fix(deps): update module github.com/go-webauthn/webauthn to v0.11.2

fix(deps): update module github.com/charmbracelet/bubbles to v0.20.0 (#7142 )
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-11 17:33:01 +00:00 · 2024-09-10 00:02:47 +08:00 · 2024-09-10 00:02:24 +08:00 · 2024-09-10 00:01:51 +08:00 · 2024-09-09 00:25:35 +08:00 · 2024-09-08 23:03:58 +08:00
6 changed files with 115 additions and 47 deletions
--- a/.github/workflows/beta_release.yml
+++ b/.github/workflows/beta_release.yml
@ -22,14 +22,19 @@ jobs:
        with:
          fetch-depth: 0

+      - name: Create or update ref
+        id: create-or-update-ref
+        uses: ovsds/create-or-update-ref-action@v1
+        with:
+          ref: tags/beta
+          sha: ${{ github.sha }}
+
      - name: changelog # or changelogithub@0.12 if ensure the stable result
        id: changelog
        run: |
          git tag -l
          npx changelogithub --output CHANGELOG.md
 #          npx changelogen@latest --output CHANGELOG.md
-
-
      - name: Upload assets
        uses: softprops/action-gh-release@v2
        with:
@ -46,8 +51,10 @@ jobs:
        include:
          - target: '!(*musl*|*windows-arm64*|*android*)' # xgo
            hash: "md5"
-          - target: 'linux-*-musl*' #musl
+          - target: 'linux-!(arm*)-musl*' #musl-not-arm
            hash: "md5-linux-musl"
+          - target: 'linux-arm*-musl*' #musl-arm
+            hash: "md5-linux-musl-arm"
          - target: 'windows-arm64' #win-arm64
            hash: "md5-windows-arm64"
          - target: 'android-*' #android
@ -93,8 +100,14 @@ jobs:
    name: Beta Release Desktop
    runs-on: ubuntu-latest
    steps:
-      - uses: dusansimic/trigger-workflow-action@v0
+      - uses: peter-evans/create-or-update-comment@v4
        with:
-          name: release_beta.yml
-          owner: alist-org
-          repo: desktop-release
+          issue-number: 69
+          body: |
+            /release-beta
+            - triggered by @${{ github.actor }}
+            - commit sha: ${{ github.sha }}
+            - view files: https://github.com/alist-org/alist/tree/${{ github.sha }}
+          reactions: 'rocket'
+          token: ${{ secrets.MY_TOKEN }}
+          repository: alist-org/desktop-release
--- a/drivers/baidu_photo/driver.go
+++ b/drivers/baidu_photo/driver.go
@ -137,13 +137,19 @@ func (d *BaiduPhoto) Link(ctx context.Context, file model.Obj, args model.LinkAr
 	case *File:
 		return d.linkFile(ctx, file, args)
 	case *AlbumFile:
-		f, err := d.CopyAlbumFile(ctx, file)
-		if err != nil {
-			return nil, err
+		// 处理共享相册
+		if d.Uk != file.Uk {
+			// 有概率无法获取到链接
+			return d.linkAlbum(ctx, file, args)
+
+			// 接口被限制，只能使用cookie
+			// f, err := d.CopyAlbumFile(ctx, file)
+			// if err != nil {
+			// 	return nil, err
+			// }
+			// return d.linkFile(ctx, f, args)
 		}
-		return d.linkFile(ctx, f, args)
-		// 有概率无法获取到链接
-		//return d.linkAlbum(ctx, file, args)
+		return d.linkFile(ctx, &file.File, args)
 	}
 	return nil, errs.NotFile
 }
--- a/drivers/baidu_photo/utils.go
+++ b/drivers/baidu_photo/utils.go
@ -21,8 +21,8 @@ const (
 	FILE_API_URL_V2 = API_URL + "/file/v2"
 )

