ci: delete file after decompression

fix: no space left on device

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -21,7 +21,7 @@ body:
     attributes:
       label: Alist Version / Alist 版本
       description: What version of our software are you running?
-      placeholder: v2.0.0
+      placeholder: v3.xx.xx
     validations:
       required: true
   - type: input

.github/workflows/issue_question.yml

@@ -10,7 +10,7 @@ jobs:
     if: github.event.label.name == 'question'
     steps:
       - name: Create comment
-        uses: actions-cool/issues-helper@v3.4.0
+        uses: actions-cool/issues-helper@v3.5.1
         with:
           actions: 'create-comment'
           token: ${{ secrets.GITHUB_TOKEN }}

CONTRIBUTING.md

@@ -7,7 +7,7 @@
 Prerequisites:
 
 - [git](https://git-scm.com)
-- [Go 1.19+](https://golang.org/doc/install)
+- [Go 1.20+](https://golang.org/doc/install)
 - [gcc](https://gcc.gnu.org/)
 - [nodejs](https://nodejs.org/)
 

README.md

@@ -39,7 +39,7 @@
 
 ---
 
-English | [中文](./README_cn.md) | [Contributing](./CONTRIBUTING.md) | [CODE_OF_CONDUCT](./CODE_OF_CONDUCT.md)
+English | [中文](./README_cn.md)| [日本語](./README_ja.md) | [Contributing](./CONTRIBUTING.md) | [CODE_OF_CONDUCT](./CODE_OF_CONDUCT.md)
 
 ## Features
 
@@ -112,8 +112,7 @@ https://alist.nn.ci/guide/sponsor.html
 ### Special sponsors
 
 - [亚洲云 - 高防服务器|服务器租用|福州高防|广东电信|香港服务器|美国服务器|海外服务器 - 国内靠谱的企业级云计算服务提供商](https://www.asiayun.com/aff/QQCOOQKZ) (sponsored Chinese API server)
-- [找资源 - 阿里云盘资源搜索引擎](https://zhaoziyuan.la/)
-- [KinhDown 百度云盘不限速下载！永久免费！已稳定运行3年！非常可靠！Q群 -> 786799372](https://kinhdown.com)
+- [找资源 - 阿里云盘资源搜索引擎](https://zhaoziyuan.pw/)
 - [JetBrains: Essential tools for software developers and teams](https://www.jetbrains.com/)
 
 ## Contributors

README_cn.md

@@ -39,7 +39,7 @@
 
 ---
 
-[English](./README.md) | 中文 | [Contributing](./CONTRIBUTING.md) | [CODE_OF_CONDUCT](./CODE_OF_CONDUCT.md)
+[English](./README.md) | 中文 | [日本語](./README_ja.md) | [Contributing](./CONTRIBUTING.md) | [CODE_OF_CONDUCT](./CODE_OF_CONDUCT.md)
 
 ## 功能
 
@@ -110,8 +110,7 @@ AList 是一个开源软件，如果你碰巧喜欢这个项目，并希望我
 ### 特别赞助
 
 - [亚洲云 - 高防服务器|服务器租用|福州高防|广东电信|香港服务器|美国服务器|海外服务器 - 国内靠谱的企业级云计算服务提供商](https://www.asiayun.com/aff/QQCOOQKZ) (国内API服务器赞助)
-- [找资源 - 阿里云盘资源搜索引擎](https://zhaoziyuan.la/)
-- [KinhDown 百度云盘不限速下载！永久免费！已稳定运行3年！非常可靠！Q群 -> 786799372](https://kinhdown.com)
+- [找资源 - 阿里云盘资源搜索引擎](https://zhaoziyuan.pw/)
 - [JetBrains: Essential tools for software developers and teams](https://www.jetbrains.com/)
 
 ## 贡献者

README_ja.md

@@ -0,0 +1,137 @@
+<div align="center">
+  <a href="https://alist.nn.ci"><img height="100px" alt="logo" src="https://cdn.jsdelivr.net/gh/alist-org/logo@main/logo.svg"/></a>
+  <p><em>🗂️Gin と Solidjs による、複数のストレージをサポートするファイルリストプログラム。</em></p>
+<div>
+  <a href="https://goreportcard.com/report/github.com/alist-org/alist/v3">
+    <img src="https://goreportcard.com/badge/github.com/alist-org/alist/v3" alt="latest version" />
+  </a>
+  <a href="https://github.com/Xhofe/alist/blob/main/LICENSE">
+    <img src="https://img.shields.io/github/license/Xhofe/alist" alt="License" />
+  </a>
+  <a href="https://github.com/Xhofe/alist/actions?query=workflow%3ABuild">
+    <img src="https://img.shields.io/github/actions/workflow/status/Xhofe/alist/build.yml?branch=main" alt="Build status" />
+  </a>
+  <a href="https://github.com/Xhofe/alist/releases">
+    <img src="https://img.shields.io/github/release/Xhofe/alist" alt="latest version" />
+  </a>
+  <a title="Crowdin" target="_blank" href="https://crwd.in/alist">
+    <img src="https://badges.crowdin.net/alist/localized.svg">
+  </a>
+</div>
+<div>
+  <a href="https://github.com/Xhofe/alist/discussions">
+    <img src="https://img.shields.io/github/discussions/Xhofe/alist?color=%23ED8936" alt="discussions" />
+  </a>
+  <a href="https://discord.gg/F4ymsH4xv2">
+    <img src="https://img.shields.io/discord/1018870125102895134?logo=discord" alt="discussions" />
+  </a>
+  <a href="https://github.com/Xhofe/alist/releases">
+    <img src="https://img.shields.io/github/downloads/Xhofe/alist/total?color=%239F7AEA&logo=github" alt="Downloads" />
+  </a>
+  <a href="https://hub.docker.com/r/xhofe/alist">
+    <img src="https://img.shields.io/docker/pulls/xhofe/alist?color=%2348BB78&logo=docker&label=pulls" alt="Downloads" />
+  </a>
+  <a href="https://alist.nn.ci/guide/sponsor.html">
+    <img src="https://img.shields.io/badge/%24-sponsor-F87171.svg" alt="sponsor" />
+  </a>
+</div>
+</div>
+
+---
+
+[English](./README.md) | [中文](./README_cn.md) | 日本語 | [Contributing](./CONTRIBUTING.md) | [CODE_OF_CONDUCT](./CODE_OF_CONDUCT.md)
+
+## 特徴
+
+- [x] マルチストレージ
+    - [x] ローカルストレージ
+    - [x] [Aliyundrive](https://www.aliyundrive.com/)
+    - [x] OneDrive / Sharepoint ([グローバル](https://www.office.com/), [cn](https://portal.partner.microsoftonline.cn),de,us)
+    - [x] [189cloud](https://cloud.189.cn) (Personal, Family)
+    - [x] [GoogleDrive](https://drive.google.com/)
+    - [x] [123pan](https://www.123pan.com/)
+    - [x] FTP / SFTP
+    - [x] [PikPak](https://www.mypikpak.com/)
+    - [x] [S3](https://aws.amazon.com/s3/)
+    - [x] [Seafile](https://seafile.com/)
+    - [x] [UPYUN Storage Service](https://www.upyun.com/products/file-storage)
+    - [x] WebDav(Support OneDrive/SharePoint without API)
+    - [x] Teambition([China](https://www.teambition.com/ ),[International](https://us.teambition.com/ ))
+    - [x] [Mediatrack](https://www.mediatrack.cn/)
+    - [x] [139yun](https://yun.139.com/) (Personal, Family)
+    - [x] [YandexDisk](https://disk.yandex.com/)
+    - [x] [BaiduNetdisk](http://pan.baidu.com/)
+    - [x] [Terabox](https://www.terabox.com/main)
+    - [x] [UC](https://drive.uc.cn)
+    - [x] [Quark](https://pan.quark.cn)
+    - [x] [Thunder](https://pan.xunlei.com)
+    - [x] [Lanzou](https://www.lanzou.com/)
+    - [x] [Aliyundrive share](https://www.aliyundrive.com/)
+    - [x] [Google photo](https://photos.google.com/)
+    - [x] [Mega.nz](https://mega.nz)
+    - [x] [Baidu photo](https://photo.baidu.com/)
+    - [x] SMB
+    - [x] [115](https://115.com/)
+    - [X] Cloudreve
+    - [x] [Dropbox](https://www.dropbox.com/)
+- [x] デプロイが簡単で、すぐに使える
+- [x] ファイルプレビュー (PDF, マークダウン, コード, プレーンテキスト, ...)
+- [x] ギャラリーモードでの画像プレビュー
+- [x] ビデオとオーディオのプレビュー、歌詞と字幕のサポート
+- [x] Office ドキュメントのプレビュー (docx, pptx, xlsx, ...)
+- [x] `README.md` のプレビューレンダリング
+- [x] ファイルのパーマリンクコピーと直接ダウンロード
+- [x] ダークモード
+- [x] 国際化
+- [x] 保護されたルート (パスワード保護と認証)
+- [x] WebDav (詳細は https://alist.nn.ci/guide/webdav.html を参照)
+- [x] [Docker デプロイ](https://hub.docker.com/r/xhofe/alist)
+- [x] Cloudflare ワーカープロキシ
+- [x] ファイル/フォルダパッケージのダウンロード
+- [x] ウェブアップロード(訪問者にアップロードを許可できる), 削除, mkdir, 名前変更, 移動, コピー
+- [x] オフラインダウンロード
+- [x] 二つのストレージ間でファイルをコピー
+
+## ドキュメント
+
+<https://alist.nn.ci/>
+
+## デモ
+
+<https://al.nn.ci>
+
+## ディスカッション
+
+一般的なご質問は[ディスカッションフォーラム](https://github.com/Xhofe/alist/discussions)をご利用ください。**問題はバグレポートと機能リクエストのみです。**
+
+## スポンサー
+
+AList はオープンソースのソフトウェアです。もしあなたがこのプロジェクトを気に入ってくださり、続けて欲しいと思ってくださるなら、ぜひスポンサーになってくださるか、1口でも寄付をしてくださるようご検討ください！すべての愛とサポートに感謝します:
+https://alist.nn.ci/guide/sponsor.html
+
+### スペシャルスポンサー
+
+- [亚洲云 - 高防服务器|服务器租用|福州高防|广东电信|香港服务器|美国服务器|海外服务器 - 国内靠谱的企业级云计算服务提供商](https://www.asiayun.com/aff/QQCOOQKZ) (sponsored Chinese API server)
+- [找资源 - 阿里云盘资源搜索引擎](https://zhaoziyuan.pw/)
+- [JetBrains: Essential tools for software developers and teams](https://www.jetbrains.com/)
+
+## コントリビューター
+
+これらの素晴らしい人々に感謝します:
+
+[![Contributors](http://contributors.nn.ci/api?repo=alist-org/alist&repo=alist-org/alist-web&repo=alist-org/docs)](https://github.com/alist-org/alist/graphs/contributors)
+
+## ライセンス
+
+`AList` は AGPL-3.0 ライセンスの下でライセンスされたオープンソースソフトウェアです。
+
+## 免責事項
+- このプログラムはフリーでオープンソースのプロジェクトです。ネットワークディスク上でファイルを共有するように設計されており、golang のダウンロードや学習に便利です。利用にあたっては関連法規を遵守し、悪用しないようお願いします;
+- このプログラムは、公式インターフェースの動作を破壊することなく、公式 sdk/インターフェースを呼び出すことで実装されています;
+- このプログラムは、302リダイレクト/トラフィック転送のみを行い、いかなるユーザーデータも傍受、保存、改ざんしません;
+- このプログラムを使用する前に、アカウントの禁止、ダウンロード速度の制限など、対応するリスクを理解し、負担する必要があります;
+- もし侵害があれば、[メール](mailto:i@nn.ci)で私に連絡してください。
+
+---
+
+> [@Blog](https://nn.ci/) · [@GitHub](https://github.com/Xhofe) · [@TelegramGroup](https://t.me/alist_chat) · [@Discord](https://discord.gg/F4ymsH4xv2)

build.sh

@@ -98,6 +98,7 @@ BuildRelease() {
     url="${BASE}${i}.tgz"
     curl -L -o "${i}.tgz" "${url}"
     sudo tar xf "${i}.tgz" --strip-components 1 -C /usr/local
+    rm -f "${i}.tgz"
   done
   OS_ARCHES=(linux-musl-amd64 linux-musl-arm64 linux-musl-arm linux-musl-mips linux-musl-mips64 linux-musl-mips64le linux-musl-mipsle linux-musl-ppc64le linux-musl-s390x)
   CGO_ARGS=(x86_64-linux-musl-gcc aarch64-linux-musl-gcc arm-linux-musleabihf-gcc mips-linux-musl-gcc mips64-linux-musl-gcc mips64el-linux-musl-gcc mipsel-linux-musl-gcc powerpc64le-linux-musl-gcc s390x-linux-musl-gcc)

drivers/115/util.go

@@ -1,10 +1,11 @@
 package _115
 
 import (
+	"crypto/tls"
 	"fmt"
 
 	"github.com/SheltonZhu/115driver/pkg/driver"
-	"github.com/alist-org/alist/v3/drivers/base"
+	"github.com/alist-org/alist/v3/internal/conf"
 	"github.com/pkg/errors"
 )
 
@@ -14,9 +15,11 @@ func (d *Pan115) login() error {
 	var err error
 	opts := []driver.Option{
 		driver.UA(UserAgent),
+		func(c *driver.Pan115Client) {
+			c.Client.SetTLSClientConfig(&tls.Config{InsecureSkipVerify: conf.Conf.TlsInsecureSkipVerify})
+		},
 	}
 	d.client = driver.New(opts...)
-	d.client.SetHttpClient(base.HttpClient)
 	cr := &driver.Credential{}
 	if d.Addition.QRCodeToken != "" {
 		s := &driver.QRCodeSession{

drivers/123/driver.go

@@ -1,11 +1,9 @@
 package _123
 
 import (
-	"bytes"
 	"context"
 	"crypto/md5"
 	"encoding/base64"
-	"encoding/binary"
 	"encoding/hex"
 	"fmt"
 	"io"
@@ -45,6 +43,9 @@ func (d *Pan123) Init(ctx context.Context) error {
 }
 
 func (d *Pan123) Drop(ctx context.Context) error {
+	_, _ = d.request(Logout, http.MethodPost, func(req *resty.Request) {
+		req.SetBody(base.Json{})
+	}, nil)
 	return nil
 }
 
