17 +31,19 @@ class TencentDeployFunction {
   }
 
   async deploy() {
+    const provider = new tencentProvider(this.serverless, this.options)
     if (!this.options.credentials || !this.options.credentials.tencent_secret_id) {
-      const provider = new tencentProvider(this.serverless, this.options)
       const tencentTemp = await provider.getTempKey()
       this.options.credentials = {
         tencent_secret_id: tencentTemp.tencent_secret_id,
         tencent_secret_key: tencentTemp.tencent_secret_key,
-        tencent_appid: tencentTemp.tencent_appid
+        tencent_appid: tencentTemp.tencent_appid,
+        tencent_owneruin: tencentTemp.tencent_owneruin
       }
       this.options.token = tencentTemp.token
       this.options.timestamp = tencentTemp.timestamp
     }
+    await provider.getUserAuth(this.options.credentials.tencent_owneruin)
 
     const services = this.provider.getServiceResource()
 

deploy/tencentDeployList.js

@@ -23,17 +23,19 @@ class TencentDeployList {
   }
 
   async serviceList() {
+    const provider = new tencentProvider(this.serverless, this.options)
     if (!this.options.credentials || !this.options.credentials.tencent_secret_id) {
-      const provider = new tencentProvider(this.serverless, this.options)
       const tencentTemp = await provider.getTempKey()
       this.options.credentials = {
         tencent_secret_id: tencentTemp.tencent_secret_id,
         tencent_secret_key: tencentTemp.tencent_secret_key,
-        tencent_appid: tencentTemp.tencent_appid
+        tencent_appid: tencentTemp.tencent_appid,
+        tencent_owneruin: tencentTemp.tencent_owneruin
       }
       this.options.token = tencentTemp.token
       this.options.timestamp = tencentTemp.timestamp
     }
+    await provider.getUserAuth(this.options.credentials.tencent_owneruin)
     const Handler = new RollbackService(this.options, this.serverless)
     const fileKeyPrefix = this.serverless.service.service + '-' + this.options.stage
     const cosBucket = this.provider.getDeployCosBucket()

deploy/tencentDeployListFunctions.js

@@ -25,17 +25,19 @@ class TencentDeployListFunction {
   }
 
   async functionList() {
+    const provider = new tencentProvider(this.serverless, this.options)
     if (!this.options.credentials || !this.options.credentials.tencent_secret_id) {
-      const provider = new tencentProvider(this.serverless, this.options)
       const tencentTemp = await provider.getTempKey()
       this.options.credentials = {
         tencent_secret_id: tencentTemp.tencent_secret_id,
         tencent_secret_key: tencentTemp.tencent_secret_key,
-        tencent_appid: tencentTemp.tencent_appid
+        tencent_appid: tencentTemp.tencent_appid,
+        tencent_owneruin: tencentTemp.tencent_owneruin
       }
       this.options.token = tencentTemp.token
       this.options.timestamp = tencentTemp.timestamp
     }
+    await provider.getUserAuth(this.options.credentials.tencent_owneruin)
     try {
       const infoHandler = new InfoFunction(this.options, this.serverless)
       const deployHandler = new ListFunctions(this.options, this.serverless)

info/tencentInfo.js

@@ -24,17 +24,19 @@ class TencentInfo {
   }
 
   async info() {
+    const provider = new tencentProvider(this.serverless, this.options)
     if (!this.options.credentials || !this.options.credentials.tencent_secret_id) {
-      const provider = new tencentProvider(this.serverless, this.options)
       const tencentTemp = await provider.getTempKey()
       this.options.credentials = {
         tencent_secret_id: tencentTemp.tencent_secret_id,
         tencent_secret_key: tencentTemp.tencent_secret_key,
-        tencent_appid: tencentTemp.tencent_appid
+        tencent_appid: tencentTemp.tencent_appid,
+        tencent_owneruin: tencentTemp.tencent_owneruin
       }
       this.options.token = tencentTemp.token
       this.options.timestamp = tencentTemp.timestamp
     }
+    await provider.getUserAuth(this.options.credentials.tencent_owneruin)
     try {
       const region = this.options.region
       const handler = new InfoFunction(this.options, this.serverless)

