use of com.mizhousoft.cloudsdk.oss.OSSTempCredential in project cloud-sdk by mizhousoft.
the class COSObjectStorageServiceImpl method getUploadTempCredential.
/**
* {@inheritDoc}
*/
@Override
public OSSTempCredential getUploadTempCredential(String bucketName, Set<String> objectNames, int oneDurationSeconds) throws CloudSDKException {
TreeMap<String, Object> config = new TreeMap<String, Object>();
// 固定密钥
config.put("SecretId", profile.getAccessKey());
// 固定密钥
config.put("SecretKey", profile.getSecretKey());
// 临时密钥有效时长,单位是秒
int durationSeconds = oneDurationSeconds * objectNames.size();
config.put("durationSeconds", durationSeconds);
try {
List<Scope> scopes = new ArrayList<>(5);
for (String objectName : objectNames) {
scopes.add(new Scope("name/cos:PutObject", bucketName, profile.getRegion(), objectName));
scopes.add(new Scope("name/cos:PostObject", bucketName, profile.getRegion(), objectName));
}
String policy = CosStsClient.getPolicy(scopes);
config.put("policy", policy);
JSONObject credential = CosStsClient.getCredential(config);
JSONObject cre = credential.getJSONObject("credentials");
String tmpSecretId = cre.getString("tmpSecretId");
String tmpSecretKey = cre.getString("tmpSecretKey");
String token = cre.getString("sessionToken");
long startTime = credential.getLong("startTime");
long expiredTime = credential.getLong("expiredTime");
OSSTempCredential tc = new OSSTempCredential();
tc.setExpiredTime(expiredTime);
tc.setSecretId(tmpSecretId);
tc.setSecretKey(tmpSecretKey);
tc.setToken(token);
tc.setStartTime(startTime);
tc.setBucketName(bucketName);
tc.setRegion(profile.getRegion());
tc.setObjectNames(objectNames);
return tc;
} catch (IOException e) {
throw new CloudSDKException(e.getMessage(), e);
}
}
use of com.mizhousoft.cloudsdk.oss.OSSTempCredential in project cloud-sdk by mizhousoft.
the class AliyunObjectStorageServiceImpl method getUploadTempCredential.
/**
* {@inheritDoc}
*/
@Override
public OSSTempCredential getUploadTempCredential(String bucketName, Set<String> objectNames, int oneDurationSeconds) throws CloudSDKException {
String policy = "{\"Version\":\"1\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"oss:PutObject\"],\"Resource\":[\"acs:oss:*:*:*\"]}]}";
try {
// 添加endpoint(直接使用STS endpoint,前两个参数留空,无需添加region ID)
DefaultProfile.addEndpoint("", "Sts", profile.getStsEndpoint());
// 构造default profile(参数留空,无需添加region ID)
IClientProfile clientProfile = DefaultProfile.getProfile("", profile.getAccessKey(), profile.getSecretKey());
// 用profile构造client
DefaultAcsClient client = new DefaultAcsClient(clientProfile);
final AssumeRoleRequest request = new AssumeRoleRequest();
request.setSysMethod(MethodType.POST);
request.setRoleArn(profile.getRoleArn());
request.setRoleSessionName(profile.getRoleSessionName());
// 若policy为空,则用户将获得该角色下所有权限
request.setPolicy(policy);
// 设置凭证有效时间
request.setDurationSeconds((long) oneDurationSeconds);
final AssumeRoleResponse response = client.getAcsResponse(request);
Credentials credentials = response.getCredentials();
OSSTempCredential tc = new OSSTempCredential();
tc.setSecretId(credentials.getAccessKeyId());
tc.setSecretKey(credentials.getAccessKeySecret());
tc.setToken(credentials.getSecurityToken());
tc.setBucketName(bucketName);
tc.setObjectNames(objectNames);
tc.setRegion(profile.getRegion());
return tc;
} catch (Throwable e) {
throw new CloudSDKException(e.getMessage(), e);
}
}
Aggregations