use of com.qcloud.cos.exception.CosClientException in project cos-java-sdk-v5 by tencentyun.
the class InstanceMetadataCredentialsEndpointProvider method getCredentialsEndpoint.
@Override
public URI getCredentialsEndpoint() throws URISyntaxException, IOException {
if (null != this.roleName && !this.roleName.isEmpty()) {
return new URI(this.instance.METADATA_SERVICE_URL + this.instance.METADATA_CREDENTIALS_RESOURCE + "/" + this.roleName);
}
// Try to get a valid role.
LOG.debug("The role name is not specified. Trying to get a valid role name from the instance.");
String roles = InstanceCredentialsUtils.getInstance().readResource(new URI(this.instance.METADATA_SERVICE_URL + this.instance.METADATA_CREDENTIALS_RESOURCE));
String[] roleList = roles.trim().split("\n");
if (0 == roleList.length) {
throw new CosClientException("Unable to load the credentials path. No valid cam role was found.");
}
LOG.info("Use the role [{}] to obtain the credentials.", roleList[0]);
return new URI(this.instance.METADATA_SERVICE_URL + this.instance.METADATA_CREDENTIALS_RESOURCE + "/" + roleList[0]);
}
use of com.qcloud.cos.exception.CosClientException in project cos-java-sdk-v5 by tencentyun.
the class AsymmetricKeyEncryptionClientDemo method createCosClient.
static COSClient createCosClient(String region) {
// 初始化用户身份信息(secretId, secretKey)
COSCredentials cred = new BasicCOSCredentials("AKIDxxxxxxxxxxxxxxxxxxxxxxxxxxx", "yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy");
// 设置bucket的区域, COS地域的简称请参照 https://www.qcloud.com/document/product/436/6224
ClientConfig clientConfig = new ClientConfig(new Region(region));
// 为防止请求头部被篡改导致的数据无法解密,强烈建议只使用 https 协议发起请求
clientConfig.setHttpProtocol(HttpProtocol.https);
KeyPair asymKeyPair = null;
try {
// 加载保存在文件中的秘钥, 如果不存在,请先使用buildAndSaveAsymKeyPair生成秘钥
// buildAndSaveAsymKeyPair();
asymKeyPair = loadAsymKeyPair();
} catch (Exception e) {
throw new CosClientException(e);
}
// 初始化 KMS 加密材料
EncryptionMaterials encryptionMaterials = new EncryptionMaterials(asymKeyPair);
// 使用AES/GCM模式,并将加密信息存储在文件元信息中.
CryptoConfiguration cryptoConf = new CryptoConfiguration(CryptoMode.AesCtrEncryption).withStorageMode(CryptoStorageMode.ObjectMetadata);
// // 如果 kms 服务的 region 与 cos 的 region 不一致,则在加密信息里指定 kms 服务的 region
// cryptoConf.setKmsRegion(kmsRegion);
// // 如果需要可以为 KMS 服务的 cmk 设置对应的描述信息。
// encryptionMaterials.addDescription("kms-region", "guangzhou");
// 生成加密客户端EncryptionClient, COSEncryptionClient是COSClient的子类, 所有COSClient支持的接口他都支持。
// EncryptionClient覆盖了COSClient上传下载逻辑,操作内部会执行加密操作,其他操作执行逻辑和COSClient一致
COSEncryptionClient cosEncryptionClient = new COSEncryptionClient(new COSStaticCredentialsProvider(cred), new StaticEncryptionMaterialsProvider(encryptionMaterials), clientConfig, cryptoConf);
return cosEncryptionClient;
}
use of com.qcloud.cos.exception.CosClientException in project cos-java-sdk-v5 by tencentyun.
the class KmsUploadDemo method CopyObjectWithKmsMeta.
public static void CopyObjectWithKmsMeta() {
COSCredentials cred = new BasicCOSCredentials("SECRET_ID", "SECRET_KEY");
// 2 设置bucket的区域, COS地域的简称请参照 https://www.qcloud.com/document/product/436/6224
ClientConfig clientConfig = new ClientConfig(new Region("ap-guangzhou"));
// 设置使用https请求
clientConfig.setHttpProtocol(HttpProtocol.https);
// 3 生成cos客户端
COSClient cosclient = new COSClient(cred, clientConfig);
// bucket名需包含appid
String kmsKeyId = "your-kms-key-id";
String encryptionContext = Base64.encodeAsString("{\"Ssekmstest\":\"Ssekmstest\"}".getBytes());
// 要拷贝的bucket region, 支持跨园区拷贝
Region srcBucketRegion = new Region("ap-guangzhou");
// 源bucket, bucket名需包含appid
String srcBucketName = "mybucket-1251668577";
// 要拷贝的源文件
String srcKey = "aaa/bbb.txt";
// 目的bucket, bucket名需包含appid
String destBucketName = "mybucket-1251668577";
// 要拷贝的目的文件
String destKey = "ccc/ddd.txt";
CopyObjectRequest copyObjectRequest = new CopyObjectRequest(srcBucketRegion, srcBucketName, srcKey, destBucketName, destKey);
copyObjectRequest.setSSECOSKeyManagementParams(new SSECOSKeyManagementParams(kmsKeyId, encryptionContext));
try {
CopyObjectResult copyObjectResult = cosclient.copyObject(copyObjectRequest);
String crc64 = copyObjectResult.getCrc64Ecma();
} catch (CosServiceException e) {
e.printStackTrace();
} catch (CosClientException e) {
e.printStackTrace();
}
// 关闭客户端
cosclient.shutdown();
}
use of com.qcloud.cos.exception.CosClientException in project cos-java-sdk-v5 by tencentyun.