@@ -180,24 +181,9 @@ func (d *Pan123) Remove(ctx context.Context, obj model.Obj) error {
 }
 
 func (d *Pan123) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
-	const DEFAULT int64 = 10485760
-	var uploadFile io.Reader
+	// const DEFAULT int64 = 10485760
 	h := md5.New()
-	if d.StreamUpload && stream.GetSize() > DEFAULT {
-		// 只计算前10MIB
-		buf := bytes.NewBuffer(make([]byte, 0, DEFAULT))
-		if n, err := io.CopyN(io.MultiWriter(buf, h), stream, DEFAULT); err != io.EOF && n == 0 {
-			return err
-		}
-		// 增加额外参数防止MD5碰撞
-		h.Write([]byte(stream.GetName()))
-		num := make([]byte, 8)
-		binary.BigEndian.PutUint64(num, uint64(stream.GetSize()))
-		h.Write(num)
-		// 拼装
-		uploadFile = io.MultiReader(buf, stream)
-	} else {
-		// 计算完整文件MD5
+	// need to calculate md5 of the full content
 	tempFile, err := utils.CreateTempFile(stream.GetReadCloser())
 	if err != nil {
 		return err
@@ -213,8 +199,6 @@ func (d *Pan123) Put(ctx context.Context, dstDir model.Obj, stream model.FileStr
 	if err != nil {
 		return err
 	}
-		uploadFile = tempFile
-	}
 	etag := hex.EncodeToString(h.Sum(nil))
 	data := base.Json{
 		"driveId":      0,
@@ -237,7 +221,7 @@ func (d *Pan123) Put(ctx context.Context, dstDir model.Obj, stream model.FileStr
 		return nil
 	}
 	if resp.Data.AccessKeyId == "" || resp.Data.SecretAccessKey == "" || resp.Data.SessionToken == "" {
-		err = d.newUpload(ctx, &resp, stream, uploadFile, up)
+		err = d.newUpload(ctx, &resp, stream, tempFile, up)
 		return err
 	} else {
 		cfg := &aws.Config{
@@ -254,7 +238,7 @@ func (d *Pan123) Put(ctx context.Context, dstDir model.Obj, stream model.FileStr
 		input := &s3manager.UploadInput{
 			Bucket: &resp.Data.Bucket,
 			Key:    &resp.Data.Key,
-			Body:   uploadFile,
+			Body:   tempFile,
 		}
 		_, err = uploader.UploadWithContext(ctx, input)
 	}

drivers/123/meta.go

@@ -11,7 +11,6 @@ type Addition struct {
 	driver.RootID
 	OrderBy        string `json:"order_by" type:"select" options:"file_name,size,update_at" default:"file_name"`
 	OrderDirection string `json:"order_direction" type:"select" options:"asc,desc" default:"asc"`
-	StreamUpload   bool   `json:"stream_upload"`
 	AccessToken    string
 }
 

drivers/123/types.go

@@ -1,7 +1,10 @@
 package _123
 
 import (
+	"net/url"
+	"path"
 	"strconv"
+	"strings"
 	"time"
 
 	"github.com/alist-org/alist/v3/internal/model"
@@ -42,7 +45,30 @@ func (f File) GetID() string {
 	return strconv.FormatInt(f.FileId, 10)
 }
 
+func (f File) Thumb() string {
+	if f.DownloadUrl == "" {
+		return ""
+	}
+	du, err := url.Parse(f.DownloadUrl)
+	if err != nil {
+		return ""
+	}
+	du.Path = strings.TrimSuffix(du.Path, "_24_24") + "_70_70"
+	query := du.Query()
+	query.Set("w", "70")
+	query.Set("h", "70")
+	if !query.Has("type") {
+		query.Set("type", strings.TrimPrefix(path.Base(f.FileName), "."))
+	}
+	if !query.Has("trade_key") {
+		query.Set("trade_key", "123pan-thumbnail")
+	}
+	du.RawQuery = query.Encode()
+	return du.String()
+}
+
 var _ model.Obj = (*File)(nil)
+var _ model.Thumb = (*File)(nil)
 
 //func (f File) Thumb() string {
 //

drivers/123/upload.go

@@ -34,6 +34,25 @@ func (d *Pan123) getS3PreSignedUrls(ctx context.Context, upReq *UploadResp, star
 	return &s3PreSignedUrls, nil
 }
 
+func (d *Pan123) getS3Auth(ctx context.Context, upReq *UploadResp, start, end int) (*S3PreSignedURLs, error) {
+	data := base.Json{
+		"StorageNode":     upReq.Data.StorageNode,
+		"bucket":          upReq.Data.Bucket,
+		"key":             upReq.Data.Key,
+		"partNumberEnd":   end,
+		"partNumberStart": start,
+		"uploadId":        upReq.Data.UploadId,
+	}
+	var s3PreSignedUrls S3PreSignedURLs
+	_, err := d.request(S3Auth, http.MethodPost, func(req *resty.Request) {
+		req.SetBody(data).SetContext(ctx)
+	}, &s3PreSignedUrls)
+	if err != nil {
+		return nil, err
+	}
+	return &s3PreSignedUrls, nil
+}
+
 func (d *Pan123) completeS3(ctx context.Context, upReq *UploadResp, file model.FileStreamer, isMultipart bool) error {
 	data := base.Json{
 		"StorageNode": upReq.Data.StorageNode,
@@ -51,11 +70,17 @@ func (d *Pan123) completeS3(ctx context.Context, upReq *UploadResp, file model.F
 }
 
 func (d *Pan123) newUpload(ctx context.Context, upReq *UploadResp, file model.FileStreamer, reader io.Reader, up driver.UpdateProgress) error {
-	chunkSize := int64(1024 * 1024 * 5)
+	chunkSize := int64(1024 * 1024 * 16)
 	// fetch s3 pre signed urls
 	chunkCount := int(math.Ceil(float64(file.GetSize()) / float64(chunkSize)))
-	// upload 10 chunks each batch
-	batchSize := 10
+	// only 1 batch is allowed
+	isMultipart := chunkCount > 1
+	batchSize := 1
+	getS3UploadUrl := d.getS3Auth
+	if isMultipart {
+		batchSize = 10
+		getS3UploadUrl = d.getS3PreSignedUrls
+	}
 	for i := 1; i <= chunkCount; i += batchSize {
 		if utils.IsCanceled(ctx) {
 			return ctx.Err()
@@ -65,7 +90,7 @@ func (d *Pan123) newUpload(ctx context.Context, upReq *UploadResp, file model.Fi
 		if end > chunkCount+1 {
 			end = chunkCount + 1
 		}
-		s3PreSignedUrls, err := d.getS3PreSignedUrls(ctx, upReq, start, end)
+		s3PreSignedUrls, err := getS3UploadUrl(ctx, upReq, start, end)
 		if err != nil {
 			return err
 		}
@@ -78,7 +103,7 @@ func (d *Pan123) newUpload(ctx context.Context, upReq *UploadResp, file model.Fi
 			if j == chunkCount {
 				curSize = file.GetSize() - (int64(chunkCount)-1)*chunkSize
 			}
-			err = d.uploadS3Chunk(ctx, upReq, s3PreSignedUrls, j, end, io.LimitReader(reader, chunkSize), curSize, false)
+			err = d.uploadS3Chunk(ctx, upReq, s3PreSignedUrls, j, end, io.LimitReader(reader, chunkSize), curSize, false, getS3UploadUrl)
 			if err != nil {
 				return err
 			}
@@ -89,7 +114,7 @@ func (d *Pan123) newUpload(ctx context.Context, upReq *UploadResp, file model.Fi
 	return d.completeS3(ctx, upReq, file, chunkCount > 1)
 }
 
-func (d *Pan123) uploadS3Chunk(ctx context.Context, upReq *UploadResp, s3PreSignedUrls *S3PreSignedURLs, cur, end int, reader io.Reader, curSize int64, retry bool) error {
+func (d *Pan123) uploadS3Chunk(ctx context.Context, upReq *UploadResp, s3PreSignedUrls *S3PreSignedURLs, cur, end int, reader io.Reader, curSize int64, retry bool, getS3UploadUrl func(ctx context.Context, upReq *UploadResp, start int, end int) (*S3PreSignedURLs, error)) error {
 	uploadUrl := s3PreSignedUrls.Data.PreSignedUrls[strconv.Itoa(cur)]
 	if uploadUrl == "" {
 		return fmt.Errorf("upload url is empty, s3PreSignedUrls: %+v", s3PreSignedUrls)
@@ -111,13 +136,13 @@ func (d *Pan123) uploadS3Chunk(ctx context.Context, upReq *UploadResp, s3PreSign
 			return fmt.Errorf("upload s3 chunk %d failed, status code: %d", cur, res.StatusCode)
 		}
 		// refresh s3 pre signed urls
-		newS3PreSignedUrls, err := d.getS3PreSignedUrls(ctx, upReq, cur, end)
+		newS3PreSignedUrls, err := getS3UploadUrl(ctx, upReq, cur, end)
 		if err != nil {
 			return err
 		}
 		s3PreSignedUrls.Data.PreSignedUrls = newS3PreSignedUrls.Data.PreSignedUrls
 		// retry
-		return d.uploadS3Chunk(ctx, upReq, s3PreSignedUrls, cur, end, reader, curSize, true)
+		return d.uploadS3Chunk(ctx, upReq, s3PreSignedUrls, cur, end, reader, curSize, true, getS3UploadUrl)
 	}
 	if res.StatusCode != http.StatusOK {
 		body, err := io.ReadAll(res.Body)

drivers/123/util.go

@@ -15,10 +15,12 @@ import (
 // do others that not defined in Driver interface
 
 const (
+	Api              = "https://www.123pan.com/api"
 	AApi             = "https://www.123pan.com/a/api"
 	BApi             = "https://www.123pan.com/b/api"
-	MainApi          = AApi
+	MainApi          = Api
 	SignIn           = MainApi + "/user/sign_in"
+	Logout           = MainApi + "/user/logout"
 	UserInfo         = MainApi + "/user/info"
 	FileList         = MainApi + "/file/list/new"
 	DownloadInfo     = MainApi + "/file/download_info"
@@ -32,6 +34,7 @@ const (
 	S3Auth           = MainApi + "/file/s3_upload_object/auth"
 	UploadCompleteV2 = MainApi + "/file/upload_complete/v2"
 	S3Complete       = MainApi + "/file/s3_complete_multipart_upload"
+	//AuthKeySalt      = "8-8D$sL8gPjom7bk#cY"
 )
 
 func (d *Pan123) login() error {
@@ -50,6 +53,14 @@ func (d *Pan123) login() error {
 		}
 	}
 	res, err := base.RestyClient.R().
+		SetHeaders(map[string]string{
+			"origin":      "https://www.123pan.com",
+			"referer":     "https://www.123pan.com/",
+			"user-agent":  "Dart/2.19(dart:io)",
+			"platform":    "android",
+			"app-version": "36",
+			//"user-agent":  base.UserAgent,
+		}).
 		SetBody(body).Post(SignIn)
 	if err != nil {
 		return err
@@ -62,14 +73,30 @@ func (d *Pan123) login() error {
 	return err
 }
 
+//func authKey(reqUrl string) (*string, error) {
+//	reqURL, err := url.Parse(reqUrl)
+//	if err != nil {
+//		return nil, err
+//	}
+//
+//	nowUnix := time.Now().Unix()
+//	random := rand.Intn(0x989680)
+//
+//	p4 := fmt.Sprintf("%d|%d|%s|%s|%s|%s", nowUnix, random, reqURL.Path, "web", "3", AuthKeySalt)
+//	authKey := fmt.Sprintf("%d-%d-%x", nowUnix, random, md5.Sum([]byte(p4)))
+//	return &authKey, nil
+//}
+
 func (d *Pan123) request(url string, method string, callback base.ReqCallback, resp interface{}) ([]byte, error) {
 	req := base.RestyClient.R()
 	req.SetHeaders(map[string]string{
 		"origin":        "https://www.123pan.com",
 		"referer":       "https://www.123pan.com/",
 		"authorization": "Bearer " + d.AccessToken,
-		"platform":      "web",
-		"app-version":   "1.2",
+		"user-agent":    "Dart/2.19(dart:io)",
+		"platform":      "android",
+		"app-version":   "36",
+		//"user-agent":    base.UserAgent,
 	})
 	if callback != nil {
 		callback(req)
@@ -77,6 +104,11 @@ func (d *Pan123) request(url string, method string, callback base.ReqCallback, r
 	if resp != nil {
 		req.SetResult(resp)
 	}
+	//authKey, err := authKey(url)
+	//if err != nil {
+	//	return nil, err
+	//}
+	//req.SetQueryParam("auth-key", *authKey)
 	res, err := req.Execute(method, url)
 	if err != nil {
 		return nil, err

drivers/139/driver.go

@@ -300,6 +300,9 @@ func (d *Yun139) Put(ctx context.Context, dstDir model.Obj, stream model.FileStr
 
 	var partSize = getPartSize(stream.GetSize())
 	part := (stream.GetSize() + partSize - 1) / partSize
+	if part == 0 {
+		part = 1
+	}
 	for i := int64(0); i < part; i++ {
 		if utils.IsCanceled(ctx) {
 			return ctx.Err()
@@ -331,13 +334,11 @@ func (d *Yun139) Put(ctx context.Context, dstDir model.Obj, stream model.FileStr
 		if err != nil {
 			return err
 		}
+		_ = res.Body.Close()
 		log.Debugf("%+v", res)
-
 		if res.StatusCode != http.StatusOK {
 			return fmt.Errorf("unexpected status code: %d", res.StatusCode)
 		}
-
-		res.Body.Close()
 	}
 
 	return nil

drivers/139/util.go

@@ -42,8 +42,8 @@ func calSign(body, ts, randStr string) string {
 	sort.Strings(strs)
 	body = strings.Join(strs, "")
 	body = base64.StdEncoding.EncodeToString([]byte(body))
-	res := utils.GetMD5Encode(body) + utils.GetMD5Encode(ts+":"+randStr)
-	res = strings.ToUpper(utils.GetMD5Encode(res))
+	res := utils.GetMD5EncodeStr(body) + utils.GetMD5EncodeStr(ts+":"+randStr)
+	res = strings.ToUpper(utils.GetMD5EncodeStr(res))
 	return res
 }
 

drivers/189/util.go

@@ -385,7 +385,7 @@ func (d *Cloud189) newUpload(ctx context.Context, dstDir model.Obj, file model.F
 	fileMd5 := hex.EncodeToString(md5Sum.Sum(nil))
 	sliceMd5 := fileMd5
 	if file.GetSize() > DEFAULT {
-		sliceMd5 = utils.GetMD5Encode(strings.Join(md5s, "\n"))
+		sliceMd5 = utils.GetMD5EncodeStr(strings.Join(md5s, "\n"))
 	}
 	res, err = d.uploadRequest("/person/commitMultiUploadFile", map[string]string{
 		"uploadFileId": uploadFileId,

drivers/189pc/driver.go

@@ -51,7 +51,7 @@ func (y *Cloud189PC) Init(ctx context.Context) (err error) {
 	}
 
