背景
上传图片或者视频到阿里oss上,需要自己部署服务器来给app提供token,其中token是有实效的。
提前工作
需要依赖的jar有三个,分别是:aliyun-java-sdk-core-2.1.7.jar、
aliyun-java-sdk-sts-2.1.6.jar、aliyun-sdk-oss-2.0.6.jar
将jar生成pom依赖
使用mvn命令:
mvn install:install-file -Dfile=/Users/jieyw/Downloads/AppTokenServerDemo/lib/aliyun-java-sdk-core-2.1.7.jar -DgroupId=com.alibaba -DartifactId=aliyun-sdk-core -Dversion=1.0 -Dpackaging=jar
mvn install:install-file -Dfile=/Users/jieyw/Downloads/AppTokenServerDemo/lib/aliyun-java-sdk-sts-2.1.6.jar -DgroupId=com.alibaba -DartifactId=aliyun-sdk-sts -Dversion=1.0 -Dpackaging=jar
mvn install:install-file -Dfile=/Users/jieyw/Downloads/AppTokenServerDemo/lib/aliyun-sdk-oss-2.0.6.jar -DgroupId=com.alibaba -DartifactId=aliyun-sdk-oss -Dversion=1.0 -Dpackaging=jar
这样在maven-data中就看到了响应的pom文件
引入自己的工程:
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>aliyun-sdk-core</artifactId>
<version>1.0</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>aliyun-sdk-sts</artifactId>
<version>1.0</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>aliyun-sdk-oss</artifactId>
<version>1.0</version>
</dependency>
使用springboot集成
将官方文档里的核心代码提出,写到自己的工程中去。
流程
- 根据配置创建一个DefaultAcsClient
IClientProfile profile = DefaultProfile.getProfile(REGION_CN_HANGZHOU, accessKeyId, accessKeySecret);
DefaultAcsClient client = new DefaultAcsClient(profile);
- 发送请求
AssumeRoleResponse response = client.getAcsResponse(request);
- 解析请求
respMap.put("StatusCode", "200");
respMap.put("AccessKeyId",stsResponse.getCredentials().getAccessKeyId());
respMap.put("AccessKeySecret",stsResponse.getCredentials().getAccessKeySecret());
respMap.put("SecurityToken",stsResponse.getCredentials().getSecurityToken());
respMap.put("Expiration",stsResponse.getCredentials().getExpiration());
- 返回给app
@RequestMapping("/token")
public Map<String, String> token(UserBaseDTO dto){
Map<String, String> token = aliOssTokenServer.genToken();
return token;
}
具体代码实现
package com.youthwo.byealone.byealone_toc.business;
import com.aliyuncs.DefaultAcsClient;
import com.aliyuncs.exceptions.ClientException;
import com.aliyuncs.http.MethodType;
import com.aliyuncs.http.ProtocolType;
import com.aliyuncs.profile.DefaultProfile;
import com.aliyuncs.profile.IClientProfile;
import com.aliyuncs.sts.model.v20150401.AssumeRoleRequest;
import com.aliyuncs.sts.model.v20150401.AssumeRoleResponse;
import org.springframework.stereotype.Component;
import javax.servlet.http.HttpServletResponse;
import java.util.LinkedHashMap;
import java.util.Map;
@Component
public class AliOssTokenServer {
public static final String REGION_CN_HANGZHOU = "cn-hangzhou";
public static final String STS_API_VERSION = "2015-04-01";
protected AssumeRoleResponse assumeRole(String accessKeyId, String accessKeySecret, String roleArn,
String roleSessionName, String policy, ProtocolType protocolType, long durationSeconds) throws ClientException
{
try {
// 创建一个 Aliyun Acs Client, 用于发起 OpenAPI 请求
