阿里云oss url授权上传和下载

       使用阿里云oss进行文件上传,一般都是通过前端或者客户端直接将文件直接上传到oss,不过上传中需要oss账号和key, 直接暴露在客户端风险太大,查了下oss的使用文档,发现授权访问的方式保证账号安全,受实际环境限制,采用了签名URL进行临时授权的方式,客户端需要上传/下载的文件先向服务端请求授权,服务端生成签名url后返回给客户端,客户端使用该url在有效时间内可以不需要账号直接进行上传/下载操作。

pom 文件添加

 
      com.aliyun.oss
      aliyun-sdk-oss
      2.7.0
 

新增配置文件ossConfig.properties 

ossConfig.accessId=XXX
ossConfig.accessKey=XXX
ossConfig.endpoint=xxx-cn-hangzhou.aliyuncs.com
ossConfig.appBucket=xxx-center-cloud
ossConfig.appFileHost=http://${appBucket}.${endpoint}

 加载配置文件:


import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;

@Component("ossConfig")
@ConfigurationProperties(prefix="ossConfig")
@Data
public class OssConfig {

	private String accessId;

	private String accessKey;

	private String endpoint;
	
	private String appBucket;

	private String appFileHost;
}

 url授权上传/下载


import com.alibaba.fastjson.JSON;
import com.aliyun.oss.HttpMethod;
import com.aliyun.oss.OSSClient;
import com.aliyun.oss.model.GeneratePresignedUrlRequest;
import com.aliyun.oss.model.ListObjectsRequest;
import com.aliyun.oss.model.OSSObjectSummary;
import com.aliyun.oss.model.ObjectListing;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import org.apache.commons.io.IOUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import java.net.URL;
import java.util.Date;
import java.util.List;
import java.util.Map;

import static com.shunwang.diskless.common.util.EqualUtil.eqs;
import static java.util.stream.Collectors.toList;


@Controller
public class OssAuthorize2Controller {

    //有效时间15分钟
    private long maxExpirationSec=60*15;

    @Autowired
    private OssConfig ossConfig;


    /**
     *授权上传
     */
    @RequestMapping(value="getUploadFileUrl",produces = "application/json;charset=UTF-8")
    @ResponseBody
    public Object getUploadFileUrl(String object,Long expiration, String callback,String callbackVar){

        String objectFullName=object;

        if(expiration==null||expiration>maxExpirationSec){
            expiration=maxExpirationSec;
        }

        OSSClient ossClient  = new OSSClient(ossConfig.getEndpoint(), ossConfig.getAccessId(), ossConfig.getAccessKey());

        // 生成签名URL。
        GeneratePresignedUrlRequest request = new GeneratePresignedUrlRequest(ossConfig.getAppBucket(), objectFullName, HttpMethod.PUT);
        // 设置过期时间。
        Date expirationDate = new Date(System.currentTimeMillis()+expiration*1000);
        request.setExpiration(expirationDate);
        // 设置Content-Type。
        request.setContentType("application/octet-stream;charset=utf-8");

        //处理oss上传成功需要回调的
        if(callback!=null&&callbackVar!=null) {
            Map hmap = Maps.newHashMap();
            hmap.put("x-oss-callback", callback);
            hmap.put("x-oss-callback-var", callbackVar);
            request.setHeaders(hmap);
        }
        // 生成签名URL(HTTP PUT请求)。
        URL signedUrl = ossClient.generatePresignedUrl(request);
        ossClient.shutdown();
        return ReturnInfo.success(ImmutableMap.of("uploadUrl",signedUrl.toString(),"object",object));
    }

     /**
     *授权上传
     */
    @RequestMapping(value="getDownLoadFileUrl",produces = "application/json;charset=UTF-8")
    @ResponseBody
    public Object getDownLoadFileUrl(String object,Long expiration){

        String objectFullName=object;


        OSSClient ossClient  = new OSSClient(ossConfig.getEndpoint(), ossConfig.getAccessId(), ossConfig.getAccessKey());
        final int maxKeys = 200;
        String nextMarker = null;
        ObjectListing objectListing;
        List fileVoList= Lists.newArrayList();
        do {
            //根据指定前缀获取批量文件
            objectListing = ossClient.listObjects(new ListObjectsRequest(ossConfig.getAppBucket()).withPrefix(objectFullName).withMarker(nextMarker).withMaxKeys(maxKeys));
            List sums = objectListing.getObjectSummaries();
            for (OSSObjectSummary s : sums) {
                FileVo vo=new FileVo(){
    {
                    setFileKey(s.getKey());
                    setSize(s.getSize());
                    setTime(s.getLastModified().getTime()/1000);
                }};
                fileVoList.add(vo);
            }
            nextMarker = objectListing.getNextMarker();
        } while (objectListing.isTruncated());


        for(FileVo vo:fileVoList){
            GeneratePresignedUrlRequest request = new GeneratePresignedUrlRequest(bucket, vo.getFileKey(), HttpMethod.GET);
            // 设置过期时间。
            Date expirationDate = new Date(System.currentTimeMillis()+expiration*1000);
            request.setExpiration(expirationDate);
            request.setContentType("application/octet-stream;charset=utf-8");
            // 生成签名URL(HTTP PUT请求)。
            URL signedUrl = ossClient.generatePresignedUrl(request);
            vo.setUrl(signedUrl.toString());
        }
        ossClient.shutdown();
        return ReturnInfo.success(ImmutableMap.of("files",fileVoList));

    }
}

 

你可能感兴趣的:(阿里云oss url授权上传和下载)