恢复老接口

2025-05-09 09:49:17 +08:00 · 2025-05-09 09:49:17 +08:00 · 4f860cca07
parent bea324aa56
commit 4f860cca07
1 changed files with 48 additions and 1 deletions
--- a/IRaCIS.Core.API/Controllers/ExtraController.cs
+++ b/IRaCIS.Core.API/Controllers/ExtraController.cs
@ -1,4 +1,5 @@
-using Amazon.Auth.AccessControlPolicy;
+using AlibabaCloud.SDK.Sts20150401;
+using Amazon.Auth.AccessControlPolicy;
 using Amazon.SecurityToken;
 using Azure.Core;
 using IdentityModel.Client;
@ -450,7 +451,53 @@ namespace IRaCIS.Api.Controllers
            return tempToken;
        }

+        #region 老项目依赖

+        [HttpGet("user/GenerateSTS")]
+        public IResponseOutput GenerateSTS([FromServices] IOptionsMonitor<ObjectStoreServiceOptions> options)
+        {
+
+            var ossOptions = options.CurrentValue.AliyunOSS;
+
+            var client = new Client(new AlibabaCloud.OpenApiClient.Models.Config()
+            {
+                AccessKeyId = ossOptions.AccessKeyId,
+                AccessKeySecret = ossOptions.AccessKeySecret,
+                Endpoint = "sts.cn-hangzhou.aliyuncs.com"
+            });
+
+            var assumeRoleRequest = new AlibabaCloud.SDK.Sts20150401.Models.AssumeRoleRequest();
+            // 将<YOUR_ROLE_SESSION_NAME>设置为自定义的会话名称，例如oss-role-session。
+            assumeRoleRequest.RoleSessionName = $"session-name-{NewId.NextGuid()}";
+            // 将<YOUR_ROLE_ARN>替换为拥有上传文件到指定OSS Bucket权限的RAM角色的ARN。
+            assumeRoleRequest.RoleArn = ossOptions.RoleArn;
+            //assumeRoleRequest.RoleArn = "acs:ram::1899121822495495:role/webdirect";
+            assumeRoleRequest.DurationSeconds = ossOptions.DurationSeconds;
+            var runtime = new AlibabaCloud.TeaUtil.Models.RuntimeOptions();
+            var response = client.AssumeRoleWithOptions(assumeRoleRequest, runtime);
+            var credentials = response.Body.Credentials;
+
+
+
+            // 返回STS令牌信息给前端
+            var stsToken = new
+            {
+                AccessKeyId = credentials.AccessKeyId,
+                AccessKeySecret = credentials.AccessKeySecret,
+                SecurityToken = credentials.SecurityToken,
+                Expiration = credentials.Expiration,
+
+                Region = ossOptions.Region,
+                BucketName = ossOptions.BucketName,
+                ViewEndpoint = ossOptions.ViewEndpoint,
+
+            };
+
+            return ResponseOutput.Ok(stsToken);
+
+        }
+
+        #endregion


        [HttpGet("User/UserRedirect")]