invoke/tencentInvoke.js

@@ -23,17 +23,19 @@ class TencentInvoke {
   }
 
   async invoke() {
+    const provider = new tencentProvider(this.serverless, this.options)
     if (!this.options.credentials || !this.options.credentials.tencent_secret_id) {
-      const provider = new tencentProvider(this.serverless, this.options)
       const tencentTemp = await provider.getTempKey()
       this.options.credentials = {
         tencent_secret_id: tencentTemp.tencent_secret_id,
         tencent_secret_key: tencentTemp.tencent_secret_key,
-        tencent_appid: tencentTemp.tencent_appid
+        tencent_appid: tencentTemp.tencent_appid,
+        tencent_owneruin: tencentTemp.tencent_owneruin
       }
       this.options.token = tencentTemp.token
       this.options.timestamp = tencentTemp.timestamp
     }
+    await provider.getUserAuth(this.options.credentials.tencent_owneruin)
     try {
       const options = {
         region: this.options.region

logs/tencentLogs.js

@@ -49,17 +49,19 @@ class TencentLogs {
   }
 
   async logs() {
+    const provider = new tencentProvider(this.serverless, this.options)
     if (!this.options.credentials || !this.options.credentials.tencent_secret_id) {
-      const provider = new tencentProvider(this.serverless, this.options)
       const tencentTemp = await provider.getTempKey()
       this.options.credentials = {
         tencent_secret_id: tencentTemp.tencent_secret_id,
         tencent_secret_key: tencentTemp.tencent_secret_key,
-        tencent_appid: tencentTemp.tencent_appid
+        tencent_appid: tencentTemp.tencent_appid,
+        tencent_owneruin: tencentTemp.tencent_owneruin
       }
       this.options.token = tencentTemp.token
       this.options.timestamp = tencentTemp.timestamp
     }
+    await provider.getUserAuth(this.options.credentials.tencent_owneruin)
     try {
       const timeFormat = 'yyyy-MM-dd hh:mm:ss'
       this.serverless.cli.log(`Get function logs...`)

metrics/tencentMetrics.js

@@ -57,17 +57,19 @@ class TencentInfo {
   }
 
   async metrics() {
+    const provider = new tencentProvider(this.serverless, this.options)
     if (!this.options.credentials || !this.options.credentials.tencent_secret_id) {
-      const provider = new tencentProvider(this.serverless, this.options)
       const tencentTemp = await provider.getTempKey()
       this.options.credentials = {
         tencent_secret_id: tencentTemp.tencent_secret_id,
         tencent_secret_key: tencentTemp.tencent_secret_key,
-        tencent_appid: tencentTemp.tencent_appid
+        tencent_appid: tencentTemp.tencent_appid,
+        tencent_owneruin: tencentTemp.tencent_owneruin
       }
       this.options.token = tencentTemp.token
       this.options.timestamp = tencentTemp.timestamp
     }
+    await provider.getUserAuth(this.options.credentials.tencent_owneruin)
     try {
       const Handler = new MetricsFunction(this.options, this.serverless)
       const functionList = await Handler.functionList(

package.json

@@ -43,7 +43,8 @@
     "request": "^2.88.0",
     "tencentcloud-sdk-nodejs": "^3.0.87",
     "universal-analytics": "^0.4.20",
-    "tencent-login": "^0.1.6"
+    "tencent-login": "^0.1.6",
+    "serverless-tencent-auth-tool": "^1.0.0"
   },
   "devDependencies": {
     "coveralls": "^3.0.5",

provider/tencentProvider.js

@@ -4,8 +4,10 @@ const os = require('os')
 const ini = require('ini')
 const _ = require('lodash')
 const util = require('util')
+const QRCode = require('qrcode')
 const TencentLogin = require('tencent-login')
 const tencentcloud = require('tencentcloud-sdk-nodejs')
+const { GetUserAuthInfo } = require('serverless-tencent-tools').Account
 const ClientProfile = require('tencentcloud-sdk-nodejs/tencentcloud/common/profile/client_profile.js')
 const HttpProfile = require('tencentcloud-sdk-nodejs/tencentcloud/common/profile/http_profile.js')
 const AbstractModel = require('tencentcloud-sdk-nodejs/tencentcloud/common/abstract_model')
@@ -17,7 +19,6 @@ const constants = {
 class GetUserAppIdResponse extends AbstractModel {
   constructor() {
     super()
-
     this.RequestId = null
   }
 
