spring boot OSS获取STS签名

1.前置准备工作:

AccessKey ID 和 AccessKey Secret

https://usercenter.console.aliyun.com/#/manage/ak

RAM角色管理

https://ram.console.aliyun.com/roles

上后端代码:

<!--阿里云OSS-->
<dependency>
    <groupId>com.aliyun.oss</groupId>
    <artifactId>aliyun-sdk-oss</artifactId>
    <version>3.8.0</version>
</dependency>
<dependency>
    <groupId>com.aliyun</groupId>
    <artifactId>aliyun-java-sdk-sts</artifactId>
    <version>3.0.0</version>
</dependency>
<dependency>
    <groupId>com.aliyun</groupId>
    <artifactId>aliyun-java-sdk-core</artifactId>
    <version>4.4.6</version>
</dependency>
package com.erhuo.kgs.vo;

import lombok.Data;

/**
 * @author cyy
 * @ClassName AliOssPolicyVo
 * @Description TODO
 * @date2020/5/5 0:01
 * @Version 1.0
 */
@Data
public class AliOssSTSVo {

    /**
     * id
     */
    private String AccessKeyId;
    /**
     * secret
     */
    private String AccessKeySecret;
    /**
     * token
     */
    private String SecurityToken;

    public AliOssSTSVo(String accessKeyId, String accessKeySecret, String securityToken) {
        AccessKeyId = accessKeyId;
        AccessKeySecret = accessKeySecret;
        SecurityToken = securityToken;
    }
}
package com.erhuo.kgs.controller;

import com.erhuo.kgs.service.OssService;
import com.erhuo.kgs.utils.ResultVoUtil;
import com.erhuo.kgs.vo.AliOssSTSVo;
import com.erhuo.kgs.vo.ResultVo;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;


/**
 * @author cyy
 * @ClassName FileController
 * @Description TODO
 * @date2020/5/3 22:54
 * @Version 1.0
 */
@RestController
@RequestMapping("/file")
@Api(value = "FileController", description = "文件管理")
public class FileController {

    @Autowired
    private OssService ossService;

    @ApiOperation(value = "获取STS")
    @GetMapping("STS")
    public ResultVo<AliOssSTSVo> getSTS() {
        return ResultVoUtil.success(ossService.getSTS(""));
    }

}
package com.erhuo.kgs.service;

import com.erhuo.kgs.vo.AliOssSTSVo;

public interface OssService {

    /**
     * @return java.lang.String
     * @Description 获取STS
     * @author cyy
     * @date 2020/5/4 20:52
     * @Param [token]
     */
    AliOssSTSVo getSTS(String token);

}
package com.erhuo.kgs.service.impl;
import com.aliyuncs.DefaultAcsClient;
import com.aliyuncs.exceptions.ClientException;
import com.aliyuncs.http.MethodType;
import com.aliyuncs.profile.DefaultProfile;
import com.aliyuncs.profile.IClientProfile;
import com.aliyuncs.sts.model.v20150401.AssumeRoleRequest;
import com.aliyuncs.sts.model.v20150401.AssumeRoleResponse;
import com.erhuo.kgs.service.OssService;
import com.erhuo.kgs.vo.AliOssSTSVo;
import org.springframework.stereotype.Service;


/**
 * @author cyy
 * @ClassName OssServiceImpl
 * @Description TODO
 * @date2020/5/3 11:59
 * @Version 1.0
 */
@Service
public class OssServiceImpl implements OssService {

    /**
     * @return java.lang.String
     * @Description 获取OSS STS
     * @author cyy
     * @date 2020/5/4 20:52
     * @Param [token]
     */
    @Override
    public AliOssSTSVo getSTS(String token) {
        String roleArn = "acs:ram::1302替换成你的8018:role/xxxx";
        String roleSessionName = String.valueOf((int) ((Math.random() * 9 + 1) * 1000));
        String policy = null;
        try {
            //构造default profile(参数留空,无需添加Region ID)
//            http://oss-cn-shanghai.aliyuncs.com
            // cn-beijing替換成你的bucket地址
            IClientProfile profile = DefaultProfile.getProfile("cn-beijing",
                    "你的AccessKey",
                    "你的AccessKey Secret");
            //用profile构造client
            DefaultAcsClient client = new DefaultAcsClient(profile);
            final AssumeRoleRequest request = new AssumeRoleRequest();
//            request.setSysEndpoint(endpoint);
            request.setSysMethod(MethodType.POST);
            request.setRoleArn(roleArn);
            request.setRoleSessionName(roleSessionName);
            request.setPolicy(policy); // Optional
            final AssumeRoleResponse response = client.getAcsResponse(request);
            System.out.println("Expiration: " + response.getCredentials().getExpiration());
            System.out.println("Access Key Id: " + response.getCredentials().getAccessKeyId());
            System.out.println("Access Key Secret: " + response.getCredentials().getAccessKeySecret());
            System.out.println("Security Token: " + response.getCredentials().getSecurityToken());
            System.out.println("RequestId: " + response.getRequestId());
            AliOssSTSVo result = new AliOssSTSVo(response.getCredentials().getAccessKeyId(),
                    response.getCredentials().getAccessKeySecret(),
                    response.getCredentials().getSecurityToken());
            return result;
        } catch (ClientException e) {
            System.out.println("Failed:");
            System.out.println("Error code: " + e.getErrCode());
            System.out.println("Error message: " + e.getErrMsg());
            System.out.println("RequestId: " + e.getRequestId());
            return null;
        }
    }

}

请求sts

spring boot OSS获取STS签名

原文链接:,转发请注明来源!

发表评论