分类目录: java
spring boot OSS获取STS签名
Post date:
Author: cyy
标签: OSS
Number of comments: no comments
1.前置准备工作:
AccessKey ID 和 AccessKey Secret
https://usercenter.console.aliyun.com/#/manage/ak
RAM角色管理
https://ram.console.aliyun.com/roles
上后端代码:
<!--阿里云OSS-->
<dependency>
<groupId>com.aliyun.oss</groupId>
<artifactId>aliyun-sdk-oss</artifactId>
<version>3.8.0</version>
</dependency>
<dependency>
<groupId>com.aliyun</groupId>
<artifactId>aliyun-java-sdk-sts</artifactId>
<version>3.0.0</version>
</dependency>
<dependency>
<groupId>com.aliyun</groupId>
<artifactId>aliyun-java-sdk-core</artifactId>
<version>4.4.6</version>
</dependency>
package com.erhuo.kgs.vo;
import lombok.Data;
/**
* @author cyy
* @ClassName AliOssPolicyVo
* @Description TODO
* @date2020/5/5 0:01
* @Version 1.0
*/
@Data
public class AliOssSTSVo {
/**
* id
*/
private String AccessKeyId;
/**
* secret
*/
private String AccessKeySecret;
/**
* token
*/
private String SecurityToken;
public AliOssSTSVo(String accessKeyId, String accessKeySecret, String securityToken) {
AccessKeyId = accessKeyId;
AccessKeySecret = accessKeySecret;
SecurityToken = securityToken;
}
}
package com.erhuo.kgs.controller;
import com.erhuo.kgs.service.OssService;
import com.erhuo.kgs.utils.ResultVoUtil;
import com.erhuo.kgs.vo.AliOssSTSVo;
import com.erhuo.kgs.vo.ResultVo;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
/**
* @author cyy
* @ClassName FileController
* @Description TODO
* @date2020/5/3 22:54
* @Version 1.0
*/
@RestController
@RequestMapping("/file")
@Api(value = "FileController", description = "文件管理")
public class FileController {
@Autowired
private OssService ossService;
@ApiOperation(value = "获取STS")
@GetMapping("STS")
public ResultVo<AliOssSTSVo> getSTS() {
return ResultVoUtil.success(ossService.getSTS(""));
}
}
package com.erhuo.kgs.service;
import com.erhuo.kgs.vo.AliOssSTSVo;
public interface OssService {
/**
* @return java.lang.String
* @Description 获取STS
* @author cyy
* @date 2020/5/4 20:52
* @Param [token]
*/
AliOssSTSVo getSTS(String token);
}
package com.erhuo.kgs.service.impl;
import com.aliyuncs.DefaultAcsClient;
import com.aliyuncs.exceptions.ClientException;
import com.aliyuncs.http.MethodType;
import com.aliyuncs.profile.DefaultProfile;
import com.aliyuncs.profile.IClientProfile;
import com.aliyuncs.sts.model.v20150401.AssumeRoleRequest;
import com.aliyuncs.sts.model.v20150401.AssumeRoleResponse;
import com.erhuo.kgs.service.OssService;
import com.erhuo.kgs.vo.AliOssSTSVo;
import org.springframework.stereotype.Service;
/**
* @author cyy
* @ClassName OssServiceImpl
* @Description TODO
* @date2020/5/3 11:59
* @Version 1.0
*/
@Service
public class OssServiceImpl implements OssService {
/**
* @return java.lang.String
* @Description 获取OSS STS
* @author cyy
* @date 2020/5/4 20:52
* @Param [token]
*/
@Override
public AliOssSTSVo getSTS(String token) {
String roleArn = "acs:ram::1302替换成你的8018:role/xxxx";
String roleSessionName = String.valueOf((int) ((Math.random() * 9 + 1) * 1000));
String policy = null;
try {
//构造default profile(参数留空,无需添加Region ID)
// http://oss-cn-shanghai.aliyuncs.com
// cn-beijing替換成你的bucket地址
IClientProfile profile = DefaultProfile.getProfile("cn-beijing",
"你的AccessKey",
"你的AccessKey Secret");
//用profile构造client
DefaultAcsClient client = new DefaultAcsClient(profile);
final AssumeRoleRequest request = new AssumeRoleRequest();
// request.setSysEndpoint(endpoint);
request.setSysMethod(MethodType.POST);
request.setRoleArn(roleArn);
request.setRoleSessionName(roleSessionName);
request.setPolicy(policy); // Optional
final AssumeRoleResponse response = client.getAcsResponse(request);
System.out.println("Expiration: " + response.getCredentials().getExpiration());
System.out.println("Access Key Id: " + response.getCredentials().getAccessKeyId());
System.out.println("Access Key Secret: " + response.getCredentials().getAccessKeySecret());
System.out.println("Security Token: " + response.getCredentials().getSecurityToken());
System.out.println("RequestId: " + response.getRequestId());
AliOssSTSVo result = new AliOssSTSVo(response.getCredentials().getAccessKeyId(),
response.getCredentials().getAccessKeySecret(),
response.getCredentials().getSecurityToken());
return result;
} catch (ClientException e) {
System.out.println("Failed:");
System.out.println("Error code: " + e.getErrCode());
System.out.println("Error message: " + e.getErrMsg());
System.out.println("RequestId: " + e.getRequestId());
return null;
}
}
}
请求sts