IClientProfile profile = DefaultProfile.getProfile(REGION_CN_HANGZHOU, accessKeyId, accessKeySecret);
DefaultAcsClient client = new DefaultAcsClient(profile);
// 创建一个 AssumeRoleRequest 并设置请求参数
final AssumeRoleRequest request = new AssumeRoleRequest();
request.setVersion(STS_API_VERSION);
request.setMethod(MethodType.POST);
request.setProtocol(protocolType);
request.setRoleArn(roleArn);
request.setRoleSessionName(roleSessionName);
request.setPolicy(policy);
request.setDurationSeconds(durationSeconds);
// 发起请求,并得到response
final AssumeRoleResponse response = client.getAcsResponse(request);
return response;
} catch (ClientException e) {
throw e;
}
}
public Map<String, String> genToken(){
String accessKeyId = "自己的key";
String accessKeySecret = "自己的KeySecret";
String roleArn = "自己的roleArn";
long durationSeconds = 900;
//这里policy对应,文档里的
String policy = "{\n" +
" \"Statement\": [\n" +
" {\n" +
" \"Action\": [\n" +
" \"oss:PutObject\",\n" +
" \"oss:ListParts\",\n" +
" \"oss:AbortMultipartUpload\"\n" +
" ],\n" +
" \"Effect\": \"Allow\",\n" +
" \"Resource\": [\"acs:oss:*:*:hg-toc-test/202006*\"]\n" +
" }\n" +
" ],\n" +
" \"Version\": \"1\"\n" +
"}\n";
String roleSessionName = "alice-001";
// 此处必须为 HTTPS
ProtocolType protocolType = ProtocolType.HTTPS;
Map<String, String> respMap = new LinkedHashMap<String, String>();
try {
final AssumeRoleResponse stsResponse = assumeRole(accessKeyId, accessKeySecret, roleArn, roleSessionName,
policy, protocolType, durationSeconds);
respMap.put("StatusCode", "200");
respMap.put("AccessKeyId", stsResponse.getCredentials().getAccessKeyId());
respMap.put("AccessKeySecret", stsResponse.getCredentials().getAccessKeySecret());
respMap.put("SecurityToken", stsResponse.getCredentials().getSecurityToken());
respMap.put("Expiration", stsResponse.getCredentials().getExpiration());
} catch (ClientException e) {
respMap.put("StatusCode", "500");
respMap.put("ErrorCode", e.getErrCode());
respMap.put("ErrorMessage", e.getErrMsg());
e.printStackTrace();
}
return respMap;
}
}
结果
{
"StatusCode": "200",
"AccessKeyId": "STS.NUg4L5t25Wy1XSRDsKDfNE",
"AccessKeySecret": "7sfBFPnABTNLxuSvrKvRkfhsYVN3L5KM8YEXr4hm",
"SecurityToken": "CAIS2AJ1q6Ft5B2yfSjIr5bSf/aBme0U4LvaWnXjoHMeSOlP14vu1Tz2IHFLf3htBOwWv/0yn25W6P0SlqB6T55OSAmcNZIoaXSSbcznMeT7oMWQweEufvTHcDHh+3eZsebWZ+LmNuu/Ht6md1HDkAJq3LL+bk/Mdle5MJqP+84FC9MMRVuAcCZhDtVbLRcAzcgBLin1NO2xChfwnnGyfE1zoVhVg2Rl9YGixtGd8hPEkGDizugcq/6kQP6eYtJrIY10XvqsweVybdCh6iNL7AVQ/6oExc4z8Dzc7NaGGAsTsVfUM+WR7tpkaRN0fbR9QfYe9KCi198A47KMzNymkU8TZLsEAniGFbrNmpWURLmbUf8ibqv+Nnj31dSCC4L4qQtMYwhAZVwRKod8di8hUEF3FG+Ecf+9i1nOYxa+Ta+ey70x0pdzwFju8MCDO1+VWbKd3DarlTqrtp68XRqAAYX8CwDyXi7/Qhp8Lt5Rcp+MZTBDVVflK2O5yD30IXDfqWEcxHf9gf0XjENLOJ64uhkK+LXAZey1/PPG06Eijkrx+/ai4lcMYGfemaX35TAa",
"Expiration": "2020-06-04T08:55:55Z"
}
最后
上文中出现的参数或者jar都可以在官方文档上找到获取方式。
https://help.aliyun.com/document_detail/31920.html?spm=a2c4g.11186623.6.1570.2302671cBW5SFv