-func (d *BaiduPhoto) Request(furl string, method string, callback base.ReqCallback, resp interface{}) (*resty.Response, error) {
-	req := base.RestyClient.R().
+func (d *BaiduPhoto) Request(client *resty.Client, furl string, method string, callback base.ReqCallback, resp interface{}) (*resty.Response, error) {
+	req := client.R().
 		SetQueryParam("access_token", d.AccessToken)
 	if callback != nil {
 		callback(req)
@ -88,11 +88,11 @@ func (d *BaiduPhoto) refreshToken() error {
 }

 func (d *BaiduPhoto) Get(furl string, callback base.ReqCallback, resp interface{}) (*resty.Response, error) {
-	return d.Request(furl, http.MethodGet, callback, resp)
+	return d.Request(base.RestyClient, furl, http.MethodGet, callback, resp)
 }

 func (d *BaiduPhoto) Post(furl string, callback base.ReqCallback, resp interface{}) (*resty.Response, error) {
-	return d.Request(furl, http.MethodPost, callback, resp)
+	return d.Request(base.RestyClient, furl, http.MethodPost, callback, resp)
 }

 // 获取所有文件
@ -338,24 +338,33 @@ func (d *BaiduPhoto) linkAlbum(ctx context.Context, file *AlbumFile, args model.
 		headers["X-Forwarded-For"] = args.IP
 	}

-	res, err := base.NoRedirectClient.R().
-		SetContext(ctx).
-		SetHeaders(headers).
-		SetQueryParams(map[string]string{
-			"access_token": d.AccessToken,
-			"fsid":         fmt.Sprint(file.Fsid),
-			"album_id":     file.AlbumID,
-			"tid":          fmt.Sprint(file.Tid),
-			"uk":           fmt.Sprint(file.Uk),
-		}).
-		Head(ALBUM_API_URL + "/download")
+	resp, err := d.Request(base.NoRedirectClient, ALBUM_API_URL+"/download", http.MethodHead, func(r *resty.Request) {
+		r.SetContext(ctx)
+		r.SetHeaders(headers)
+		r.SetQueryParams(map[string]string{
+			"fsid":     fmt.Sprint(file.Fsid),
+			"album_id": file.AlbumID,
+			"tid":      fmt.Sprint(file.Tid),
+			"uk":       fmt.Sprint(file.Uk),
+		})
+	}, nil)
+
+	if err != nil {
+		return nil, err
+	}
+
+	if resp.StatusCode() != 302 {
+		return nil, fmt.Errorf("not found 302 redirect")
+	}
+
+	location := resp.Header().Get("Location")

 	if err != nil {
 		return nil, err
 	}

 	link := &model.Link{
-		URL: res.Header().Get("location"),
+		URL: location,
 		Header: http.Header{
 			"User-Agent": []string{headers["User-Agent"]},
 			"Referer":    []string{"https://photo.baidu.com/"},
@ -375,22 +384,36 @@ func (d *BaiduPhoto) linkFile(ctx context.Context, file *File, args model.LinkAr
 		headers["X-Forwarded-For"] = args.IP
 	}

-	var downloadUrl struct {
-		Dlink string `json:"dlink"`
-	}
-	_, err := d.Get(FILE_API_URL_V2+"/download", func(r *resty.Request) {
+	// var downloadUrl struct {
+	// 	Dlink string `json:"dlink"`
+	// }
+	// _, err := d.Get(FILE_API_URL_V1+"/download", func(r *resty.Request) {
+	// 	r.SetContext(ctx)
+	// 	r.SetHeaders(headers)
+	// 	r.SetQueryParams(map[string]string{
+	// 		"fsid": fmt.Sprint(file.Fsid),
+	// 	})
+	// }, &downloadUrl)
+
+	resp, err := d.Request(base.NoRedirectClient, FILE_API_URL_V1+"/download", http.MethodHead, func(r *resty.Request) {
 		r.SetContext(ctx)
 		r.SetHeaders(headers)
 		r.SetQueryParams(map[string]string{
 			"fsid": fmt.Sprint(file.Fsid),
 		})
-	}, &downloadUrl)
+	}, nil)
+
 	if err != nil {
 		return nil, err
 	}