 	// 避免重复登陆
-	identity := utils.GetMD5Encode(y.Username + y.Password)
+	identity := utils.GetMD5EncodeStr(y.Username + y.Password)
 	if !y.isLogin() || y.identity != identity {
 		y.identity = identity
 		if err = y.login(); err != nil {

drivers/189pc/utils.go

@@ -519,7 +519,7 @@ func (y *Cloud189PC) CommonUpload(ctx context.Context, dstDir model.Obj, file mo
 	fileMd5Hex := strings.ToUpper(hex.EncodeToString(fileMd5.Sum(nil)))
 	sliceMd5Hex := fileMd5Hex
 	if file.GetSize() > DEFAULT {
-		sliceMd5Hex = strings.ToUpper(utils.GetMD5Encode(strings.Join(silceMd5Hexs, "\n")))
+		sliceMd5Hex = strings.ToUpper(utils.GetMD5EncodeStr(strings.Join(silceMd5Hexs, "\n")))
 	}
 
 	// 提交上传
@@ -577,7 +577,7 @@ func (y *Cloud189PC) FastUpload(ctx context.Context, dstDir model.Obj, file mode
 	fileMd5Hex := strings.ToUpper(hex.EncodeToString(fileMd5.Sum(nil)))
 	sliceMd5Hex := fileMd5Hex
 	if file.GetSize() > DEFAULT {
-		sliceMd5Hex = strings.ToUpper(utils.GetMD5Encode(strings.Join(silceMd5Hexs, "\n")))
+		sliceMd5Hex = strings.ToUpper(utils.GetMD5EncodeStr(strings.Join(silceMd5Hexs, "\n")))
 	}
 
 	// 检测是否支持快传

drivers/aliyundrive/driver.go

@@ -67,7 +67,7 @@ func (d *AliDrive) Init(ctx context.Context) error {
 		return nil
 	}
 	// init deviceID
-	deviceID := utils.GetSHA256Encode(d.UserID)
+	deviceID := utils.GetSHA256Encode([]byte(d.UserID))
 	// init privateKey
 	privateKey, _ := NewPrivateKeyFromHex(deviceID)
 	state := State{
@@ -193,7 +193,7 @@ func (d *AliDrive) Put(ctx context.Context, dstDir model.Obj, stream model.FileS
 	if d.RapidUpload {
 		buf := bytes.NewBuffer(make([]byte, 0, 1024))
 		io.CopyN(buf, file, 1024)
-		reqBody["pre_hash"] = utils.GetSHA1Encode(buf.String())
+		reqBody["pre_hash"] = utils.GetSHA1Encode(buf.Bytes())
 		if localFile != nil {
 			if _, err := localFile.Seek(0, io.SeekStart); err != nil {
 				return err
@@ -259,7 +259,7 @@ func (d *AliDrive) Put(ctx context.Context, dstDir model.Obj, stream model.FileS
 			(t.file.slice(o.toNumber(), Math.min(o.plus(8).toNumber(), t.file.size)))
 		*/
 		buf := make([]byte, 8)
-		r, _ := new(big.Int).SetString(utils.GetMD5Encode(d.AccessToken)[:16], 16)
+		r, _ := new(big.Int).SetString(utils.GetMD5EncodeStr(d.AccessToken)[:16], 16)
 		i := new(big.Int).SetInt64(file.GetSize())
 		o := new(big.Int).SetInt64(0)
 		if file.GetSize() > 0 {

drivers/aliyundrive_open/driver.go

@@ -3,11 +3,10 @@ package aliyundrive_open
 import (
 	"context"
 	"fmt"
-	"io"
-	"math"
 	"net/http"
 	"time"
 
+	"github.com/Xhofe/rateg"
 	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/driver"
 	"github.com/alist-org/alist/v3/internal/errs"
@@ -41,8 +40,14 @@ func (d *AliyundriveOpen) Init(ctx context.Context) error {
 		return err
 	}
 	d.DriveId = utils.Json.Get(res, "default_drive_id").ToString()
-	d.limitList = utils.LimitRateCtx(d.list, time.Second/4)
-	d.limitLink = utils.LimitRateCtx(d.link, time.Second)
+	d.limitList = rateg.LimitFnCtx(d.list, rateg.LimitFnOption{
+		Limit:  4,
+		Bucket: 1,
+	})
+	d.limitLink = rateg.LimitFnCtx(d.link, rateg.LimitFnOption{
+		Limit:  1,
+		Bucket: 1,
+	})
 	return nil
 }
 
@@ -153,74 +158,7 @@ func (d *AliyundriveOpen) Remove(ctx context.Context, obj model.Obj) error {
 }
 
 func (d *AliyundriveOpen) Put(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
-	// rapid_upload is not currently supported
-	// 1. create
-	// Part Size Unit: Bytes, Default: 20MB,
-	// Maximum number of slices 10,000, ≈195.3125GB
-	var partSize int64 = 20 * 1024 * 1024
-	createData := base.Json{
-		"drive_id":        d.DriveId,
-		"parent_file_id":  dstDir.GetID(),
-		"name":            stream.GetName(),
-		"type":            "file",
-		"check_name_mode": "ignore",
-	}
-	count := 1
-	if stream.GetSize() > partSize {
-		if stream.GetSize() > 1*1024*1024*1024*1024 { // file Size over 1TB
-			partSize = 5 * 1024 * 1024 * 1024 // file part size 5GB
-		} else if stream.GetSize() > 768*1024*1024*1024 { // over 768GB
-			partSize = 109951163 // ≈ 104.8576MB, split 1TB into 10,000 part
-		} else if stream.GetSize() > 512*1024*1024*1024 { // over 512GB
-			partSize = 82463373 // ≈ 78.6432MB
-		} else if stream.GetSize() > 384*1024*1024*1024 { // over 384GB
-			partSize = 54975582 // ≈ 52.4288MB
-		} else if stream.GetSize() > 256*1024*1024*1024 { // over 256GB
-			partSize = 41231687 // ≈ 39.3216MB
-		} else if stream.GetSize() > 128*1024*1024*1024 { // over 128GB
-			partSize = 27487791 // ≈ 26.2144MB
-		}
-		count = int(math.Ceil(float64(stream.GetSize()) / float64(partSize)))
-		createData["part_info_list"] = makePartInfos(count)
-	}
-	var createResp CreateResp
-	_, err := d.request("/adrive/v1.0/openFile/create", http.MethodPost, func(req *resty.Request) {
-		req.SetBody(createData).SetResult(&createResp)
-	})
-	if err != nil {
-		return err
-	}
-	// 2. upload
-	preTime := time.Now()
-	for i := 1; i <= len(createResp.PartInfoList); i++ {
-		if utils.IsCanceled(ctx) {
-			return ctx.Err()
-		}
-		err = d.uploadPart(ctx, i, count, utils.NewMultiReadable(io.LimitReader(stream, partSize)), &createResp, true)
-		if err != nil {
-			return err
-		}
-		if count > 0 {
-			up(i * 100 / count)
-		}
-		// refresh upload url if 50 minutes passed
-		if time.Since(preTime) > 50*time.Minute {
-			createResp.PartInfoList, err = d.getUploadUrl(count, createResp.FileId, createResp.UploadId)
-			if err != nil {
-				return err
-			}
-			preTime = time.Now()
-		}
-	}
-	// 3. complete
-	_, err = d.request("/adrive/v1.0/openFile/complete", http.MethodPost, func(req *resty.Request) {
-		req.SetBody(base.Json{
-			"drive_id":  d.DriveId,
-			"file_id":   createResp.FileId,
-			"upload_id": createResp.UploadId,
-		})
-	})
-	return err
+	return d.upload(ctx, dstDir, stream, up)
 }
 
 func (d *AliyundriveOpen) Other(ctx context.Context, args model.OtherArgs) (interface{}, error) {

drivers/aliyundrive_open/meta.go

@@ -14,6 +14,7 @@ type Addition struct {
 	ClientID       string `json:"client_id" required:"false" help:"Keep it empty if you don't have one"`
 	ClientSecret   string `json:"client_secret" required:"false" help:"Keep it empty if you don't have one"`
 	RemoveWay      string `json:"remove_way" required:"true" type:"select" options:"trash,delete"`
+	RapidUpload    bool   `json:"rapid_upload" help:"If you enable this option, the file will be uploaded to the server first, so the progress will be incorrect"`
 	InternalUpload bool   `json:"internal_upload" help:"If you are using Aliyun ECS is located in Beijing, you can turn it on to boost the upload speed"`
 	AccessToken    string
 }

