兼容 IPV6 域名，支持自动调正签名时间

Author: carsonxu

demo/demo-sts.js

@@ -23,7 +23,7 @@ var policy = {
         'effect': 'allow',
         'principal': {'qcs': ['*']},
         'resource': [
-            'qcs::cos:ap-guangzhou:uid/' + AppId + ':prefix//' + AppId + '/' + ShortBucketName + '/dir/*'
+            'qcs::cos:' + config.Region + ':uid/' + AppId + ':prefix//' + AppId + '/' + ShortBucketName + '/*'
         ]
     }]
 };
@@ -45,6 +45,7 @@ var cos = new COS({
                     TmpSecretId: credentials.tmpSecretId,
                     TmpSecretKey: credentials.tmpSecretKey,
                     XCosSecurityToken: credentials.sessionToken,
+                    StartTime: data.starteTime,
                     ExpiredTime: data.expiredTime,
                 });
             }

demo/demo.js

@@ -448,7 +448,7 @@ function deleteBucket() {
         console.log(err || data);
     });
 }
-return putObject();
+
 function putObject() {
     // 创建测试文件
     var filename = '1mb.zip';

package.json

@@ -1,6 +1,6 @@
 {
   "name": "cos-nodejs-sdk-v5",
-  "version": "2.5.3",
+  "version": "2.5.4",
   "description": "cos nodejs sdk v5",
   "main": "index.js",
   "scripts": {
@@ -34,6 +34,6 @@
   },
   "devDependencies": {
     "mocha": "^4.0.1",
-    "qcloud-cos-sts": "^2.0.5"
+    "qcloud-cos-sts": "^2.0.6"
   }
 }

sdk/advance.js

@@ -961,15 +961,15 @@ function sliceCopyFile(params, callback) {
     var Region = params.Region;
     var Key = params.Key;
     var CopySource = params.CopySource;
-    var m = CopySource.match(/^([^.]+-\d+)\.cos\.([^.]+)\.[^/]+\/(.+)$/);
+    var m = CopySource.match(/^([^.]+-\d+)\.cos(v6)?\.([^.]+)\.[^/]+\/(.+)$/);
     if (!m) {
         callback({error: 'CopySource format error'});
         return;
     }
 
     var SourceBucket = m[1];
-    var SourceRegion = m[2];
-    var SourceKey = decodeURIComponent(m[3]);
+    var SourceRegion = m[3];
+    var SourceKey = decodeURIComponent(m[4]);
     var CopySliceSize = params.SliceSize === undefined ? self.options.CopySliceSize : params.SliceSize;
     CopySliceSize = Math.max(0, Math.min(CopySliceSize, 5 * 1024 * 1024 * 1024));
 

sdk/base.js

@@ -1406,15 +1406,15 @@ function optionsObject(params, callback) {
  */
 function putObjectCopy(params, callback) {
     var CopySource = params.CopySource || '';
-    var m = CopySource.match(/^([^.]+-\d+)\.cos\.([^.]+)\.[^/]+\/(.+)$/);
+    var m = CopySource.match(/^([^.]+-\d+)\.cos(v6)?\.([^.]+)\.[^/]+\/(.+)$/);
     if (!m) {
         callback({error: 'CopySource format error'});
         return;
     }
 
     var SourceBucket = m[1];
-    var SourceRegion = m[2];
-    var SourceKey = decodeURIComponent(m[3]);
+    var SourceRegion = m[3];
+    var SourceKey = decodeURIComponent(m[4]);
 
     submitRequest.call(this, {
         Scope: [{
@@ -1450,15 +1450,15 @@ function putObjectCopy(params, callback) {
 function uploadPartCopy(params, callback) {
 
     var CopySource = params.CopySource || '';
-    var m = CopySource.match(/^([^.]+-\d+)\.cos\.([^.]+)\.[^/]+\/(.+)$/);
+    var m = CopySource.match(/^([^.]+-\d+)\.cos(v6)?\.([^.]+)\.[^/]+\/(.+)$/);
     if (!m) {
         callback({error: 'CopySource format error'});
         return;
     }
 
     var SourceBucket = m[1];
-    var SourceRegion = m[2];
-    var SourceKey = decodeURIComponent(m[3]);
+    var SourceRegion = m[3];
+    var SourceKey = decodeURIComponent(m[4]);
 
     submitRequest.call(this, {
         Scope: [{
@@ -1909,6 +1909,7 @@ function getAuth(params) {
         Headers: params.Headers,
         Expires: params.Expires,
         UseRawKey: self.options.UseRawKey,
+        SystemClockOffset: self.options.SystemClockOffset,
     });
 }
 