the class KmsUploadDemo method SimpleUploadWithKmsMeta.
public static void SimpleUploadWithKmsMeta() {
COSCredentials cred = new BasicCOSCredentials("SECRET_ID", "SECRET_KEY");
// 2 设置bucket的区域, COS地域的简称请参照 https://www.qcloud.com/document/product/436/6224
ClientConfig clientConfig = new ClientConfig(new Region("ap-guangzhou"));
// 设置使用https请求
clientConfig.setHttpProtocol(HttpProtocol.https);
// 3 生成cos客户端
COSClient cosclient = new COSClient(cred, clientConfig);
// bucket名需包含appid
String bucketName = "mybucket-1251668577";
String key = "aaa/bbb.txt";
File localFile = new File("/test.log");
PutObjectRequest putObjectRequest = new PutObjectRequest(bucketName, key, localFile);
String kmsKeyId = "your-kms-key-id";
String encryptionContext = Base64.encodeAsString("{\"Ssekmstest\":\"Ssekmstest\"}".getBytes());
SSECOSKeyManagementParams ssecosKeyManagementParams = new SSECOSKeyManagementParams(kmsKeyId, encryptionContext);
putObjectRequest.setSSECOSKeyManagementParams(ssecosKeyManagementParams);
// 服务端加密场景下,返回的etag不再代表文件的md5,所以需要去掉客户端的md5校验
// 如有需要,可获取crc64,自行校验
System.setProperty(SkipMd5CheckStrategy.DISABLE_PUT_OBJECT_MD5_VALIDATION_PROPERTY, "true");
try {
PutObjectResult putObjectResult = cosclient.putObject(putObjectRequest);
// putobjectResult会返回文件的etag
String etag = putObjectResult.getETag();
String crc64 = putObjectResult.getCrc64Ecma();
} catch (CosServiceException e) {
e.printStackTrace();
} catch (CosClientException e) {
e.printStackTrace();
}
// 关闭客户端
cosclient.shutdown();
}
use of com.qcloud.cos.exception.CosClientException in project cos-java-sdk-v5 by tencentyun.
the class KmsUploadDemo method MultipartUploadWithKmsMeta.
public static void MultipartUploadWithKmsMeta() {
COSCredentials cred = new BasicCOSCredentials("SECRET_ID", "SECRET_KEY");
// 2 设置bucket的区域, COS地域的简称请参照 https://www.qcloud.com/document/product/436/6224
ClientConfig clientConfig = new ClientConfig(new Region("ap-guangzhou"));
// 设置使用https请求
clientConfig.setHttpProtocol(HttpProtocol.https);
// 3 生成cos客户端
COSClient cosclient = new COSClient(cred, clientConfig);
// bucket名需包含appid
String bucketName = "mybucket-1251668577";
String key = "aaa/bbb.txt";
String kmsKeyId = "your-kms-key-id";
String encryptionContext = Base64.encodeAsString("{\"Ssekmstest\":\"Ssekmstest\"}".getBytes());
InitiateMultipartUploadRequest initiateMultipartUploadRequest = new InitiateMultipartUploadRequest(bucketName, key);
SSECOSKeyManagementParams ssecosKeyManagementParams = new SSECOSKeyManagementParams(kmsKeyId, encryptionContext);
// 服务端加密场景下,返回的etag不再代表文件的md5,所以需要去掉客户端的md5校验
// 如有需要,可获取crc64,自行校验
System.setProperty(SkipMd5CheckStrategy.DISABLE_PUT_OBJECT_MD5_VALIDATION_PROPERTY, "true");
initiateMultipartUploadRequest.setSSECOSKeyManagementParams(ssecosKeyManagementParams);
try {
InitiateMultipartUploadResult initiateMultipartUploadResult = cosclient.initiateMultipartUpload(initiateMultipartUploadRequest);
List<PartETag> partETags = new LinkedList<>();
for (int i = 0; i < 2; i++) {
byte[] data = new byte[1024 * 1024];
UploadPartRequest uploadPartRequest = new UploadPartRequest();
uploadPartRequest.setBucketName(bucketName);
uploadPartRequest.setKey(key);
uploadPartRequest.setUploadId(initiateMultipartUploadResult.getUploadId());
// 设置分块的数据来源输入流
uploadPartRequest.setInputStream(new ByteArrayInputStream(data));
// 设置分块的长度
// 设置数据长度
uploadPartRequest.setPartSize(data.length);
// 假设要上传的part编号是10
uploadPartRequest.setPartNumber(i + 1);
UploadPartResult uploadPartResult = cosclient.uploadPart(uploadPartRequest);
PartETag partETag = uploadPartResult.getPartETag();
partETags.add(partETag);
}
CompleteMultipartUploadRequest completeMultipartUploadRequest = new CompleteMultipartUploadRequest(bucketName, key, initiateMultipartUploadResult.getUploadId(), partETags);
CompleteMultipartUploadResult completeResult = cosclient.completeMultipartUpload(completeMultipartUploadRequest);
} catch (CosServiceException e) {
e.printStackTrace();
} catch (CosClientException e) {
e.printStackTrace();
}
// 关闭客户端
cosclient.shutdown();
}
Aggregations