+	if resp.StatusCode() != 302 {
+		return nil, fmt.Errorf("not found 302 redirect")
+	}
+
+	location := resp.Header().Get("Location")
 	link := &model.Link{
-		URL: downloadUrl.Dlink,
+		URL: location,
 		Header: http.Header{
 			"User-Agent": []string{headers["User-Agent"]},
 			"Referer":    []string{"https://photo.baidu.com/"},
--- a/drivers/pikpak/util.go
+++ b/drivers/pikpak/util.go
@ -134,6 +134,11 @@ var DlAddr = []string{
 }

 func (d *PikPak) login() error {
+	// 检查用户名和密码是否为空
+	if d.Addition.Username == "" || d.Addition.Password == "" {
+		return errors.New("username or password is empty")
+	}
+
 	url := "https://user.mypikpak.com/v1/auth/signin"
 	// 使用 用户填写的 CaptchaToken —————— (验证后的captcha_token)
 	if d.GetCaptchaToken() == "" {
@ -180,8 +185,13 @@ func (d *PikPak) refreshToken(refreshToken string) error {
 	}
 	if e.ErrorCode != 0 {
 		if e.ErrorCode == 4126 {
-			// refresh_token invalid, re-login
-			return d.login()
+			// 1. 未填写 username 或 password
+			if d.Addition.Username == "" || d.Addition.Password == "" {
+				return errors.New("refresh_token invalid, please re-provide refresh_token")
+			} else {
+				// refresh_token invalid, re-login
+				return d.login()
+			}
 		}
 		d.Status = e.Error()
 		op.MustSaveDriverStorage(d)
@ -229,14 +239,14 @@ func (d *PikPak) request(url string, method string, callback base.ReqCallback, r
 		"X-Device-ID":     d.GetDeviceID(),
 		"X-Captcha-Token": d.GetCaptchaToken(),
 	})
-	if d.RefreshTokenMethod == "oauth2" {
+	if d.RefreshTokenMethod == "oauth2" && d.oauth2Token != nil {
 		// 使用oauth2 获取 access_token
 		token, err := d.oauth2Token.Token()
 		if err != nil {
 			return nil, err
 		}
 		req.SetAuthScheme(token.TokenType).SetAuthToken(token.AccessToken)
-	} else {
+	} else if d.AccessToken != "" {
 		req.SetHeader("Authorization", "Bearer "+d.AccessToken)
 	}

