阿里雲OSS生成sts令牌
阿新 • • 發佈:2020-12-09
業務場景:
如果前端直接上傳檔案到OSS,勢必要暴露令牌,無法精準控制上傳內容等,使用臨時令牌即可解決這個問題.
先去阿里雲後臺設定好token,角色,地區等
pom.xml
<dependency>
<groupId>com.aliyun.oss</groupId>
<artifactId>aliyun-sdk-oss</artifactId>
</dependency>
生成阿里雲臨時安全令牌(Security Token Service,STS)
@Service public class OssServicesImpl implements OssServices { @Value("${oss.AccessKeyId}") private String AccessKeyId; @Value("${oss.accessKeySecret}") private String accessKeySecret; @Value("${oss.roleArn}") private String roleArn; @Value("${oss.regionId}") private String regionId; /** * 生成臨時令牌,用來上傳檔案到oss * @param roleSessionName 使用者角色識別符號號,格式:^[a-zA-Z0-9\.@\-_]+$ 2-50個字元 * @return 臨時令牌 */ @Override public AssumeRoleResponse getSTS(String roleSessionName) { DefaultProfile profile = DefaultProfile.getProfile(regionId, AccessKeyId, accessKeySecret); IAcsClient client = new DefaultAcsClient(profile); AssumeRoleRequest request = new AssumeRoleRequest(); request.setRoleArn(roleArn); request.setRoleSessionName(roleSessionName); request.setDurationSeconds(1000L); // 設定憑證有效時間 try { return client.getAcsResponse(request); } catch (ClientException e) { System.out.println("Failed:"); System.out.println("Error code: " + e.getErrCode()); System.out.println("Error message: " + e.getErrMsg()); System.out.println("RequestId: " + e.getRequestId()); } return null; } }