88 lines
2.6 KiB
Go
88 lines
2.6 KiB
Go
|
package aliyun
|
|||
|
|
|
|||
|
|
import (
|
|||
|
|
"errors"
|
|||
|
|
"github.com/aliyun/alibabacloud-oss-go-sdk-v2/oss"
|
|||
|
|
"github.com/aliyun/alibabacloud-oss-go-sdk-v2/oss/credentials"
|
|||
|
|
stsToken "github.com/aliyun/aliyun-sts-go-sdk/sts"
|
|||
|
|
"github.com/go-admin-team/go-admin-core/logger"
|
|||
|
|
"golang.org/x/net/context"
|
|||
|
|
"os"
|
|||
|
|
"time"
|
|||
|
|
)
|
|||
|
|
|
|||
|
|
const (
|
|||
|
|
AliyunAccessKeyID = "LTAI5t9sZ7ZhEirYKETbEhbJ"
|
|||
|
|
AliyunAccessKeySecret = "mtDxepQAAhzQ7g2aQsB5Hq2339ryAI"
|
|||
|
|
AliyunRoleArn = "acs:ram::1069419146450879:role/aliyunoss"
|
|||
|
|
AliyunOssBucketName = "yy-telecom"
|
|||
|
|
AliyunOssUrl = "https://yy-telecom.oss-cn-shenzhen.aliyuncs.com/"
|
|||
|
|
AliyunOssRegion = "cn-shenzhen"
|
|||
|
|
|
|||
|
|
ExpiredTime = 3600
|
|||
|
|
)
|
|||
|
|
|
|||
|
|
type UploadInfo struct {
|
|||
|
|
AccessKeyId string `json:"access_key_id"`
|
|||
|
|
AccessKeySecret string `json:"access_key_secret"`
|
|||
|
|
Expiration int64 `json:"expiration"`
|
|||
|
|
SecurityToken string `json:"security_token"`
|
|||
|
|
BucketName string `json:"bucket_name"`
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
// init函数用于初始化命令行参数
|
|||
|
|
func init() {
|
|||
|
|
os.Setenv("OSS_ACCESS_KEY_ID", AliyunAccessKeyID)
|
|||
|
|
os.Setenv("OSS_ACCESS_KEY_SECRET", AliyunAccessKeySecret)
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
// GenStsToken uid用来区分sts授予了哪个用户,可以传将用户uid转为string传入
|
|||
|
|
// 传入的字符串长度必须大于1
|
|||
|
|
// stsToken的默认有效时间为一小时
|
|||
|
|
func GenStsToken(uid string) (*UploadInfo, error) {
|
|||
|
|
stsClient := stsToken.NewClient(AliyunAccessKeyID, AliyunAccessKeySecret, AliyunRoleArn, uid)
|
|||
|
|
|
|||
|
|
resp, err := stsClient.AssumeRole(ExpiredTime)
|
|||
|
|
if err != nil {
|
|||
|
|
return nil, err
|
|||
|
|
}
|
|||
|
|
logger.Error("err:%v", err)
|
|||
|
|
logger.Info("AssumeRole:resp:%v", resp)
|
|||
|
|
uploadInfo := &UploadInfo{
|
|||
|
|
AccessKeyId: resp.Credentials.AccessKeyId,
|
|||
|
|
AccessKeySecret: resp.Credentials.AccessKeySecret,
|
|||
|
|
Expiration: resp.Credentials.Expiration.Unix(),
|
|||
|
|
SecurityToken: resp.Credentials.SecurityToken,
|
|||
|
|
BucketName: AliyunOssBucketName,
|
|||
|
|
}
|
|||
|
|
return uploadInfo, nil
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
// GeneratePresignedURL 生成 OSS 对象的预签名 URL
|
|||
|
|
func GeneratePresignedURL(objectName string) (string, error) {
|
|||
|
|
if objectName == "" {
|
|||
|
|
return "", errors.New("invalid parameters: object are required")
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
// 加载默认配置并设置凭证提供者和区域
|
|||
|
|
cfg := oss.LoadDefaultConfig().
|
|||
|
|
WithCredentialsProvider(credentials.NewEnvironmentVariableCredentialsProvider()).
|
|||
|
|
WithRegion(AliyunOssRegion)
|
|||
|
|
|
|||
|
|
// 创建 OSS 客户端
|
|||
|
|
client := oss.NewClient(cfg)
|
|||
|
|
|
|||
|
|
// 生成 GetObject 的预签名 URL
|
|||
|
|
result, err := client.Presign(context.TODO(), &oss.GetObjectRequest{
|
|||
|
|
Bucket: oss.Ptr(AliyunOssBucketName),
|
|||
|
|
Key: oss.Ptr(objectName),
|
|||
|
|
},
|
|||
|
|
oss.PresignExpires(5*time.Minute),
|
|||
|
|
)
|
|||
|
|
if err != nil {
|
|||
|
|
return "", err
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
return result.URL, nil
|
|||
|
|
}
|