--- a/go.mod
+++ b/go.mod
@ -1,6 +1,8 @@
 module github.com/alist-org/alist/v3

-go 1.22.4
+go 1.23
+
+toolchain go1.23.1

 require (
 	github.com/SheltonZhu/115driver v1.0.27
@ -13,7 +15,7 @@ require (
 	github.com/aws/aws-sdk-go v1.55.5
 	github.com/blevesearch/bleve/v2 v2.4.2
 	github.com/caarlos0/env/v9 v9.0.0
-	github.com/charmbracelet/bubbles v0.19.0
+	github.com/charmbracelet/bubbles v0.20.0
 	github.com/charmbracelet/bubbletea v1.1.0
 	github.com/charmbracelet/lipgloss v0.13.0
 	github.com/city404/v6-public-rpc-proto/go v0.0.0-20240817070657-90f8e24b653e
@ -29,7 +31,7 @@ require (
 	github.com/gin-contrib/cors v1.7.2
 	github.com/gin-gonic/gin v1.10.0
 	github.com/go-resty/resty/v2 v2.14.0
-	github.com/go-webauthn/webauthn v0.11.1
+	github.com/go-webauthn/webauthn v0.11.2
 	github.com/golang-jwt/jwt/v4 v4.5.0
 	github.com/google/uuid v1.6.0
 	github.com/gorilla/websocket v1.5.3
@ -58,7 +60,7 @@ require (
 	github.com/xhofe/tache v0.1.2
 	github.com/xhofe/wopan-sdk-go v0.1.3
 	github.com/zzzhr1990/go-common-entity v0.0.0-20221216044934-fd1c571e3a22
-	golang.org/x/crypto v0.26.0
+	golang.org/x/crypto v0.27.0
 	golang.org/x/exp v0.0.0-20240904232852-e7e105dedf7e
 	golang.org/x/image v0.19.0
 	golang.org/x/net v0.28.0
@ -132,7 +134,7 @@ require (
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-playground/validator/v10 v10.20.0 // indirect
 	github.com/go-sql-driver/mysql v1.7.0 // indirect
-	github.com/go-webauthn/x v0.1.12 // indirect
+	github.com/go-webauthn/x v0.1.14 // indirect
 	github.com/goccy/go-json v0.10.2 // indirect
 	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
 	github.com/golang/geo v0.0.0-20210211234256-740aa86cb551 // indirect
@ -217,9 +219,9 @@ require (
 	go.etcd.io/bbolt v1.3.8 // indirect
 	golang.org/x/arch v0.8.0 // indirect
 	golang.org/x/sync v0.8.0 // indirect
-	golang.org/x/sys v0.24.0 // indirect
-	golang.org/x/term v0.23.0 // indirect
-	golang.org/x/text v0.17.0 // indirect
+	golang.org/x/sys v0.25.0 // indirect
+	golang.org/x/term v0.24.0 // indirect
+	golang.org/x/text v0.18.0 // indirect
 	golang.org/x/tools v0.24.0 // indirect
 	google.golang.org/api v0.169.0 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20240604185151-ef581f913117 // indirect
--- a/go.sum
+++ b/go.sum
@ -98,6 +98,8 @@ github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UF
 github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/charmbracelet/bubbles v0.19.0 h1:gKZkKXPP6GlDk6EcfujDK19PCQqRjaJZQ7QRERx1UF0=
 github.com/charmbracelet/bubbles v0.19.0/go.mod h1:WILteEqZ+krG5c3ntGEMeG99nCupcuIk7V0/zOP0tOA=
+github.com/charmbracelet/bubbles v0.20.0 h1:jSZu6qD8cRQ6k9OMfR1WlM+ruM8fkPWkHvQWD9LIutE=
+github.com/charmbracelet/bubbles v0.20.0/go.mod h1:39slydyswPy+uVOHZ5x/GjwVAFkCsV8IIVy+4MhzwwU=
 github.com/charmbracelet/bubbletea v1.1.0 h1:FjAl9eAL3HBCHenhz/ZPjkKdScmaS5SK69JAK2YJK9c=
 github.com/charmbracelet/bubbletea v1.1.0/go.mod h1:9Ogk0HrdbHolIKHdjfFpyXJmiCzGwy+FesYkZr7hYU4=
 github.com/charmbracelet/lipgloss v0.13.0 h1:4X3PPeoWEDCMvzDvGmTajSyYPcZM4+y8sCA/SsA3cjw=
@ -196,8 +198,12 @@ github.com/go-sql-driver/mysql v1.7.0 h1:ueSltNNllEqE3qcWBTD0iQd3IpL/6U+mJxLkazJ
 github.com/go-sql-driver/mysql v1.7.0/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
 github.com/go-webauthn/webauthn v0.11.1 h1:5G/+dg91/VcaJHTtJUfwIlNJkLwbJCcnUc4W8VtkpzA=
 github.com/go-webauthn/webauthn v0.11.1/go.mod h1:YXRm1WG0OtUyDFaVAgB5KG7kVqW+6dYCJ7FTQH4SxEE=