drivers/aliyundrive_open/upload.go

@@ -0,0 +1,268 @@
+package aliyundrive_open
+
+import (
+	"bytes"
+	"context"
+	"crypto/sha1"
+	"encoding/base64"
+	"encoding/hex"
+	"fmt"
+	"io"
+	"math"
+	"net/http"
+	"os"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/alist-org/alist/v3/drivers/base"
+	"github.com/alist-org/alist/v3/internal/driver"
+	"github.com/alist-org/alist/v3/internal/model"
+	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/go-resty/resty/v2"
+	log "github.com/sirupsen/logrus"
+)
+
+func makePartInfos(size int) []base.Json {
+	partInfoList := make([]base.Json, size)
+	for i := 0; i < size; i++ {
+		partInfoList[i] = base.Json{"part_number": 1 + i}
+	}
+	return partInfoList
+}
+
+func calPartSize(fileSize int64) int64 {
+	var partSize int64 = 20 * 1024 * 1024
+	if fileSize > partSize {
+		if fileSize > 1*1024*1024*1024*1024 { // file Size over 1TB
+			partSize = 5 * 1024 * 1024 * 1024 // file part size 5GB
+		} else if fileSize > 768*1024*1024*1024 { // over 768GB
+			partSize = 109951163 // ≈ 104.8576MB, split 1TB into 10,000 part
+		} else if fileSize > 512*1024*1024*1024 { // over 512GB
+			partSize = 82463373 // ≈ 78.6432MB
+		} else if fileSize > 384*1024*1024*1024 { // over 384GB
+			partSize = 54975582 // ≈ 52.4288MB
+		} else if fileSize > 256*1024*1024*1024 { // over 256GB
+			partSize = 41231687 // ≈ 39.3216MB
+		} else if fileSize > 128*1024*1024*1024 { // over 128GB
+			partSize = 27487791 // ≈ 26.2144MB
+		}
+	}
+	return partSize
+}
+
+func (d *AliyundriveOpen) getUploadUrl(count int, fileId, uploadId string) ([]PartInfo, error) {
+	partInfoList := makePartInfos(count)
+	var resp CreateResp
+	_, err := d.request("/adrive/v1.0/openFile/getUploadUrl", http.MethodPost, func(req *resty.Request) {
+		req.SetBody(base.Json{
+			"drive_id":       d.DriveId,
+			"file_id":        fileId,
+			"part_info_list": partInfoList,
+			"upload_id":      uploadId,
+		}).SetResult(&resp)
+	})
+	return resp.PartInfoList, err
+}
+
+func (d *AliyundriveOpen) uploadPart(ctx context.Context, i, count int, reader *utils.MultiReadable, resp *CreateResp, retry bool) error {
+	partInfo := resp.PartInfoList[i-1]
+	uploadUrl := partInfo.UploadUrl
+	if d.InternalUpload {
+		uploadUrl = strings.ReplaceAll(uploadUrl, "https://cn-beijing-data.aliyundrive.net/", "http://ccp-bj29-bj-1592982087.oss-cn-beijing-internal.aliyuncs.com/")
+	}
+	req, err := http.NewRequest("PUT", uploadUrl, reader)
+	if err != nil {
+		return err
+	}
+	req = req.WithContext(ctx)
+	res, err := base.HttpClient.Do(req)
+	if err != nil {
+		if retry {
+			reader.Reset()
+			return d.uploadPart(ctx, i, count, reader, resp, false)
+		}
+		return err
+	}
+	res.Body.Close()
+	if retry && res.StatusCode == http.StatusForbidden {
+		resp.PartInfoList, err = d.getUploadUrl(count, resp.FileId, resp.UploadId)
+		if err != nil {
+			return err
+		}
+		reader.Reset()
+		return d.uploadPart(ctx, i, count, reader, resp, false)
+	}
+	if res.StatusCode != http.StatusOK && res.StatusCode != http.StatusConflict {
+		return fmt.Errorf("upload status: %d", res.StatusCode)
+	}
+	return nil
+}
+
+func (d *AliyundriveOpen) normalUpload(ctx context.Context, stream model.FileStreamer, up driver.UpdateProgress, createResp CreateResp, count int, partSize int64) error {
+	log.Debugf("[aliyundive_open] normal upload")
+	// 2. upload
+	preTime := time.Now()
+	for i := 1; i <= len(createResp.PartInfoList); i++ {
+		if utils.IsCanceled(ctx) {
+			return ctx.Err()
+		}
+		err := d.uploadPart(ctx, i, count, utils.NewMultiReadable(io.LimitReader(stream, partSize)), &createResp, true)
+		if err != nil {
+			return err
+		}
+		if count > 0 {
+			up(i * 100 / count)
+		}
+		// refresh upload url if 50 minutes passed
+		if time.Since(preTime) > 50*time.Minute {
+			createResp.PartInfoList, err = d.getUploadUrl(count, createResp.FileId, createResp.UploadId)
+			if err != nil {
+				return err
+			}
+			preTime = time.Now()
+		}
+	}
+	// 3. complete
+	_, err := d.request("/adrive/v1.0/openFile/complete", http.MethodPost, func(req *resty.Request) {
+		req.SetBody(base.Json{
+			"drive_id":  d.DriveId,
+			"file_id":   createResp.FileId,
+			"upload_id": createResp.UploadId,
+		})
+	})
+	return err
+}
+
+type ProofRange struct {
+	Start int64
+	End   int64
+}
+
+func getProofRange(input string, size int64) (*ProofRange, error) {
+	if size == 0 {
+		return &ProofRange{}, nil
+	}
+	tmpStr := utils.GetMD5EncodeStr(input)[0:16]
+	tmpInt, err := strconv.ParseUint(tmpStr, 16, 64)
+	if err != nil {
+		return nil, err
+	}
+	index := tmpInt % uint64(size)
+	pr := &ProofRange{
+		Start: int64(index),
+		End:   int64(index) + 8,
+	}
+	if pr.End >= size {
+		pr.End = size
+	}
+	return pr, nil
+}
+
+func (d *AliyundriveOpen) calProofCode(file *os.File, fileSize int64) (string, error) {
+	proofRange, err := getProofRange(d.AccessToken, fileSize)
+	if err != nil {
+		return "", err
+	}
+	buf := make([]byte, proofRange.End-proofRange.Start)
+	_, err = file.ReadAt(buf, proofRange.Start)
+	if err != nil {
+		return "", err
+	}
+	return base64.StdEncoding.EncodeToString(buf), nil
+}
+
+func (d *AliyundriveOpen) upload(ctx context.Context, dstDir model.Obj, stream model.FileStreamer, up driver.UpdateProgress) error {
+	// 1. create
+	// Part Size Unit: Bytes, Default: 20MB,
+	// Maximum number of slices 10,000, ≈195.3125GB
+	var partSize = calPartSize(stream.GetSize())
+	createData := base.Json{
+		"drive_id":        d.DriveId,
+		"parent_file_id":  dstDir.GetID(),
+		"name":            stream.GetName(),
+		"type":            "file",
+		"check_name_mode": "ignore",
+	}
+	count := int(math.Ceil(float64(stream.GetSize()) / float64(partSize)))
+	createData["part_info_list"] = makePartInfos(count)
+	// rapid upload
+	rapidUpload := stream.GetSize() > 100*1024 && d.RapidUpload
+	if rapidUpload {
+		log.Debugf("[aliyundrive_open] start cal pre_hash")
+		// read 1024 bytes to calculate pre hash
+		buf := bytes.NewBuffer(make([]byte, 0, 1024))
+		_, err := io.CopyN(buf, stream, 1024)
+		if err != nil {
+			return err
+		}
+		createData["size"] = stream.GetSize()
+		createData["pre_hash"] = utils.GetSHA1Encode(buf.Bytes())
+		// if support seek, seek to start
+		if localFile, ok := stream.(io.Seeker); ok {
+			if _, err := localFile.Seek(0, io.SeekStart); err != nil {
+				return err
+			}
+		} else {
+			// Put spliced head back to stream
+			stream.SetReadCloser(struct {
+				io.Reader
+				io.Closer
+			}{
+				Reader: io.MultiReader(buf, stream.GetReadCloser()),
+				Closer: stream.GetReadCloser(),
+			})
+		}
+	}
+	var createResp CreateResp
+	_, err, e := d.requestReturnErrResp("/adrive/v1.0/openFile/create", http.MethodPost, func(req *resty.Request) {
+		req.SetBody(createData).SetResult(&createResp)
+	})
+	if err != nil {
+		if e.Code != "PreHashMatched" || !rapidUpload {
+			return err
+		}
+		log.Debugf("[aliyundrive_open] pre_hash matched, start rapid upload")
+		// convert to local file
+		file, err := utils.CreateTempFile(stream)
+		if err != nil {
+			return err
+		}
+		_ = stream.GetReadCloser().Close()
+		stream.SetReadCloser(file)
+		// calculate full hash
+		h := sha1.New()
+		_, err = io.Copy(h, file)
+		if err != nil {
+			return err
+		}
+		delete(createData, "pre_hash")
+		createData["proof_version"] = "v1"
+		createData["content_hash_name"] = "sha1"
+		createData["content_hash"] = hex.EncodeToString(h.Sum(nil))
+		// seek to start
+		if _, err = file.Seek(0, io.SeekStart); err != nil {
+			return err
+		}
+		createData["proof_code"], err = d.calProofCode(file, stream.GetSize())
+		if err != nil {
+			return fmt.Errorf("cal proof code error: %s", err.Error())
+		}
+		_, err = d.request("/adrive/v1.0/openFile/create", http.MethodPost, func(req *resty.Request) {
+			req.SetBody(createData).SetResult(&createResp)
+		})
+		if err != nil {
+			return err
+		}
+		if createResp.RapidUpload {
+			log.Debugf("[aliyundrive_open] rapid upload success, file id: %s", createResp.FileId)
+			return nil
+		}
+		// failed to rapid upload, try normal upload
+		if _, err = file.Seek(0, io.SeekStart); err != nil {
+			return err
+		}
+	}
+	log.Debugf("[aliyundrive_open] create file success, resp: %+v", createResp)
+	return d.normalUpload(ctx, stream, up, createResp, count, partSize)
+}

drivers/aliyundrive_open/util.go

@@ -5,12 +5,12 @@ import (
 	"errors"
 	"fmt"
 	"net/http"
-	"strings"
 
 	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/op"
 	"github.com/alist-org/alist/v3/pkg/utils"
 	"github.com/go-resty/resty/v2"
+	log "github.com/sirupsen/logrus"
 )
 
 // do others that not defined in Driver interface
@@ -20,9 +20,9 @@ func (d *AliyundriveOpen) refreshToken() error {
 	if d.OauthTokenURL != "" && d.ClientID == "" {
 		url = d.OauthTokenURL
 	}
-	var resp base.TokenResp
+	//var resp base.TokenResp
 	var e ErrResp
-	_, err := base.RestyClient.R().
+	res, err := base.RestyClient.R().
 		ForceContentType("application/json").
 		SetBody(base.Json{
 			"client_id":     d.ClientID,
@@ -30,24 +30,31 @@ func (d *AliyundriveOpen) refreshToken() error {
 			"grant_type":    "refresh_token",
 			"refresh_token": d.RefreshToken,
 		}).
-		SetResult(&resp).
+		//SetResult(&resp).
 		SetError(&e).
 		Post(url)
 	if err != nil {
 		return err
 	}
+	log.Debugf("[ali_open] refresh token response: %s", res.String())
 	if e.Code != "" {
 		return fmt.Errorf("failed to refresh token: %s", e.Message)
 	}
-	if resp.RefreshToken == "" {
+	refresh, access := utils.Json.Get(res.Body(), "refresh_token").ToString(), utils.Json.Get(res.Body(), "access_token").ToString()
+	if refresh == "" {
 		return errors.New("failed to refresh token: refresh token is empty")
 	}
-	d.RefreshToken, d.AccessToken = resp.RefreshToken, resp.AccessToken
+	d.RefreshToken, d.AccessToken = refresh, access
 	op.MustSaveDriverStorage(d)
 	return nil
 }
 
 func (d *AliyundriveOpen) request(uri, method string, callback base.ReqCallback, retry ...bool) ([]byte, error) {
+	b, err, _ := d.requestReturnErrResp(uri, method, callback, retry...)
+	return b, err
+}
+
+func (d *AliyundriveOpen) requestReturnErrResp(uri, method string, callback base.ReqCallback, retry ...bool) ([]byte, error, *ErrResp) {
 	req := base.RestyClient.R()
 	// TODO check whether access_token is expired
 	req.SetHeader("Authorization", "Bearer "+d.AccessToken)
@@ -61,20 +68,23 @@ func (d *AliyundriveOpen) request(uri, method string, callback base.ReqCallback,
 	req.SetError(&e)
 	res, err := req.Execute(method, d.base+uri)
 	if err != nil {
-		return nil, err
+		if res != nil {
+			log.Errorf("[aliyundrive_open] request error: %s", res.String())
+		}
+		return nil, err, nil
 	}
 	isRetry := len(retry) > 0 && retry[0]
 	if e.Code != "" {
 		if !isRetry && (utils.SliceContains([]string{"AccessTokenInvalid", "AccessTokenExpired", "I400JD"}, e.Code) || d.AccessToken == "") {
 			err = d.refreshToken()
 			if err != nil {
-				return nil, err
+				return nil, err, nil
 			}
-			return d.request(uri, method, callback, true)
+			return d.requestReturnErrResp(uri, method, callback, true)
 		}
-		return nil, fmt.Errorf("%s:%s", e.Code, e.Message)
+		return nil, fmt.Errorf("%s:%s", e.Code, e.Message), &e
 	}
-	return res.Body(), nil
+	return res.Body(), nil, nil
 }
 
 func (d *AliyundriveOpen) list(ctx context.Context, data base.Json) (*Files, error) {
@@ -117,59 +127,3 @@ func (d *AliyundriveOpen) getFiles(ctx context.Context, fileId string) ([]File,
 	}
 	return res, nil
 }
-
-func makePartInfos(size int) []base.Json {
-	partInfoList := make([]base.Json, size)
-	for i := 0; i < size; i++ {
-		partInfoList[i] = base.Json{"part_number": 1 + i}
-	}
-	return partInfoList
-}
-
-func (d *AliyundriveOpen) getUploadUrl(count int, fileId, uploadId string) ([]PartInfo, error) {
-	partInfoList := makePartInfos(count)
-	var resp CreateResp
-	_, err := d.request("/adrive/v1.0/openFile/getUploadUrl", http.MethodPost, func(req *resty.Request) {
-		req.SetBody(base.Json{
-			"drive_id":       d.DriveId,
-			"file_id":        fileId,
-			"part_info_list": partInfoList,
-			"upload_id":      uploadId,
-		}).SetResult(&resp)
-	})
-	return resp.PartInfoList, err
-}
-
-func (d *AliyundriveOpen) uploadPart(ctx context.Context, i, count int, reader *utils.MultiReadable, resp *CreateResp, retry bool) error {
-	partInfo := resp.PartInfoList[i-1]
-	uploadUrl := partInfo.UploadUrl
-	if d.InternalUpload {
-		uploadUrl = strings.ReplaceAll(uploadUrl, "https://cn-beijing-data.aliyundrive.net/", "http://ccp-bj29-bj-1592982087.oss-cn-beijing-internal.aliyuncs.com/")
-	}
-	req, err := http.NewRequest("PUT", uploadUrl, reader)
-	if err != nil {
-		return err
-	}
-	req = req.WithContext(ctx)
-	res, err := base.HttpClient.Do(req)
-	if err != nil {
-		if retry {
-			reader.Reset()
-			return d.uploadPart(ctx, i, count, reader, resp, false)
-		}
-		return err
-	}
-	res.Body.Close()
-	if retry && res.StatusCode == http.StatusForbidden {
-		resp.PartInfoList, err = d.getUploadUrl(count, resp.FileId, resp.UploadId)
-		if err != nil {
-			return err
-		}
-		reader.Reset()
-		return d.uploadPart(ctx, i, count, reader, resp, false)
-	}
-	if res.StatusCode != http.StatusOK && res.StatusCode != http.StatusConflict {
-		return fmt.Errorf("upload status: %d", res.StatusCode)
-	}
-	return nil
-}

drivers/aliyundrive_share/driver.go

@@ -6,6 +6,7 @@ import (
 	"net/http"
 	"time"
 