@@ -26,6 +27,7 @@ class GetUserAppIdResponse extends AbstractModel {
       return
     }
     this.AppId = 'RequestId' in params ? params.AppId : null
+    this.OwnerUin = 'RequestId' in params ? params.OwnerUin : null
     this.RequestId = 'RequestId' in params ? params.RequestId : null
   }
 }
@@ -54,6 +56,36 @@ class TencentProvider {
     return constants.providerName
   }
 
+  async getUserAuth(uin) {
+    try {
+      const getUserAuthInfo = new GetUserAuthInfo()
+      const result = await getUserAuthInfo.isAuth(uin)
+      if (result['Error'] == true) {
+        console.log('Failed to get real name authentication result.')
+        process.exit(-1)
+      } else {
+        if (result['Message']['Authentication'] == 1) {
+          return true
+        }
+        const verifyUrl = 'https://cloud.tencent.com/verify/identity'
+        console.log(
+          "You don't have real name authentication yet. You can open the url or scan QR code for real name authentication."
+        )
+        console.log('Real name authentication url: ')
+        console.log(verifyUrl)
+        console.log('Real name authentication QR code: ')
+        QRCode.toString(verifyUrl, { type: 'terminal' }, function(err, url) {
+          console.log(url)
+        })
+        console.log('Please re operate after real name authentication.')
+        process.exit(-1)
+      }
+    } catch (e) {
+      console.log(e)
+      process.exit(-1)
+    }
+  }
+
   getAppid(credentials) {
     const secret_id = credentials.SecretId
     const secret_key = credentials.SecretKey
@@ -137,6 +169,14 @@ class TencentProvider {
           uuid: tencent_credentials.uuid,
           timestamp: tencent_credentials.timestamp
         }
+        // From cam to getting appid
+        const userInfo = await this.getAppid({
+          SecretId: tencent.tencent_secret_id,
+          SecretKey: tencent.tencent_secret_key,
+          token: tencent.token
+        })
+        tencent.tencent_owneruin = userInfo.OwnerUin
+        tencent.tencent_appid = userInfo.AppId
         await fs.writeFileSync('./.env_temp', JSON.stringify(tencent))
         return tencent
       } catch (e) {
@@ -152,10 +192,16 @@ class TencentProvider {
       try {
         const tencent = {}
         const tencent_credentials_read = JSON.parse(data)
-        if (
-          Date.now() / 1000 - tencent_credentials_read.timestamp <= 6000 &&
-          tencent_credentials_read.tencent_appid
-        ) {
+        if (Date.now() / 1000 - tencent_credentials_read.timestamp <= 6000) {
+          const userInfo = await this.getAppid({
+            SecretId: tencent_credentials_read.tencent_secret_id,
+            SecretKey: tencent_credentials_read.tencent_secret_key,
+            token: tencent_credentials_read.token
+          })
+
+          // From cam to getting appid
+          tencent_credentials_read.tencent_owneruin = userInfo.OwnerUin
+          tencent_credentials_read.tencent_appid = userInfo.AppId
           return tencent_credentials_read
         }
         const login = new TencentLogin()
@@ -175,6 +221,14 @@ class TencentProvider {
           tencent.uuid = tencent_credentials_read.uuid
           tencent.timestamp = Date.now() / 1000
           await fs.writeFileSync('./.env_temp', JSON.stringify(tencent))
+          // From cam to getting appid
+          const userInfo = await this.getAppid({
+            SecretId: tencent.tencent_secret_id,
+            SecretKey: tencent.tencent_secret_key,
+            token: tencent.token
+          })
+          tencent.tencent_owneruin = userInfo.OwnerUin
+          tencent.tencent_appid = userInfo.AppId
           return tencent
         }
         return await that.doLogin()
@@ -242,6 +296,7 @@ class TencentProvider {
           SecretKey: this.options.credentials.tencent_secret_key
         })
         this.options.credentials.tencent_appid = appid.AppId
+        this.options.credentials.tencent_owneruin = appid.OwnerUin
       }
     } catch (e) {}
     return