Examples with Credentials com.aliyuncs.auth.sts.AssumeRoleResponse.Credentials used on opensource projects

Example 1 with Credentials

use of com.aliyuncs.auth.sts.AssumeRoleResponse.Credentials in project cloud-sdk by mizhousoft.

the class AliyunObjectStorageServiceImpl method getUploadTempCredential.

/**
 * {@inheritDoc}
 */
@Override
public OSSTempCredential getUploadTempCredential(String bucketName, Set<String> objectNames, int oneDurationSeconds) throws CloudSDKException {
    String policy = "{\"Version\":\"1\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"oss:PutObject\"],\"Resource\":[\"acs:oss:*:*:*\"]}]}";
    try {
        // 添加endpoint（直接使用STS endpoint，前两个参数留空，无需添加region ID）
        DefaultProfile.addEndpoint("", "Sts", profile.getStsEndpoint());
        // 构造default profile（参数留空，无需添加region ID）
        IClientProfile clientProfile = DefaultProfile.getProfile("", profile.getAccessKey(), profile.getSecretKey());
        // 用profile构造client
        DefaultAcsClient client = new DefaultAcsClient(clientProfile);
        final AssumeRoleRequest request = new AssumeRoleRequest();
        request.setSysMethod(MethodType.POST);
        request.setRoleArn(profile.getRoleArn());
        request.setRoleSessionName(profile.getRoleSessionName());
        // 若policy为空，则用户将获得该角色下所有权限
        request.setPolicy(policy);
        // 设置凭证有效时间
        request.setDurationSeconds((long) oneDurationSeconds);
        final AssumeRoleResponse response = client.getAcsResponse(request);
        Credentials credentials = response.getCredentials();
        OSSTempCredential tc = new OSSTempCredential();
        tc.setSecretId(credentials.getAccessKeyId());
        tc.setSecretKey(credentials.getAccessKeySecret());
        tc.setToken(credentials.getSecurityToken());
        tc.setBucketName(bucketName);
        tc.setObjectNames(objectNames);
        tc.setRegion(profile.getRegion());
        return tc;
    } catch (Throwable e) {
        throw new CloudSDKException(e.getMessage(), e);
    }
}