+	"github.com/Xhofe/rateg"
 	"github.com/alist-org/alist/v3/drivers/base"
 	"github.com/alist-org/alist/v3/internal/driver"
 	"github.com/alist-org/alist/v3/internal/errs"
@@ -52,8 +53,14 @@ func (d *AliyundriveShare) Init(ctx context.Context) error {
 			log.Errorf("%+v", err)
 		}
 	})
-	d.limitList = utils.LimitRateCtx(d.list, time.Second/4)
-	d.limitLink = utils.LimitRateCtx(d.link, time.Second)
+	d.limitList = rateg.LimitFnCtx(d.list, rateg.LimitFnOption{
+		Limit:  4,
+		Bucket: 1,
+	})
+	d.limitLink = rateg.LimitFnCtx(d.link, rateg.LimitFnOption{
+		Limit:  1,
+		Bucket: 1,
+	})
 	return nil
 }
 

drivers/baidu_netdisk/driver.go

@@ -1,7 +1,6 @@
 package baidu_netdisk
 
 import (
-	"bytes"
 	"context"
 	"crypto/md5"
 	"encoding/hex"
@@ -118,7 +117,6 @@ func (d *BaiduNetdisk) Put(ctx context.Context, dstDir model.Obj, stream model.F
 		_ = os.Remove(tempFile.Name())
 	}()
 	var Default int64 = 4 * 1024 * 1024
-	defaultByteData := make([]byte, Default)
 	count := int(math.Ceil(float64(stream.GetSize()) / float64(Default)))
 	var SliceSize int64 = 256 * 1024
 	// cal md5
@@ -130,20 +128,14 @@ func (d *BaiduNetdisk) Put(ctx context.Context, dstDir model.Obj, stream model.F
 	left := stream.GetSize()
 	for i := 0; i < count; i++ {
 		byteSize := Default
-		var byteData []byte
 		if left < Default {
 			byteSize = left
-			byteData = make([]byte, byteSize)
-		} else {
-			byteData = defaultByteData
 		}
 		left -= byteSize
-		_, err = io.ReadFull(tempFile, byteData)
+		_, err = io.Copy(io.MultiWriter(h1, h2), io.LimitReader(tempFile, byteSize))
 		if err != nil {
 			return err
 		}
-		h1.Write(byteData)
-		h2.Write(byteData)
 		block_list = append(block_list, fmt.Sprintf("\"%s\"", hex.EncodeToString(h2.Sum(nil))))
 		h2.Reset()
 	}
@@ -177,6 +169,7 @@ func (d *BaiduNetdisk) Put(ctx context.Context, dstDir model.Obj, stream model.F
 	params := map[string]string{
 		"method": "precreate",
 	}
+	log.Debugf("[baidu_netdisk] precreate data: %s", data)
 	var precreateResp PrecreateResp
 	_, err = d.post("/xpan/file", params, data, &precreateResp)
 	if err != nil {
@@ -199,24 +192,16 @@ func (d *BaiduNetdisk) Put(ctx context.Context, dstDir model.Obj, stream model.F
 			return ctx.Err()
 		}
 		byteSize := Default
-		var byteData []byte
 		if left < Default {
 			byteSize = left
-			byteData = make([]byte, byteSize)
-		} else {
-			byteData = defaultByteData
 		}
 		left -= byteSize
-		_, err = io.ReadFull(tempFile, byteData)
-		if err != nil {
-			return err
-		}
 		u := "https://d.pcs.baidu.com/rest/2.0/pcs/superfile2"
 		params["partseq"] = strconv.Itoa(partseq)
 		res, err := base.RestyClient.R().
 			SetContext(ctx).
 			SetQueryParams(params).
-			SetFileReader("file", stream.GetName(), bytes.NewReader(byteData)).
+			SetFileReader("file", stream.GetName(), io.LimitReader(tempFile, byteSize)).
 			Post(u)
 		if err != nil {
 			return err

drivers/baidu_netdisk/util.go

@@ -13,6 +13,7 @@ import (
 	"github.com/alist-org/alist/v3/internal/op"
 	"github.com/alist-org/alist/v3/pkg/utils"
 	"github.com/go-resty/resty/v2"
+	log "github.com/sirupsen/logrus"
 )
 
 // do others that not defined in Driver interface
@@ -62,16 +63,17 @@ func (d *BaiduNetdisk) request(furl string, method string, callback base.ReqCall
 	if err != nil {
 		return nil, err
 	}
+	log.Debugf("[baidu_netdisk] req: %s, resp: %s", furl, res.String())
 	errno := utils.Json.Get(res.Body(), "errno").ToInt()
 	if errno != 0 {
-		if errno == -6 {
+		if utils.SliceContains([]int{111, -6}, errno) {
 			err = d.refreshToken()
 			if err != nil {
 				return nil, err
 			}
 			return d.request(furl, method, callback, resp)
 		}
-		return nil, fmt.Errorf("errno: %d, refer to https://pan.baidu.com/union/doc/", errno)
+		return nil, fmt.Errorf("req: [%s] ,errno: %d, refer to https://pan.baidu.com/union/doc/", furl, errno)
 	}
 	return res.Body(), nil
 }

drivers/local/util.go

@@ -64,7 +64,7 @@ func readDir(dirname string) ([]fs.FileInfo, error) {
 func (d *Local) getThumb(file model.Obj) (*bytes.Buffer, *string, error) {
 	fullPath := file.GetPath()
 	thumbPrefix := "alist_thumb_"
-	thumbName := thumbPrefix + utils.GetMD5Encode(fullPath) + ".png"
+	thumbName := thumbPrefix + utils.GetMD5EncodeStr(fullPath) + ".png"
 	if d.ThumbCacheFolder != "" {
 		// skip if the file is a thumbnail
 		if strings.HasPrefix(file.GetName(), thumbPrefix) {
@@ -91,7 +91,7 @@ func (d *Local) getThumb(file model.Obj) (*bytes.Buffer, *string, error) {
 		srcBuf = imgBuf
 	}
 
-	image, err := imaging.Decode(srcBuf)
+	image, err := imaging.Decode(srcBuf, imaging.AutoOrientation(true))
 	if err != nil {
 		return nil, nil, err
 	}

drivers/s3/meta.go

@@ -12,6 +12,7 @@ type Addition struct {
 	Region                   string `json:"region"`
 	AccessKeyID              string `json:"access_key_id" required:"true"`
 	SecretAccessKey          string `json:"secret_access_key" required:"true"`
+	SessionToken             string `json:"session_token"`
 	CustomHost               string `json:"custom_host"`
 	SignURLExpire            int    `json:"sign_url_expire" type:"number" default:"4"`
 	Placeholder              string `json:"placeholder"`

drivers/s3/util.go

@@ -22,7 +22,7 @@ import (
 
 func (d *S3) initSession() error {
 	cfg := &aws.Config{
-		Credentials:      credentials.NewStaticCredentials(d.AccessKeyID, d.SecretAccessKey, ""),
+		Credentials:      credentials.NewStaticCredentials(d.AccessKeyID, d.SecretAccessKey, d.SessionToken),
 		Region:           &d.Region,
 		Endpoint:         &d.Endpoint,
 		S3ForcePathStyle: aws.Bool(d.ForcePathStyle),

drivers/terabox/util.go

@@ -3,15 +3,16 @@ package terbox
 import (
 	"encoding/base64"
 	"fmt"
-	"github.com/alist-org/alist/v3/drivers/base"
-	"github.com/alist-org/alist/v3/internal/model"
-	"github.com/alist-org/alist/v3/pkg/utils"
-	"github.com/go-resty/resty/v2"
 	"net/http"
 	"net/url"
 	"strconv"
 	"strings"
 	"time"
+
+	"github.com/alist-org/alist/v3/drivers/base"
+	"github.com/alist-org/alist/v3/internal/model"
+	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/go-resty/resty/v2"
 )
 
 func (d *Terabox) request(furl string, method string, callback base.ReqCallback, resp interface{}) ([]byte, error) {
@@ -139,6 +140,11 @@ func (d *Terabox) linkOfficial(file model.Obj, args model.LinkArgs) (*model.Link
 	if err != nil {
 		return nil, err
 	}
+
+	if len(resp.Dlink) == 0 {
+		return nil, fmt.Errorf("fid %s no dlink found, errno: %d", file.GetID(), resp.Errno)
+	}
+
 	res, err := base.NoRedirectClient.R().SetHeader("Cookie", d.Cookie).SetHeader("User-Agent", base.UserAgent).Get(resp.Dlink[0].Dlink)
 	if err != nil {
 		return nil, err

drivers/thunder/driver.go

@@ -56,7 +56,7 @@ func (x *Thunder) Init(ctx context.Context) (err error) {
 					"j",
 					"4scKJNdd7F27Hv7tbt",
 				},
-				DeviceID:          utils.GetMD5Encode(x.Username + x.Password),
+				DeviceID:          utils.GetMD5EncodeStr(x.Username + x.Password),
 				ClientID:          "Xp6vsxz_7IYVw2BB",
 				ClientSecret:      "Xp6vsy4tN9toTVdMSpomVdXpRmES",
 				ClientVersion:     "7.51.0.8196",
@@ -137,7 +137,7 @@ func (x *ThunderExpert) Init(ctx context.Context) (err error) {
 
 				DeviceID: func() string {
 					if len(x.DeviceID) != 32 {
-						return utils.GetMD5Encode(x.DeviceID)
+						return utils.GetMD5EncodeStr(x.DeviceID)
 					}
 					return x.DeviceID
 				}(),

drivers/thunder/meta.go

@@ -78,7 +78,7 @@ type Addition struct {
 
 // 登录特征,用于判断是否重新登录
 func (i *Addition) GetIdentity() string {
-	return utils.GetMD5Encode(i.Username + i.Password)
+	return utils.GetMD5EncodeStr(i.Username + i.Password)
 }
 
 var config = driver.Config{

drivers/thunder/util.go

@@ -100,7 +100,7 @@ func (c *Common) GetCaptchaSign() (timestamp, sign string) {
 	timestamp = fmt.Sprint(time.Now().UnixMilli())
 	str := fmt.Sprint(c.ClientID, c.ClientVersion, c.PackageName, c.DeviceID, timestamp)
 	for _, algorithm := range c.Algorithms {
-		str = utils.GetMD5Encode(str + algorithm)
+		str = utils.GetMD5EncodeStr(str + algorithm)
 	}
 	sign = "1." + str
 	return

drivers/uss/driver.go

@@ -81,7 +81,7 @@ func (d *USS) Link(ctx context.Context, file model.Obj, args model.LinkArgs) (*m
 	expireAt := time.Now().Add(downExp).Unix()
 	upd := url.QueryEscape(path.Base(file.GetPath()))
 	signStr := strings.Join([]string{d.OperatorPassword, fmt.Sprint(expireAt), fmt.Sprintf("/%s", key)}, "&")
-	upt := utils.GetMD5Encode(signStr)[12:20] + fmt.Sprint(expireAt)
+	upt := utils.GetMD5EncodeStr(signStr)[12:20] + fmt.Sprint(expireAt)
 	link := fmt.Sprintf("%s?_upd=%s&_upt=%s", u, upd, upt)
 	return &model.Link{URL: link}, nil
 }

go.mod

@@ -8,7 +8,7 @@ require (
 	github.com/Xhofe/wopan-sdk-go v0.1.1
 	github.com/avast/retry-go v3.0.0+incompatible
 	github.com/aws/aws-sdk-go v1.44.262
-	github.com/blevesearch/bleve/v2 v2.3.8
+	github.com/blevesearch/bleve/v2 v2.3.9
 	github.com/caarlos0/env/v9 v9.0.0
 	github.com/coreos/go-oidc v2.2.1+incompatible
 	github.com/deckarep/golang-set/v2 v2.3.0
@@ -23,14 +23,14 @@ require (
 	github.com/gorilla/websocket v1.5.0
 	github.com/hirochachacha/go-smb2 v1.1.0
 	github.com/ipfs/go-ipfs-api v0.6.0
-	github.com/jlaffaye/ftp v0.1.0
+	github.com/jlaffaye/ftp v0.2.0
 	github.com/json-iterator/go v1.1.12
 	github.com/maruel/natural v1.1.0
 	github.com/natefinch/lumberjack v2.0.0+incompatible
 	github.com/pkg/errors v0.9.1
 	github.com/pkg/sftp v1.13.5
 	github.com/pquerna/otp v1.4.0
-	github.com/sirupsen/logrus v1.9.2
+	github.com/sirupsen/logrus v1.9.3
 	github.com/spf13/cobra v1.7.0
 	github.com/t3rm1n4l/go-mega v0.0.0-20230228171823-a01a2cda13ca
 	github.com/u2takey/ffmpeg-go v0.4.1
@@ -48,7 +48,8 @@ require (
 
 require (
 	github.com/BurntSushi/toml v0.3.1 // indirect
-	github.com/RoaringBitmap/roaring v0.9.4 // indirect
+	github.com/RoaringBitmap/roaring v1.2.3 // indirect
+	github.com/Xhofe/rateg v0.0.0-20230728072201-251a4e1adad4 // indirect
 	github.com/aead/ecdh v0.2.0 // indirect
 	github.com/aliyun/aliyun-oss-go-sdk v2.2.5+incompatible // indirect
 	github.com/andreburgaud/crypt2go v1.1.0 // indirect
@@ -59,16 +60,16 @@ require (
 	github.com/blevesearch/go-porterstemmer v1.0.3 // indirect
 	github.com/blevesearch/gtreap v0.1.1 // indirect
 	github.com/blevesearch/mmap-go v1.0.4 // indirect
-	github.com/blevesearch/scorch_segment_api/v2 v2.1.4 // indirect
+	github.com/blevesearch/scorch_segment_api/v2 v2.1.5 // indirect
 	github.com/blevesearch/segment v0.9.1 // indirect
 	github.com/blevesearch/snowballstem v0.9.0 // indirect
 	github.com/blevesearch/upsidedown_store_api v1.0.2 // indirect
-	github.com/blevesearch/vellum v1.0.9 // indirect
-	github.com/blevesearch/zapx/v11 v11.3.7 // indirect
-	github.com/blevesearch/zapx/v12 v12.3.7 // indirect
-	github.com/blevesearch/zapx/v13 v13.3.7 // indirect
-	github.com/blevesearch/zapx/v14 v14.3.7 // indirect
-	github.com/blevesearch/zapx/v15 v15.3.10 // indirect
+	github.com/blevesearch/vellum v1.0.10 // indirect
+	github.com/blevesearch/zapx/v11 v11.3.9 // indirect
+	github.com/blevesearch/zapx/v12 v12.3.9 // indirect
+	github.com/blevesearch/zapx/v13 v13.3.9 // indirect
+	github.com/blevesearch/zapx/v14 v14.3.9 // indirect
+	github.com/blevesearch/zapx/v15 v15.3.12 // indirect
 	github.com/bluele/gcache v0.0.2 // indirect
 	github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc // indirect
 	github.com/bytedance/sonic v1.9.1 // indirect
@@ -131,11 +132,11 @@ require (
 	github.com/u2takey/go-utils v0.3.1 // indirect
 	github.com/ugorji/go/codec v1.2.11 // indirect
 	github.com/whyrusleeping/tar-utils v0.0.0-20180509141711-8c6c8ba81d5c // indirect
-	go.etcd.io/bbolt v1.3.5 // indirect
+	go.etcd.io/bbolt v1.3.7 // indirect
 	golang.org/x/arch v0.3.0 // indirect
 	golang.org/x/sys v0.10.0 // indirect
 	golang.org/x/text v0.11.0 // indirect
-	golang.org/x/time v0.0.0-20220922220347-f3bd1da661af // indirect
+	golang.org/x/time v0.3.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
 	gopkg.in/natefinch/lumberjack.v2 v2.0.0 // indirect