@@ -2163,7 +2164,7 @@ function getAuthorizationAsync(params, callback) {
         var i, AuthData;
         for (i = self._StsCache.length - 1; i >= 0; i--) {
             AuthData = self._StsCache[i];
-            if (AuthData.ExpiredTime < Math.round(Date.now() / 1000) + 10) {
+            if (AuthData.ExpiredTime < Math.round(util.getSkewTime(self.options.SystemClockOffset) / 1000) + 30) {
                 self._StsCache.splice(i, 1);
                 continue;
             }
@@ -2183,6 +2184,7 @@ function getAuthorizationAsync(params, callback) {
             Query: params.Query,
             Headers: params.Headers,
             UseRawKey: self.options.UseRawKey,
+            SystemClockOffset: self.options.SystemClockOffset,
         });
         var AuthData = {
             Authorization: Authorization,
@@ -2195,7 +2197,7 @@ function getAuthorizationAsync(params, callback) {
     };
 
     // 先判断是否有临时密钥
-    if (StsData.ExpiredTime && StsData.ExpiredTime - (Date.now() / 1000) > 60) { // 如果缓存的临时密钥有效，并还有超过60秒有效期就直接使用
+    if (StsData.ExpiredTime && StsData.ExpiredTime - (util.getSkewTime(self.options.SystemClockOffset) / 1000) > 60) { // 如果缓存的临时密钥有效，并还有超过60秒有效期就直接使用
         calcAuthByTmpKey();
     } else if (self.options.getAuthorization) { // 外部计算签名或获取临时密钥
         self.options.getAuthorization.call(self, {
@@ -2247,6 +2249,7 @@ function getAuthorizationAsync(params, callback) {
                 Headers: params.Headers,
                 Expires: params.Expires,
                 UseRawKey: self.options.UseRawKey,
+                SystemClockOffset: self.options.SystemClockOffset,
             });
             var AuthData = {
                 Authorization: Authorization,
@@ -2259,6 +2262,35 @@ function getAuthorizationAsync(params, callback) {
     return '';
 }
 
+// 调整时间偏差
+function allowRetry(err) {
+    var allowRetry = false;
+    var isTimeError = false;
+    var serverDate = (err.headers && (err.headers.date || err.headers.Date)) || '';
+    try {
+        var errorCode = err.error.Code;
+        var errorMessage = err.error.Message;
+        if (errorCode === 'RequestTimeTooSkewed' ||
+            (errorCode === 'AccessDenied' && errorMessage === 'Request has expired')) {
+            isTimeError = true;
+        }
+    } catch (e) {
+    }
+    if (err) {
+        if (isTimeError && serverDate) {
+            var serverTime = Date.parse(serverDate);
+            if (this.options.CorrectClockSkew && Math.abs(util.getSkewTime(this.options.SystemClockOffset) - serverTime) >= 30000) {
+                console.error('error: Local time is too skewed.');
+                this.options.SystemClockOffset = serverTime - Date.now();
+                allowRetry = true;
+            }
+        } else if (Math.round(err.statusCode / 100) === 5) {
+            allowRetry = true;
+        }
+    }
+    return allowRetry;
+}
+
 // 获取签名并发起请求
 function submitRequest(params, callback) {
     var self = this;
@@ -2278,51 +2310,39 @@ function submitRequest(params, callback) {
 
     var Query = util.clone(params.qs);
     params.action && (Query[params.action] = '');
-    getAuthorizationAsync.call(self, {
-        Bucket: params.Bucket || '',
-        Region: params.Region || '',
-        Method: params.method,
-        Key: params.Key,
-        Query: Query,
-        Headers: params.headers,
-        Action: params.Action,
-        ResourceKey: params.ResourceKey,
-        Scope: params.Scope,
-    }, function (err, AuthData) {
 
-        // 检查签名格式
-        var auth = AuthData.Authorization;
-        var formatAllow = false;
-        if (auth) {
-            if (auth.indexOf(' ') > -1) {
-                formatAllow = false;
-            } else if (auth.indexOf('q-sign-algorithm=') > -1 &&
-                auth.indexOf('q-ak=') > -1 &&
-                auth.indexOf('q-sign-time=') > -1 &&
-                auth.indexOf('q-key-time=') > -1 &&
-                auth.indexOf('q-url-param-list=') > -1) {
-                formatAllow = true;
-            } else {
-                try {
-                    auth = atob(auth);
-                    if (auth.indexOf('a=') > -1 &&
-                        auth.indexOf('k=') > -1 &&
-                        auth.indexOf('t=') > -1 &&
-                        auth.indexOf('r=') > -1 &&
-                        auth.indexOf('b=') > -1) {
-                        formatAllow = true;
+    var next = function (tryIndex) {
+        var oldClockOffset = self.options.SystemClockOffset;
+        getAuthorizationAsync.call(self, {
+            Bucket: params.Bucket || '',
+            Region: params.Region || '',
+            Method: params.method,
+            Key: params.Key,
+            Query: Query,
+            Headers: params.headers,
+            Action: params.Action,
+            ResourceKey: params.ResourceKey,
+            Scope: params.Scope,
+        }, function (err, AuthData) {
+            params.AuthData = AuthData;
+            _submitRequest.call(self, params, function (err, data) {
+                if (err && tryIndex < 2 && (oldClockOffset !== self.options.SystemClockOffset || allowRetry.call(self, err))) {
+                    if (params.headers) {
+                        delete params.headers.Authorization;
+                        delete params.headers['token'];
+                        delete params.headers['clientIP'];
+                        delete params.headers['clientUA'];
+                        delete params.headers['x-cos-security-token'];
                     }
-                } catch (e) {}
-            }
-        }
-        if (!formatAllow) {
-            callback('authorization error');
-            return;
-        }
+                    next(tryIndex + 1);
+                } else {
+                    callback(err, data);
+                }
+            });
+        });
+    };
+    next(0);
 
