fix(uni-id-co): 修复URL签名校验逻辑

(cherry picked from commit 5e578f0e)

uni_modules/uni-id-pages/uniCloud/cloudfunctions/uni-id-co/middleware/verify-request-sign.js

@@ -2,17 +2,24 @@ const crypto = require('crypto')
 const { ERROR } = require('../common/error')
 const needSignFunctions = new Set([
   'externalRegister',
-  'externalLogin'
+  'externalLogin',
+  'updateUserInfoByExternal'
 ])
 
 module.exports = function () {
   const methodName = this.getMethodName()
   const { source } = this.getUniversalClientInfo()
-  // 非 HTTP 方式请求不需要鉴权
-  if (source !== 'http') return
+
   // 指定接口需要鉴权
   if (!needSignFunctions.has(methodName)) return
 
+  // 非 HTTP 方式请求拒绝访问
+  if (source !== 'http') {
+    throw {
+      errCode: ERROR.ILLEGAL_REQUEST
+    }
+  }
+
   const timeout = 20 * 1000 // 请求超过20秒不能再请求，防止重放攻击
   const { headers, body: _body } = this.getHttpInfo()
   const { 'uni-id-nonce': nonce, 'uni-id-timestamp': timestamp, 'uni-id-signature': signature } = headers