go.sum

@@ -1,11 +1,13 @@
 github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
-github.com/RoaringBitmap/roaring v0.9.4 h1:ckvZSX5gwCRaJYBNe7syNawCU5oruY9gQmjXlp4riwo=
-github.com/RoaringBitmap/roaring v0.9.4/go.mod h1:icnadbWcNyfEHlYdr+tDlOTih1Bf/h+rzPpv4sbomAA=
+github.com/RoaringBitmap/roaring v1.2.3 h1:yqreLINqIrX22ErkKI0vY47/ivtJr6n+kMhVOVmhWBY=
+github.com/RoaringBitmap/roaring v1.2.3/go.mod h1:plvDsJQpxOC5bw8LRteu/MLWHsHez/3y6cubLI4/1yE=
 github.com/SheltonZhu/115driver v1.0.14 h1:uW3dl8J9KDMw+3gPxQdhTysoGhw0/uI1484GT9xhfU4=
 github.com/SheltonZhu/115driver v1.0.14/go.mod h1:00ixivHH5HqDj4S7kAWbkuUrjtsJTxc7cGv5RMw3RVs=
 github.com/Xhofe/go-cache v0.0.0-20220723083548-714439c8af9a h1:RenIAa2q4H8UcS/cqmwdT1WCWIAH5aumP8m8RpbqVsE=
 github.com/Xhofe/go-cache v0.0.0-20220723083548-714439c8af9a/go.mod h1:sSBbaOg90XwWKtpT56kVujF0bIeVITnPlssLclogS04=
+github.com/Xhofe/rateg v0.0.0-20230728072201-251a4e1adad4 h1:WnvifFgYyogPz2ZFvaVLk4gI/Co0paF92FmxSR6U1zY=
+github.com/Xhofe/rateg v0.0.0-20230728072201-251a4e1adad4/go.mod h1:8pWlL2rpusvx7Xa6yYaIWOJ8bR3gPdFBUT7OystyGOY=
 github.com/Xhofe/wopan-sdk-go v0.1.1 h1:dSrTxNYclqNuo9libjtC+R6C4RCen/inh/dUXd12vpM=
 github.com/Xhofe/wopan-sdk-go v0.1.1/go.mod h1:xWcUS7PoFLDD9gy2BK2VQfilEsZngLMz2Vkx3oF2zJY=
 github.com/aead/ecdh v0.2.0 h1:pYop54xVaq/CEREFEcukHRZfTdjiWvYIsZDXXrBapQQ=
@@ -23,8 +25,8 @@ github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT
 github.com/benbjohnson/clock v1.3.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
 github.com/bits-and-blooms/bitset v1.2.0 h1:Kn4yilvwNtMACtf1eYDlG8H77R07mZSPbMjLyS07ChA=
 github.com/bits-and-blooms/bitset v1.2.0/go.mod h1:gIdJ4wp64HaoK2YrL1Q5/N7Y16edYb8uY+O0FJTyyDA=
-github.com/blevesearch/bleve/v2 v2.3.8 h1:IqFyMJ73n4gY8AmVqM8Sa6EtAZ5beE8yramVqCvs2kQ=
-github.com/blevesearch/bleve/v2 v2.3.8/go.mod h1:Lh9aZEHrLKxwPnW4z4lsBEGnflZQ1V/aWP/t+htsiDw=
+github.com/blevesearch/bleve/v2 v2.3.9 h1:pUMvK0mxAexqasZcVj8lazmWnEW5XiV0tASIqANiNTQ=
+github.com/blevesearch/bleve/v2 v2.3.9/go.mod h1:1PibElcjlQMQHF9uS9mRv58ODQgj4pCWHA1Wfd+qagU=
 github.com/blevesearch/bleve_index_api v1.0.5 h1:Lc986kpC4Z0/n1g3gg8ul7H+lxgOQPcXb9SxvQGu+tw=
 github.com/blevesearch/bleve_index_api v1.0.5/go.mod h1:YXMDwaXFFXwncRS8UobWs7nvo0DmusriM1nztTlj1ms=
 github.com/blevesearch/geo v0.1.17 h1:AguzI6/5mHXapzB0gE9IKWo+wWPHZmXZoscHcjFgAFA=
@@ -35,26 +37,26 @@ github.com/blevesearch/gtreap v0.1.1 h1:2JWigFrzDMR+42WGIN/V2p0cUvn4UP3C4Q5nmaZG
 github.com/blevesearch/gtreap v0.1.1/go.mod h1:QaQyDRAT51sotthUWAH4Sj08awFSSWzgYICSZ3w0tYk=
 github.com/blevesearch/mmap-go v1.0.4 h1:OVhDhT5B/M1HNPpYPBKIEJaD0F3Si+CrEKULGCDPWmc=
 github.com/blevesearch/mmap-go v1.0.4/go.mod h1:EWmEAOmdAS9z/pi/+Toxu99DnsbhG1TIxUoRmJw/pSs=
-github.com/blevesearch/scorch_segment_api/v2 v2.1.4 h1:LmGmo5twU3gV+natJbKmOktS9eMhokPGKWuR+jX84vk=
-github.com/blevesearch/scorch_segment_api/v2 v2.1.4/go.mod h1:PgVnbbg/t1UkgezPDu8EHLi1BHQ17xUwsFdU6NnOYS0=
+github.com/blevesearch/scorch_segment_api/v2 v2.1.5 h1:1g713kpCQZ8u4a3stRGBfrwVOuGRnmxOVU5MQkUPrHU=
+github.com/blevesearch/scorch_segment_api/v2 v2.1.5/go.mod h1:f2nOkKS1HcjgIWZgDAErgBdxmr2eyt0Kn7IY+FU1Xe4=
 github.com/blevesearch/segment v0.9.1 h1:+dThDy+Lvgj5JMxhmOVlgFfkUtZV2kw49xax4+jTfSU=
 github.com/blevesearch/segment v0.9.1/go.mod h1:zN21iLm7+GnBHWTao9I+Au/7MBiL8pPFtJBJTsk6kQw=
 github.com/blevesearch/snowballstem v0.9.0 h1:lMQ189YspGP6sXvZQ4WZ+MLawfV8wOmPoD/iWeNXm8s=
 github.com/blevesearch/snowballstem v0.9.0/go.mod h1:PivSj3JMc8WuaFkTSRDW2SlrulNWPl4ABg1tC/hlgLs=
 github.com/blevesearch/upsidedown_store_api v1.0.2 h1:U53Q6YoWEARVLd1OYNc9kvhBMGZzVrdmaozG2MfoB+A=
 github.com/blevesearch/upsidedown_store_api v1.0.2/go.mod h1:M01mh3Gpfy56Ps/UXHjEO/knbqyQ1Oamg8If49gRwrQ=
-github.com/blevesearch/vellum v1.0.9 h1:PL+NWVk3dDGPCV0hoDu9XLLJgqU4E5s/dOeEJByQ2uQ=
-github.com/blevesearch/vellum v1.0.9/go.mod h1:ul1oT0FhSMDIExNjIxHqJoGpVrBpKCdgDQNxfqgJt7k=
-github.com/blevesearch/zapx/v11 v11.3.7 h1:Y6yIAF/DVPiqZUA/jNgSLXmqewfzwHzuwfKyfdG+Xaw=
-github.com/blevesearch/zapx/v11 v11.3.7/go.mod h1:Xk9Z69AoAWIOvWudNDMlxJDqSYGf90LS0EfnaAIvXCA=
-github.com/blevesearch/zapx/v12 v12.3.7 h1:DfQ6rsmZfEK4PzzJJRXjiM6AObG02+HWvprlXQ1Y7eI=
-github.com/blevesearch/zapx/v12 v12.3.7/go.mod h1:SgEtYIBGvM0mgIBn2/tQE/5SdrPXaJUaT/kVqpAPxm0=
-github.com/blevesearch/zapx/v13 v13.3.7 h1:igIQg5eKmjw168I7av0Vtwedf7kHnQro/M+ubM4d2l8=
-github.com/blevesearch/zapx/v13 v13.3.7/go.mod h1:yyrB4kJ0OT75UPZwT/zS+Ru0/jYKorCOOSY5dBzAy+s=
-github.com/blevesearch/zapx/v14 v14.3.7 h1:gfe+fbWslDWP/evHLtp/GOvmNM3sw1BbqD7LhycBX20=
-github.com/blevesearch/zapx/v14 v14.3.7/go.mod h1:9J/RbOkqZ1KSjmkOes03AkETX7hrXT0sFMpWH4ewC4w=
-github.com/blevesearch/zapx/v15 v15.3.10 h1:bQ9ZxJCj6rKp873EuVJu2JPxQ+EWQZI1cjJGeroovaQ=
-github.com/blevesearch/zapx/v15 v15.3.10/go.mod h1:m7Y6m8soYUvS7MjN9eKlz1xrLCcmqfFadmu7GhWIrLY=
+github.com/blevesearch/vellum v1.0.10 h1:HGPJDT2bTva12hrHepVT3rOyIKFFF4t7Gf6yMxyMIPI=
+github.com/blevesearch/vellum v1.0.10/go.mod h1:ul1oT0FhSMDIExNjIxHqJoGpVrBpKCdgDQNxfqgJt7k=
+github.com/blevesearch/zapx/v11 v11.3.9 h1:y3ijS4h4MJdmQ07MHASxat4owAixreK2xdo76w9ncrw=
+github.com/blevesearch/zapx/v11 v11.3.9/go.mod h1:jcAYnQwlr+LqD2vLjDWjWiZDXDXGFqPbpPDRTd3XmS4=
+github.com/blevesearch/zapx/v12 v12.3.9 h1:MXGLlZ03oxXH3DMJTZaBaRj2xb6t4wQVZeZK/wu1M6w=
+github.com/blevesearch/zapx/v12 v12.3.9/go.mod h1:QXCMwmOkdLnMDgTN1P4CcuX5F851iUOtOwXbw0HMBYs=
+github.com/blevesearch/zapx/v13 v13.3.9 h1:+VAz9V0VmllHXlZV4DCvfYj0nqaZHgF3MeEHwOyRBwQ=
+github.com/blevesearch/zapx/v13 v13.3.9/go.mod h1:s+WjNp4WSDtrBVBpa37DUOd7S/Gr/jTZ7ST/MbCVj/0=
+github.com/blevesearch/zapx/v14 v14.3.9 h1:wuqxATgsTCNHM9xsOFOeFp8H2heZ/gMX/tsl9lRK8U4=
+github.com/blevesearch/zapx/v14 v14.3.9/go.mod h1:MWZ4v8AzFBRurhDzkLvokFW8ljcq9Evm27mkWe8OGbM=
+github.com/blevesearch/zapx/v15 v15.3.12 h1:w/kU9aHyfMDEdwHGZzCiakC3HZ9z5gYlXaALDC4Dct8=
+github.com/blevesearch/zapx/v15 v15.3.12/go.mod h1:tx53gDJS/7Oa3Je820cmVurqCuJ4dqdAy1kiDMV/IUo=
 github.com/bluele/gcache v0.0.2 h1:WcbfdXICg7G/DGBh1PFfcirkWOQV+v077yF1pSy3DGw=
 github.com/bluele/gcache v0.0.2/go.mod h1:m15KV+ECjptwSPxKhOhQoAFQVtUFjTVkc3H8o0t/fp0=
 github.com/boombuler/barcode v1.0.1-0.20190219062509-6c824513bacc h1:biVzkmvwrH8WK8raXaxBx6fRVTlJILwEwQGL1I/ByEI=
@@ -169,8 +171,8 @@ github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkr
 github.com/jinzhu/now v1.1.4/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
 github.com/jinzhu/now v1.1.5 h1:/o9tlHleP7gOFmsnYNz3RGnqzefHA47wQpKrrdTIwXQ=
 github.com/jinzhu/now v1.1.5/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
-github.com/jlaffaye/ftp v0.1.0 h1:DLGExl5nBoSFoNshAUHwXAezXwXBvFdx7/qwhucWNSE=
-github.com/jlaffaye/ftp v0.1.0/go.mod h1:hhq4G4crv+nW2qXtNYcuzLeOudG92Ps37HEKeg2e3lE=
+github.com/jlaffaye/ftp v0.2.0 h1:lXNvW7cBu7R/68bknOX3MrRIIqZ61zELs1P2RAiA3lg=
+github.com/jlaffaye/ftp v0.2.0/go.mod h1:is2Ds5qkhceAPy2xD6RLI6hmp/qysSoymZ+Z2uTnspI=
 github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
 github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
 github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
@@ -210,6 +212,7 @@ github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APP
 github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/mattn/go-sqlite3 v1.14.15 h1:vfoHhTN1af61xCRSWzFIWzx2YskyMTwHLrExkBOjvxI=
 github.com/mattn/go-sqlite3 v1.14.15/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
+github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1/go.mod h1:pD8RvIylQ358TN4wwqatJ8rNavkEINozVn9DtGI3dfQ=
 github.com/minio/sha256-simd v1.0.0 h1:v1ta+49hkWZyvaKwrQB8elexRqm6Y0aMLjCNsrYxo6g=
 github.com/minio/sha256-simd v1.0.0/go.mod h1:OuYzVNI5vcoYIAmbIvHPl3N3jUzVedXbKy5RFepssQM=
 github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
@@ -268,8 +271,8 @@ github.com/rogpeppe/go-internal v1.8.0 h1:FCbCCtXNOY3UtUuHUYaghJg4y7Fd14rXifAYUA
 github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6poM+XZ2dLUbcbE=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
-github.com/sirupsen/logrus v1.9.2 h1:oxx1eChJGI6Uks2ZC4W1zpLlVgqB8ner4EuQwV4Ik1Y=
-github.com/sirupsen/logrus v1.9.2/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
+github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
+github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e h1:MRM5ITcdelLK2j1vwZ3Je0FKVCfqOLp5zO6trqMLYs0=
 github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e/go.mod h1:XV66xRDqSt+GTGFMVlhk3ULuV0y9ZmzeVGR4mloJI3M=
 github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI=
@@ -315,8 +318,8 @@ github.com/whyrusleeping/tar-utils v0.0.0-20180509141711-8c6c8ba81d5c/go.mod h1:
 github.com/winfsp/cgofuse v1.5.0 h1:MsBP7Mi/LiJf/7/F3O/7HjjR009ds6KCdqXzKpZSWxI=
 github.com/winfsp/cgofuse v1.5.0/go.mod h1:h3awhoUOcn2VYVKCwDaYxSLlZwnyK+A8KaDoLUp2lbU=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
-go.etcd.io/bbolt v1.3.5 h1:XAzx9gjCb0Rxj7EoqcClPD1d5ZBxZJk0jbuoPHenBt0=
-go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ=
+go.etcd.io/bbolt v1.3.7 h1:j+zJOnnEjF/kyHlDDgGnVL/AIqIJPq8UoB2GSNfkUfQ=
+go.etcd.io/bbolt v1.3.7/go.mod h1:N9Mkw9X8x5fupy0IKsmuqVtoGDyxsaDlbk4Rd05IAQw=
 gocv.io/x/gocv v0.25.0/go.mod h1:Rar2PS6DV+T4FL+PM535EImD/h13hGVaHhnCu1xarBs=
 golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
 golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k=
@@ -358,7 +361,6 @@ golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200602225109-6fdc65e7d980/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -395,6 +397,8 @@ golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxb
 golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20220922220347-f3bd1da661af h1:Yx9k8YCG3dvF87UAn2tu2HQLf2dt/eR1bXxpLMWeH+Y=
 golang.org/x/time v0.0.0-20220922220347-f3bd1da661af/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
+golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=

