proto.signatureUrl = function signatureUrl(name, options) {
options = options || {};
name = this._objectName(name);
options.method = options.method || 'GET';
const expires = utility.timestamp() + (options.expires || 1800);
const params = {
bucket: this.options.bucket,
object: name
};
const resource = this._getResource(params);
if (this.options.stsToken) {
options['security-token'] = this.options.stsToken;
}
const signRes = signHelper._signatureForURL(this.options.accessKeySecret, options, resource, expires);
const url = urlutil.parse(this._getReqUrl(params));
url.query = {
OSSAccessKeyId: this.options.accessKeyId,
Expires: expires,
Signature: signRes.Signature
};
copy(signRes.subResource).to(url.query);
return url.format();
};
router.post("/", function(req, res){
console.log(req.body);
let { username, password, _csrf:csrf } = req.body;
let sessionCsrf = req.session._csrf;
console.log("session.csrf ", sessionCsrf);
console.log(username, password, csrf);
// res.sendfile("./public/form.html");
csrf = utils.timestamp();
req.session._csrf = csrf;
res.send(`
<html>
<head>
<meta charset="UTF-8">
<title>Document</title>
</head>
<body>
<form action="/form" method="post">
<input type="hidden" name="_csrf", value="${csrf}">
<input type="text" name="username">
<input type="text" name="password">
<input type="submit", name="submit">
</form>
</body>
</html>
`)
});
proto.signatureUrl = function (name, options) {
name = this._objectName(name);
var params = {
bucket: this.options.bucket,
object: name
};
options = options || {};
var expires = utility.timestamp() + (options.expires || 1800);
var resource = this._getResource(params);
var query = {};
var signList = [];
for (var k in options.response) {
var key = 'response-' + k.toLowerCase();
query[key] = options.response[k];
signList.push(key + '=' + options.response[k]);
}
if (this.options.stsToken) {
query['security-token'] = this.options.stsToken;
signList.push('security-token=' + this.options.stsToken);
}
if (signList.length > 0) {
signList.sort();
resource += '?' + signList.join('&');
}
var stringToSign = [
options.method || 'GET',
options['content-md5'] || '', // Content-MD5
options['content-type'] || '', // Content-Type
expires,
resource
].join('\n');
var signature = this.signature(stringToSign);
var url = urlutil.parse(this._getReqUrl(params));
url.query = {
OSSAccessKeyId: this.options.accessKeyId,
Expires: expires,
Signature: signature
};
copy(query).to(url.query);
return url.format();
};
router.get("/", function(req, res){
let csrf = utils.timestamp();
req.session._csrf = csrf;
res.send(`
<html>
<head>
<meta charset="UTF-8">
<title>Document</title>
</head>
<body>
<form action="/form" method="post">
<input type="hidden" name="_csrf", value="${csrf}">
<input type="text" name="username">
<input type="text" name="password">
<input type="submit", name="submit">
</form>
</body>
</html>
`)
});
it('should return a upload token with a deadline', function () {
var token = this.client.uploadToken({
deadline: utility.timestamp() + 10
});
should.exist(token);
});