腾讯云cos-客户端临时密钥
This commit is contained in:
khalil
@@ -80,6 +80,12 @@
|
||||
</exclusions>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.qcloud</groupId>
|
||||
<artifactId>cos-sts_api</artifactId>
|
||||
<version>${tencentcloud-cos-sts-sdk-java.version}</version>
|
||||
</dependency>
|
||||
|
||||
</dependencies>
|
||||
|
||||
|
||||
|
||||
@@ -0,0 +1,14 @@
|
||||
package com.accompany.common.tencent.cos;
|
||||
|
||||
import io.swagger.annotations.ApiModel;
|
||||
import lombok.Data;
|
||||
|
||||
@ApiModel
|
||||
@Data
|
||||
public class TencentCosTempToken {
|
||||
|
||||
private String secretId;
|
||||
private String secretKey;
|
||||
private String sessionToken;
|
||||
|
||||
}
|
||||
@@ -6,6 +6,8 @@ import com.accompany.core.exception.ServiceException;
|
||||
import com.qcloud.cos.COSClient;
|
||||
import com.qcloud.cos.model.PutObjectRequest;
|
||||
import com.qcloud.cos.model.PutObjectResult;
|
||||
import com.tencent.cloud.CosStsClient;
|
||||
import com.tencent.cloud.Response;
|
||||
import lombok.SneakyThrows;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
@@ -13,6 +15,8 @@ import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.io.InputStream;
|
||||
import java.util.Map;
|
||||
import java.util.TreeMap;
|
||||
|
||||
@Slf4j
|
||||
@Service
|
||||
@@ -43,4 +47,59 @@ public class TencentCosUploadService {
|
||||
return prefix + "/" + fileName;
|
||||
}
|
||||
|
||||
@SneakyThrows
|
||||
public TencentCosTempToken getTempToken(){
|
||||
TreeMap<String, Object> configMap = new TreeMap<>();
|
||||
// 替换为您的云 api 密钥 SecretId
|
||||
configMap.put("secretId", config.getSecretId());
|
||||
// 替换为您的云 api 密钥 SecretKey
|
||||
configMap.put("secretKey", config.getSecretKey());
|
||||
|
||||
// 设置域名:
|
||||
// 如果您使用了腾讯云 cvm,可以设置内部域名
|
||||
//configMap.put("host", "sts.internal.tencentcloudapi.com");
|
||||
|
||||
// 临时密钥有效时长,单位是秒,默认 1800 秒,目前主账号最长 2 小时(即 7200 秒),子账号最长 36 小时(即 129600)秒
|
||||
configMap.put("durationSeconds", 1800);
|
||||
|
||||
// 换成您的 bucket
|
||||
configMap.put("bucket", config.getBucket());
|
||||
// 换成 bucket 所在地区
|
||||
configMap.put("region", config.getRegion());
|
||||
|
||||
|
||||
// 这里改成允许的路径前缀,可以根据自己网站的用户登录态判断允许上传的具体路径
|
||||
// 列举几种典型的前缀授权场景:
|
||||
// 1、允许访问所有对象:"*"
|
||||
// 2、允许访问指定的对象:"a/a1.txt", "b/b1.txt"
|
||||
// 3、允许访问指定前缀的对象:"a*", "a/*", "b/*"
|
||||
// 如果填写了“*”,将允许用户访问所有资源;除非业务需要,否则请按照最小权限原则授予用户相应的访问权限范围。
|
||||
configMap.put("allowPrefixes", new String[] {"*"});
|
||||
|
||||
// 密钥的权限列表。必须在这里指定本次临时密钥所需要的权限。
|
||||
// 简单上传、表单上传和分块上传需要以下的权限,其他权限列表请参见 https://intl.cloud.tencent.com/document/product/436/30580
|
||||
String[] allowActions = new String[] {
|
||||
// 简单上传
|
||||
"name/cos:PutObject",
|
||||
// 表单上传、小程序上传
|
||||
"name/cos:PostObject",
|
||||
// 分块上传
|
||||
"name/cos:InitiateMultipartUpload",
|
||||
"name/cos:ListMultipartUploads",
|
||||
"name/cos:ListParts",
|
||||
"name/cos:UploadPart",
|
||||
"name/cos:CompleteMultipartUpload"
|
||||
};
|
||||
configMap.put("allowActions", allowActions);
|
||||
|
||||
Response response = CosStsClient.getCredential(configMap);
|
||||
|
||||
TencentCosTempToken tempToken = new TencentCosTempToken();
|
||||
tempToken.setSecretId(response.credentials.tmpSecretId);
|
||||
tempToken.setSecretKey(response.credentials.tmpSecretKey);
|
||||
tempToken.setSessionToken(response.credentials.sessionToken);
|
||||
|
||||
return tempToken;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -0,0 +1,31 @@
|
||||
package com.accompany.business.controller;
|
||||
|
||||
import com.accompany.common.annotation.Authorization;
|
||||
import com.accompany.common.result.BusiResult;
|
||||
import com.accompany.common.tencent.cos.TencentCosTempToken;
|
||||
import com.accompany.common.tencent.cos.TencentCosUploadService;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import lombok.SneakyThrows;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
@Api(tags = "腾讯云cos上传")
|
||||
@RestController
|
||||
@RequestMapping(value = "/tencent/cos")
|
||||
public class TencentCosController {
|
||||
|
||||
@Autowired
|
||||
private TencentCosUploadService uploadService;
|
||||
|
||||
@ApiOperation("获取文件上传凭证")
|
||||
@SneakyThrows
|
||||
@Authorization
|
||||
@GetMapping("/getToken")
|
||||
public BusiResult<TencentCosTempToken> getToken() {
|
||||
return BusiResult.success(uploadService.getTempToken());
|
||||
}
|
||||
|
||||
}
|
||||
@@ -93,6 +93,7 @@
|
||||
<commons-lang.version>2.6</commons-lang.version>
|
||||
<tencentcloud-sdk-java.version>3.1.781</tencentcloud-sdk-java.version>
|
||||
<tencentcloud-cos-sdk-java.version>5.6.179</tencentcloud-cos-sdk-java.version>
|
||||
<tencentcloud-cos-sts-sdk-java.version>3.1.1</tencentcloud-cos-sts-sdk-java.version>
|
||||
<rocketmq-spring-boot.version>2.2.3</rocketmq-spring-boot.version>
|
||||
<kaptcha.version>2.3.2</kaptcha.version>
|
||||
<hippo4j-core.version>1.5.0</hippo4j-core.version>
|
||||
|
||||
Reference in New Issue
Block a user