internal/bootstrap/data/setting.go

@@ -154,13 +154,16 @@ func InitialSettings() []model.SettingItem {
 
 		// SSO settings
 		{Key: conf.SSOLoginEnabled, Value: "false", Type: conf.TypeBool, Group: model.SSO, Flag: model.PUBLIC},
-		{Key: conf.SSOLoginplatform, Type: conf.TypeSelect, Options: "Casdoor,Github,Microsoft,Google,Dingtalk,OIDC", Group: model.SSO, Flag: model.PUBLIC},
+		{Key: conf.SSOLoginPlatform, Type: conf.TypeSelect, Options: "Casdoor,Github,Microsoft,Google,Dingtalk,OIDC", Group: model.SSO, Flag: model.PUBLIC},
 		{Key: conf.SSOClientId, Value: "", Type: conf.TypeString, Group: model.SSO, Flag: model.PRIVATE},
 		{Key: conf.SSOClientSecret, Value: "", Type: conf.TypeString, Group: model.SSO, Flag: model.PRIVATE},
 		{Key: conf.SSOOrganizationName, Value: "", Type: conf.TypeString, Group: model.SSO, Flag: model.PRIVATE},
 		{Key: conf.SSOApplicationName, Value: "", Type: conf.TypeString, Group: model.SSO, Flag: model.PRIVATE},
 		{Key: conf.SSOEndpointName, Value: "", Type: conf.TypeString, Group: model.SSO, Flag: model.PRIVATE},
 		{Key: conf.SSOJwtPublicKey, Value: "", Type: conf.TypeString, Group: model.SSO, Flag: model.PRIVATE},
+		{Key: conf.SSOAutoRegister, Value: "false", Type: conf.TypeBool, Group: model.SSO, Flag: model.PRIVATE},
+		{Key: conf.SSODefaultDir, Value: "/", Type: conf.TypeString, Group: model.SSO, Flag: model.PRIVATE},
+		{Key: conf.SSODefaultPermission, Value: "0", Type: conf.TypeNumber, Group: model.SSO, Flag: model.PRIVATE},
 
 		// qbittorrent settings
 		{Key: conf.QbittorrentUrl, Value: "http://admin:adminadmin@localhost:8080/", Type: conf.TypeString, Group: model.SINGLE, Flag: model.PRIVATE},

internal/conf/const.go

@@ -60,11 +60,14 @@ const (
 	SSOClientId          = "sso_client_id"
 	SSOClientSecret      = "sso_client_secret"
 	SSOLoginEnabled      = "sso_login_enabled"
-	SSOLoginplatform    = "sso_login_platform"
+	SSOLoginPlatform     = "sso_login_platform"
 	SSOOrganizationName  = "sso_organization_name"
 	SSOApplicationName   = "sso_application_name"
 	SSOEndpointName      = "sso_endpoint_name"
 	SSOJwtPublicKey      = "sso_jwt_public_key"
+	SSOAutoRegister      = "sso_auto_register"
+	SSODefaultDir        = "sso_default_dir"
+	SSODefaultPermission = "sso_default_permission"
 
 	// qbittorrent
 	QbittorrentUrl      = "qbittorrent_url"

internal/fs/put.go

@@ -36,7 +36,7 @@ func putAsTask(dstDirPath string, file *model.FileStream) error {
 	UploadTaskManager.Submit(task.WithCancelCtx(&task.Task[uint64]{
 		Name: fmt.Sprintf("upload %s to [%s](%s)", file.GetName(), storage.GetStorage().MountPath, dstDirActualPath),
 		Func: func(task *task.Task[uint64]) error {
-			return op.Put(task.Ctx, storage, dstDirActualPath, file, nil, true)
+			return op.Put(task.Ctx, storage, dstDirActualPath, file, task.SetProgress, true)
 		},
 	}))
 	return nil

internal/model/args.go

@@ -25,6 +25,7 @@ type Link struct {
 	Status     int            // status maybe 200 or 206, etc
 	FilePath   *string        // local file, return the filepath
 	Expiration *time.Duration // url expiration time
+	IPCacheKey bool           // add ip to cache key
 	//Handle     func(w http.ResponseWriter, r *http.Request) error `json:"-"` // custom handler
 	Writer WriterFunc `json:"-"` // custom writer
 }

internal/model/user.go

@@ -33,7 +33,7 @@ type User struct {
 	//  10: can add qbittorrent tasks
 	Permission int32  `json:"permission"`
 	OtpSecret  string `json:"-"`
-	SsoID      string `json:"sso_id"`
+	SsoID      string `json:"sso_id"` // unique by sso platform
 }
 
 func (u User) IsGuest() bool {

internal/op/fs.go

@@ -243,7 +243,7 @@ func Link(ctx context.Context, storage driver.Driver, path string, args model.Li
 	if file.IsDir() {
 		return nil, nil, errors.WithStack(errs.NotFile)
 	}
-	key := Key(storage, path) + ":" + args.IP
+	key := Key(storage, path)
 	if link, ok := linkCache.Get(key); ok {
 		return link, file, nil
 	}
@@ -253,6 +253,9 @@ func Link(ctx context.Context, storage driver.Driver, path string, args model.Li
 			return nil, errors.Wrapf(err, "failed get link")
 		}
 		if link.Expiration != nil {
+			if link.IPCacheKey {
+				key = key + ":" + args.IP
+			}
 			linkCache.Set(key, link, cache.WithEx[*model.Link](*link.Expiration))
 		}
 		return link, nil
@@ -563,6 +566,9 @@ func Put(ctx context.Context, storage driver.Driver, dstDirPath string, file *mo
 			err := Remove(ctx, storage, tempPath)
 			if err != nil {
 				return err
+			} else {
+				key := Key(storage, stdpath.Join(dstDirPath, file.GetName()))
+				linkCache.Del(key)
 			}
 		}
 	}

internal/qbittorrent/client.go

@@ -3,12 +3,13 @@ package qbittorrent
 import (
 	"bytes"
 	"errors"
-	"github.com/alist-org/alist/v3/pkg/utils"
 	"io"
 	"mime/multipart"
 	"net/http"
 	"net/http/cookiejar"
 	"net/url"
+
+	"github.com/alist-org/alist/v3/pkg/utils"
 )
 
 type Client interface {
@@ -213,7 +214,7 @@ type TorrentInfo struct {
 	Hash              string        `json:"hash"`               //
 	LastActivity      int           `json:"last_activity"`      // 上次活跃的时间（Unix Epoch）
 	MagnetURI         string        `json:"magnet_uri"`         // 与此 torrent 对应的 Magnet URI
-	MaxRatio          int           `json:"max_ratio"`          // 种子/上传停止种子前的最大共享比率
+	MaxRatio          float64       `json:"max_ratio"`          // 种子/上传停止种子前的最大共享比率
 	MaxSeedingTime    int           `json:"max_seeding_time"`   // 停止种子种子前的最长种子时间（秒）
 	Name              string        `json:"name"`               //
 	NumComplete       int           `json:"num_complete"`       //

pkg/utils/fn_limiter.go

@@ -1,114 +0,0 @@
-package utils
-
-import (
-	"context"
-	"reflect"
-	"time"
-)
-
-func LimitRateReflect(f interface{}, interval time.Duration) func(...interface{}) []interface{} {
-	// Use closures to save the time of the last function call
-	var lastCall time.Time
-
-	fValue := reflect.ValueOf(f)
-	fType := fValue.Type()
-
-	if fType.Kind() != reflect.Func {
-		panic("f must be a function")
-	}
-
-	//if fType.NumOut() == 0 {
-	//	panic("f must have at least one output parameter")
-	//}
-
-	outCount := fType.NumOut()
-	outTypes := make([]reflect.Type, outCount)
-
-	for i := 0; i < outCount; i++ {
-		outTypes[i] = fType.Out(i)
-	}
-
-	// Returns a new function, which is used to limit the function to be called only once at a specified time interval
-	return func(args ...interface{}) []interface{} {
-		// Calculate the time interval since the last function call
-		elapsed := time.Since(lastCall)
-		// If the interval is less than the specified time, wait for the remaining time
-		if elapsed < interval {
-			time.Sleep(interval - elapsed)
-		}
-		// Update the time of the last function call
-		lastCall = time.Now()
-
-		inCount := fType.NumIn()
-		in := make([]reflect.Value, inCount)
-
-		if len(args) != inCount {
-			panic("wrong number of arguments")
-		}
-
-		for i := 0; i < inCount; i++ {
-			in[i] = reflect.ValueOf(args[i])
-		}
-
-		out := fValue.Call(in)
-
-		if len(out) != outCount {
-			panic("function returned wrong number of values")
-		}
-
-		result := make([]interface{}, outCount)
-
-		for i := 0; i < outCount; i++ {
-			result[i] = out[i].Interface()
-		}
-
-		return result
-	}
-}
-
-type Fn[T any, R any] func(T) (R, error)
-type FnCtx[T any, R any] func(context.Context, T) (R, error)
-
-func LimitRate[T any, R any](f Fn[T, R], interval time.Duration) Fn[T, R] {
-	// Use closures to save the time of the last function call
-	var lastCall time.Time
-	// Returns a new function, which is used to limit the function to be called only once at a specified time interval
-	return func(t T) (R, error) {
-		// Calculate the time interval since the last function call
-		elapsed := time.Since(lastCall)
-		// If the interval is less than the specified time, wait for the remaining time
-		if elapsed < interval {
-			time.Sleep(interval - elapsed)
-		}
-		// Update the time of the last function call
-		lastCall = time.Now()
-		// Execute the function that needs to be limited
-		return f(t)
-	}
-}
-
-func LimitRateCtx[T any, R any](f FnCtx[T, R], interval time.Duration) FnCtx[T, R] {
-	// Use closures to save the time of the last function call
-	var lastCall time.Time
-	// Returns a new function, which is used to limit the function to be called only once at a specified time interval
-	return func(ctx context.Context, t T) (R, error) {
-		// Calculate the time interval since the last function call
-		elapsed := time.Since(lastCall)
-		// If the interval is less than the specified time, wait for the remaining time
-		if elapsed < interval {
-			t := time.NewTimer(interval - elapsed)
-			select {
-			case <-ctx.Done():
-				t.Stop()
-				var zero R
-				return zero, ctx.Err()
-			case <-t.C:
-
-			}
-		}
-		// Update the time of the last function call
-		lastCall = time.Now()
-		// Execute the function that needs to be limited
-		return f(ctx, t)
-	}
-}

pkg/utils/fn_limiter_test.go

@@ -1,59 +0,0 @@
-package utils_test
-
-import (
-	"context"
-	"testing"
-	"time"
-
-	"github.com/alist-org/alist/v3/pkg/utils"
-)
-
-func myFunction(a int) (int, error) {
-	// do something
-	return a + 1, nil
-}
-
-func TestLimitRate(t *testing.T) {
-	myLimitedFunction := utils.LimitRate(myFunction, time.Second)
-	result, _ := myLimitedFunction(1)
-	t.Log(result) // Output: 2
-	result, _ = myLimitedFunction(2)
-	t.Log(result) // Output: 3
-}
-
-type Test struct {
-	limitFn func(string) (string, error)
-}
-
-func (t *Test) myFunction(a string) (string, error) {
-	// do something
-	return a + " world", nil
-}
-
-func TestLimitRateStruct(t *testing.T) {
-	test := &Test{}
-	test.limitFn = utils.LimitRate(test.myFunction, time.Second)
-	result, _ := test.limitFn("hello")
-	t.Log(result) // Output: hello world
-	result, _ = test.limitFn("hi")
-	t.Log(result) // Output: hi world
-}
-
-func myFunctionCtx(ctx context.Context, a int) (int, error) {
-	// do something
-	return a + 1, nil
-}
-func TestLimitRateCtx(t *testing.T) {
-	myLimitedFunction := utils.LimitRateCtx(myFunctionCtx, time.Second)
-	result, _ := myLimitedFunction(context.Background(), 1)
-	t.Log(result) // Output: 2
-	ctx, cancel := context.WithCancel(context.Background())
-	go func() {
-		time.Sleep(500 * time.Millisecond)
-		cancel()
-	}()
-	result, err := myLimitedFunction(ctx, 2)
-	t.Log(result, err) // Output: 0 context canceled
-	result, _ = myLimitedFunction(context.Background(), 3)
-	t.Log(result) // Output: 4
-}

pkg/utils/hash.go

@@ -9,24 +9,28 @@ import (
 	"strings"
 )
 