-        params.AuthData = AuthData;
-        _submitRequest.call(self, params, callback);
-    });
 }
 
 // 发起请求
@@ -2415,6 +2435,10 @@ function _submitRequest(params, callback) {
             data = util.extend(data || {}, attrs);
             callback(null, data);
         }
+        if (sender) {
+            sender.removeAllListeners && sender.removeAllListeners();
+            sender = null;
+        }
     };
     var xml2json = function (body) {
         try {
@@ -2440,10 +2464,10 @@ function _submitRequest(params, callback) {
         } else if (responseContentLength >= process.binding('buffer').kMaxLength && opt.method !== 'HEAD') {
             cb({error: 'file size large than ' + process.binding('buffer').kMaxLength + ', please use "Output" Stream to getObject.'});
         } else {
-            sender.on('data', function (chunk) {
+            var dataHandler = function (chunk) {
                 chunkList.push(chunk);
-            });
-            sender.on('end', function () {
+            };
+            var endHandler = function () {
                 var json;
                 try {
                     var body = Buffer.concat(chunkList);
@@ -2469,7 +2493,10 @@ function _submitRequest(params, callback) {
                     bodyStr && (json = xml2json(bodyStr));
                     cb({error: json && json.Error || response.statusMessage || 'statusCode error'});
                 }
-            });
+                chunkList = null;
+            };
+            sender.on('data', dataHandler);
+            sender.on('end', endHandler);
         }
     });
 
@@ -2535,15 +2562,15 @@ function _submitRequest(params, callback) {
     // pipe 输入
     if (readStream) {
         readStream.on('error', function (err) {
-            sender.abort();
+            sender && sender.abort && sender.abort();
             callback(err);
         });
         readStream.pipe(sender);
     }
     // pipe 输出
     if (params.outputStream) {
         params.outputStream.on('error', function (err) {
-            sender.abort();
+            sender && sender.abort && sender.abort();
             callback(err)
         });
         sender.pipe(params.outputStream);

sdk/cos.js

@@ -30,6 +30,8 @@ var defaultOptions = {
     ForcePathStyle: false,
     UseRawKey: false,
     Timeout: 0, // 单位毫秒，0 代表不设置超时时间
+    CorrectClockSkew: true,
+    SystemClockOffset: 0, // 单位毫秒，ms
     UploadCheckContentMd5: false,
     UploadIdCacheLimit: 500,
     Proxy: '',

sdk/task.js

@@ -44,6 +44,23 @@ var initTask = function (cos) {
         cos.emit('list-update', {list: util.map(queue, formatTask)});
     };
 
+    var clearQueue = function () {
+        if (queue.length > cos.options.UploadQueueSize) {
+            var i;
+            for (i = 0;
+                 i < queue.length &&
+                 queue.length > cos.options.UploadQueueSize && // 大于队列才处理
+                 i < nextUploadIndex; // 小于当前操作的 index 才处理
+                 i++) {
+                if (!queue[i] || queue[i].state !== 'waiting') {
+                    console.log('splice:', queue.length, i, queue[i] && queue[i].state);
+                    queue.splice(i, 1);
+                    nextUploadIndex--;
+                }
+            }
+        }
+    };
+
     var startNextTask = function () {
         if (nextUploadIndex < queue.length &&
             uploadingFileCount < cos.options.FileParallelLimit) {
@@ -69,6 +86,7 @@ var initTask = function (cos) {
                             delete task.callback;
                         }
                     }
+                    clearQueue();
                 });
                 emitListUpdate();
             }
@@ -170,14 +188,10 @@ var initTask = function (cos) {
             // 获取完文件大小再把任务加入队列
             tasks[id] = task;
             queue.push(task);
-            if (queue.length > cos.options.UploadQueueSize) {
-                var delta = queue.length - cos.options.UploadQueueSize;
-                queue.splice(0, delta);
-                nextUploadIndex -= delta;
-            }
             task.size = size;
             !ignoreAddEvent && emitListUpdate();
             startNextTask(cos);
+            clearQueue();
         });
         return id;
     };