+github.com/go-webauthn/webauthn v0.11.2 h1:Fgx0/wlmkClTKlnOsdOQ+K5HcHDsDcYIvtYmfhEOSUc=
+github.com/go-webauthn/webauthn v0.11.2/go.mod h1:aOtudaF94pM71g3jRwTYYwQTG1KyTILTcZqN1srkmD0=
 github.com/go-webauthn/x v0.1.12 h1:RjQ5cvApzyU/xLCiP+rub0PE4HBZsLggbxGR5ZpUf/A=
 github.com/go-webauthn/x v0.1.12/go.mod h1:XlRcGkNH8PT45TfeJYc6gqpOtiOendHhVmnOxh+5yHs=
+github.com/go-webauthn/x v0.1.14 h1:1wrB8jzXAofojJPAaRxnZhRgagvLGnLjhCAwg3kTpT0=
+github.com/go-webauthn/x v0.1.14/go.mod h1:UuVvFZ8/NbOnkDz3y1NaxtUN87pmtpC1PQ+/5BBQRdc=
 github.com/goccy/go-json v0.9.7/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
 github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
 github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
@ -548,6 +554,8 @@ golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v
 golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M=
 golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw=
 golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54=
+golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A=
+golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70=
 golang.org/x/exp v0.0.0-20240904232852-e7e105dedf7e h1:I88y4caeGeuDQxgdoFPUq097j7kNfw6uvuiNxUBfcBk=
 golang.org/x/exp v0.0.0-20240904232852-e7e105dedf7e/go.mod h1:akd2r19cwCdwSwWeIdzYQGa/EZZyqcOdwWiwj5L5eKQ=
 golang.org/x/image v0.0.0-20191009234506-e7c1f5e7dbb8/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
@ -624,6 +632,8 @@ golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.24.0 h1:Twjiwq9dn6R1fQcyiK+wQyHWfaz/BJB+YIpzU/Cv3Xg=
 golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34=
+golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@ -636,6 +646,8 @@ golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
 golang.org/x/term v0.22.0/go.mod h1:F3qCibpT5AMpCRfhfT53vVJwhLtIVHhB9XDjfFvnMI4=
 golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU=
 golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk=
+golang.org/x/term v0.24.0 h1:Mh5cbb+Zk2hqqXNO7S1iTjEphVL+jb8ZWaqh/g+JWkM=
+golang.org/x/term v0.24.0/go.mod h1:lOBK/LVxemqiMij05LGJ0tzNr8xlmwBRJ81PX6wVLH8=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
@ -651,6 +663,8 @@ golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
 golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
 golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
+golang.org/x/text v0.18.0 h1:XvMDiNzPAl0jr17s6W9lcaIhGUfUORdGCNsuLmPG224=
+golang.org/x/text v0.18.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U=
Author	SHA1	Message	Date
renovate[bot]	09d322fc51	fix(deps): update module github.com/go-webauthn/webauthn to v0.11.2	2024-09-11 17:33:01 +00:00
renovate[bot]	bb58b94a10	fix(deps): update module github.com/charmbracelet/bubbles to v0.20.0 (#7142 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2024-09-10 00:02:47 +08:00
Andy Hsu	ffce61d227	ci: add @ to trigger by comment	2024-09-10 00:02:24 +08:00
renovate[bot]	0310b70d90	fix(deps): update module golang.org/x/crypto to v0.27.0 (#7147 ) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>	2024-09-10 00:01:51 +08:00
Andy Hsu	73f0b135b6	ci: split arm and non-arm target on beta release workflow	2024-09-09 00:25:35 +08:00
Andy Hsu	8316f81e41	ci: update beta tag to newest commit	2024-09-08 23:03:58 +08:00
foxxorcat	cdbfda8921	fix(baidu_photo): change download api (#7144 close #7133 )	2024-09-08 19:47:11 +08:00
YangXu	9667832b32	fix(pikpak): fix nil pointer error (#7150 )	2024-09-08 19:45:42 +08:00