-func GetSHA1Encode(data string) string {
+func GetSHA1Encode(data []byte) string {
 	h := sha1.New()
-	h.Write([]byte(data))
+	h.Write(data)
 	return hex.EncodeToString(h.Sum(nil))
 }
 
-func GetSHA256Encode(data string) string {
+func GetSHA256Encode(data []byte) string {
 	h := sha256.New()
-	h.Write([]byte(data))
+	h.Write(data)
 	return hex.EncodeToString(h.Sum(nil))
 }
 
-func GetMD5Encode(data string) string {
+func GetMD5Encode(data []byte) string {
 	h := md5.New()
-	h.Write([]byte(data))
+	h.Write(data)
 	return hex.EncodeToString(h.Sum(nil))
 }
 
+func GetMD5EncodeStr(data string) string {
+	return GetMD5Encode([]byte(data))
+}
+
 var DEC = map[string]string{
 	"-": "+",
 	"_": "/",

server/handles/ssologin.go

@@ -11,8 +11,10 @@ import (
 
 	"github.com/alist-org/alist/v3/internal/conf"
 	"github.com/alist-org/alist/v3/internal/db"
+	"github.com/alist-org/alist/v3/internal/model"
 	"github.com/alist-org/alist/v3/internal/setting"
 	"github.com/alist-org/alist/v3/pkg/utils"
+	"github.com/alist-org/alist/v3/pkg/utils/random"
 	"github.com/alist-org/alist/v3/server/common"
 	"github.com/coreos/go-oidc"
 	"github.com/gin-gonic/gin"
@@ -20,6 +22,7 @@ import (
 	"github.com/pquerna/otp"
 	"github.com/pquerna/otp/totp"
 	"golang.org/x/oauth2"
+	"gorm.io/gorm"
 )
 
 var opts = totp.ValidateOpts{
@@ -35,7 +38,7 @@ func SSOLoginRedirect(c *gin.Context) {
 	method := c.Query("method")
 	enabled := setting.GetBool(conf.SSOLoginEnabled)
 	clientId := setting.GetStr(conf.SSOClientId)
-	platform := setting.GetStr(conf.SSOLoginplatform)
+	platform := setting.GetStr(conf.SSOLoginPlatform)
 	var r_url string
 	var redirect_uri string
 	if enabled {
@@ -76,7 +79,7 @@ func SSOLoginRedirect(c *gin.Context) {
 				return
 			}
 			// generate state parameter
-			state,err := totp.GenerateCodeCustom(base32.StdEncoding.EncodeToString([]byte(oauth2Config.ClientSecret)), time.Now(), opts)
+			state, err := totp.GenerateCodeCustom(base32.StdEncoding.EncodeToString([]byte(oauth2Config.ClientSecret)), time.Now(), opts)
 			if err != nil {
 				common.ErrorStrResp(c, err.Error(), 400)
 				return
@@ -118,13 +121,39 @@ func GetOIDCClient(c *gin.Context) (*oauth2.Config, error) {
 	}, nil
 }
 
+func autoRegister(username, userID string, err error) (*model.User, error) {
+	if !errors.Is(err, gorm.ErrRecordNotFound) || !setting.GetBool(conf.SSOAutoRegister) {
+		return nil, err
+	}
+	if username == "" {
+		return nil, errors.New("cannot get username from SSO provider")
+	}
+	user := &model.User{
+		ID:         0,
+		Username:   username,
+		Password:   random.String(16),
+		Permission: int32(setting.GetInt(conf.SSODefaultPermission, 0)),
+		BasePath:   setting.GetStr(conf.SSODefaultDir),
+		Role:       0,
+		Disabled:   false,
+		SsoID:      userID,
+	}
+	if err = db.CreateUser(user); err != nil {
+		if strings.HasPrefix(err.Error(), "UNIQUE constraint failed") && strings.HasSuffix(err.Error(), "username") {
+			user.Username = user.Username + "_" + userID
+			if err = db.CreateUser(user); err != nil {
+				return nil, err
+			}
+		} else {
+			return nil, err
+		}
+	}
+	return user, nil
+}
+
 func OIDCLoginCallback(c *gin.Context) {
 	argument := c.Query("method")
-	enabled := setting.GetBool(conf.SSOLoginEnabled)
 	clientId := setting.GetStr(conf.SSOClientId)
-	if !enabled {
-		common.ErrorResp(c, errors.New("invalid request"), 500)
-	}
 	endpoint := setting.GetStr(conf.SSOEndpointName)
 	provider, err := oidc.NewProvider(c, endpoint)
 	if err != nil {
@@ -170,7 +199,7 @@ func OIDCLoginCallback(c *gin.Context) {
 	}
 	claims := UserInfo{}
 	if err := idToken.Claims(&claims); err != nil {
-		c.Error(err)
+		common.ErrorResp(c, err, 400)
 		return
 	}
 	UserID := claims.Name
@@ -188,9 +217,12 @@ func OIDCLoginCallback(c *gin.Context) {
 	}
 	if argument == "sso_get_token" {
 		user, err := db.GetUserBySSOID(UserID)
+		if err != nil {
+			user, err = autoRegister(UserID, UserID, err)
 			if err != nil {
 				common.ErrorResp(c, err, 400)
 			}
+		}
 		token, err := common.GenerateToken(user.Username)
 		if err != nil {
 			common.ErrorResp(c, err, 400)
@@ -209,48 +241,58 @@ func OIDCLoginCallback(c *gin.Context) {
 }
 
 func SSOLoginCallback(c *gin.Context) {
-	argument := c.Query("method")
-	if argument == "get_sso_id" || argument == "sso_get_token" {
 	enabled := setting.GetBool(conf.SSOLoginEnabled)
+	if !enabled {
+		common.ErrorResp(c, errors.New("sso login is disabled"), 500)
+	}
+	argument := c.Query("method")
+	if !utils.SliceContains([]string{"get_sso_id", "sso_get_token"}, argument) {
+		common.ErrorResp(c, errors.New("invalid request"), 500)
+	}
 	clientId := setting.GetStr(conf.SSOClientId)
-		platform := setting.GetStr(conf.SSOLoginplatform)
+	platform := setting.GetStr(conf.SSOLoginPlatform)
 	clientSecret := setting.GetStr(conf.SSOClientSecret)
-		var url1, url2, additionalbody, scope, authstring, idstring string
+	var tokenUrl, userUrl, scope, authField, idField, usernameField string
+	additionalForm := make(map[string]string)
 	switch platform {
 	case "Github":
-			url1 = "https://github.com/login/oauth/access_token"
-			url2 = "https://api.github.com/user"
-			additionalbody = ""
-			authstring = "code"
+		tokenUrl = "https://github.com/login/oauth/access_token"
+		userUrl = "https://api.github.com/user"
+		authField = "code"
 		scope = "read:user"
-			idstring = "id"
+		idField = "id"
+		usernameField = "login"
 	case "Microsoft":
-			url1 = "https://login.microsoftonline.com/common/oauth2/v2.0/token"
-			url2 = "https://graph.microsoft.com/v1.0/me"
-			additionalbody = "&grant_type=authorization_code"
+		tokenUrl = "https://login.microsoftonline.com/common/oauth2/v2.0/token"
+		userUrl = "https://graph.microsoft.com/v1.0/me"
+		additionalForm["grant_type"] = "authorization_code"
 		scope = "user.read"
-			authstring = "code"
-			idstring = "id"
+		authField = "code"
+		idField = "id"
+		usernameField = "displayName"
 	case "Google":
-			url1 = "https://oauth2.googleapis.com/token"
-			url2 = "https://www.googleapis.com/oauth2/v1/userinfo"
-			additionalbody = "&grant_type=authorization_code"
+		tokenUrl = "https://oauth2.googleapis.com/token"
+		userUrl = "https://www.googleapis.com/oauth2/v1/userinfo"
+		additionalForm["grant_type"] = "authorization_code"
 		scope = "https://www.googleapis.com/auth/userinfo.profile"
-			authstring = "code"
-			idstring = "id"
+		authField = "code"
+		idField = "id"
+		usernameField = "name"
 	case "Dingtalk":
-			url1 = "https://api.dingtalk.com/v1.0/oauth2/userAccessToken"
-			url2 = "https://api.dingtalk.com/v1.0/contact/users/me"
-			authstring = "authCode"
-			idstring = "unionId"
+		tokenUrl = "https://api.dingtalk.com/v1.0/oauth2/userAccessToken"
+		userUrl = "https://api.dingtalk.com/v1.0/contact/users/me"
+		authField = "authCode"
+		idField = "unionId"
+		usernameField = "nick"
 	case "Casdoor":
 		endpoint := strings.TrimSuffix(setting.GetStr(conf.SSOEndpointName), "/")
-			url1 = endpoint + "/api/login/oauth/access_token"
-			url2 = endpoint + "/api/userinfo"
-			additionalbody = "&grant_type=authorization_code"
+		tokenUrl = endpoint + "/api/login/oauth/access_token"
+		userUrl = endpoint + "/api/userinfo"
+		additionalForm["grant_type"] = "authorization_code"
 		scope = "profile"
-			authstring = "code"
-			idstring = "preferred_username"
+		authField = "code"
+		idField = "sub"
+		usernameField = "preferred_username"
 	case "OIDC":
 		OIDCLoginCallback(c)
 		return
@@ -258,8 +300,7 @@ func SSOLoginCallback(c *gin.Context) {
 		common.ErrorStrResp(c, "invalid platform", 400)
 		return
 	}
-		if enabled {
-			callbackCode := c.Query(authstring)
+	callbackCode := c.Query(authField)
 	if callbackCode == "" {
 		common.ErrorStrResp(c, "No code provided", 400)
 		return
@@ -274,11 +315,16 @@ func SSOLoginCallback(c *gin.Context) {
 				"code":         callbackCode,
 				"grantType":    "authorization_code",
 			}).
-					Post(url1)
+			Post(tokenUrl)
 	} else {
-				resp, err = ssoClient.R().SetHeader("content-type", "application/x-www-form-urlencoded").SetHeader("Accept", "application/json").
-					SetBody("client_id=" + clientId + "&client_secret=" + clientSecret + "&code=" + callbackCode + "&redirect_uri=" + common.GetApiUrl(c.Request) + "/api/auth/sso_callback?method=" + argument + "&scope=" + scope + additionalbody).
-					Post(url1)
+		resp, err = ssoClient.R().SetHeader("Accept", "application/json").
+			SetFormData(map[string]string{
+				"client_id":     clientId,
+				"client_secret": clientSecret,
+				"code":          callbackCode,
+				"redirect_uri":  common.GetApiUrl(c.Request) + "/api/auth/sso_callback?method=" + argument,
+				"scope":         scope,
+			}).SetFormData(additionalForm).Post(tokenUrl)
 	}
 	if err != nil {
 		common.ErrorResp(c, err, 400)
@@ -287,18 +333,18 @@ func SSOLoginCallback(c *gin.Context) {
 	if platform == "Dingtalk" {
 		accessToken := utils.Json.Get(resp.Body(), "accessToken").ToString()
 		resp, err = ssoClient.R().SetHeader("x-acs-dingtalk-access-token", accessToken).
-					Get(url2)
+			Get(userUrl)
 	} else {
 		accessToken := utils.Json.Get(resp.Body(), "access_token").ToString()
 		resp, err = ssoClient.R().SetHeader("Authorization", "Bearer "+accessToken).
-					Get(url2)
+			Get(userUrl)
 	}
 	if err != nil {
 		common.ErrorResp(c, err, 400)
 		return
 	}
-			UserID := utils.Json.Get(resp.Body(), idstring).ToString()
-			if UserID == "0" {
+	userID := utils.Json.Get(resp.Body(), idField).ToString()
+	if utils.SliceContains([]string{"", "0"}, userID) {
 		common.ErrorResp(c, errors.New("error occured"), 400)
 		return
 	}
@@ -310,14 +356,18 @@ func SSOLoginCallback(c *gin.Context) {
 				window.opener.postMessage({"sso_id": "%s"}, "*")
 				window.close()
 				</script>
-				</body>`, UserID)
+				</body>`, userID)
 		c.Data(200, "text/html; charset=utf-8", []byte(html))
 		return
 	}
-			if argument == "sso_get_token" {
-				user, err := db.GetUserBySSOID(UserID)
+	username := utils.Json.Get(resp.Body(), usernameField).ToString()
+	user, err := db.GetUserBySSOID(userID)
+	if err != nil {
+		user, err = autoRegister(username, userID, err)
 		if err != nil {
 			common.ErrorResp(c, err, 400)
+			return
+		}
 	}
 	token, err := common.GenerateToken(user.Username)
 	if err != nil {
@@ -332,10 +382,4 @@ func SSOLoginCallback(c *gin.Context) {
 							</script>
 							</body>`, token)
 	c.Data(200, "text/html; charset=utf-8", []byte(html))
-				return
-			}
-		} else {
-			common.ErrorResp(c, errors.New("invalid request"), 500)
-		}
-	}
 }