XCKJ
/
irc-netcore-api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'Test_IRC_Net8' of https://gitea.frp.extimaging.com/XCKJ/irc-netcore-api into Test_IRC_Net8
continuous-integration/drone/push Build is passing Details

IRC_NewDev
he 2024-09-04 09:50:54 +08:00
parent 35d7202fc3 cec6174bb6
commit 61780a3fe8
4 changed files with 120 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

93
IRaCIS.Core.API/Controllers/ExtraController.cs
View File

@ -33,6 +33,10 @@ using ZiggyCreatures.Caching.Fusion;
using AlibabaCloud.SDK.Sts20150401; using AlibabaCloud.SDK.Sts20150401;
using AlibabaCloud.SDK.Sts20150401.Models; using AlibabaCloud.SDK.Sts20150401.Models;
using Org.BouncyCastle.Tls; using Org.BouncyCastle.Tls;
using Amazon.SecurityToken.Model;
using Amazon.SecurityToken;
using Amazon;
using AssumeRoleRequest = Amazon.SecurityToken.Model.AssumeRoleRequest;
namespace IRaCIS.Api.Controllers namespace IRaCIS.Api.Controllers
{ {
@ -102,10 +106,10 @@ namespace IRaCIS.Api.Controllers
public async Task<IResponseOutput> Login(UserLoginDTO loginUser, public async Task<IResponseOutput> Login(UserLoginDTO loginUser,
[FromServices] IFusionCache _fusionCache, [FromServices] IFusionCache _fusionCache,
[FromServices] IUserService _userService, [FromServices] IUserService _userService,
[FromServices] ITokenService _tokenService, [FromServices] ITokenService _tokenService,
[FromServices] IReadingImageTaskService readingImageTaskService, [FromServices] IReadingImageTaskService readingImageTaskService,
[FromServices] IOptionsMonitor<ServiceVerifyConfigOption> _verifyConfig, [FromServices] IOptionsMonitor<ServiceVerifyConfigOption> _verifyConfig,
[FromServices] IMailVerificationService _mailVerificationService) [FromServices] IMailVerificationService _mailVerificationService)
{ {
//MFA 邮箱验证 前端传递用户Id 和MFACode //MFA 邮箱验证 前端传递用户Id 和MFACode
@ -293,7 +297,7 @@ namespace IRaCIS.Api.Controllers
} }
[HttpGet("user/GetObjectStoreToken")] [HttpGet("user/GetObjectStoreToken")]
public IResponseOutput GetObjectStoreToken([FromServices] IOptionsMonitor<ObjectStoreServiceOptions> options) public async Task<IResponseOutput> GetObjectStoreTokenAsync([FromServices] IOptionsMonitor<ObjectStoreServiceOptions> options)
{ {
var serviceOption = options.CurrentValue; var serviceOption = options.CurrentValue;
@ -338,22 +342,95 @@ namespace IRaCIS.Api.Controllers
}; };
return ResponseOutput.Ok(new ObjectStoreDTO() { ObjectStoreUse = serviceOption.ObjectStoreUse, AliyunOSS = tempToken }); var awstempToken = await GetAWSTemToken(serviceOption);
return ResponseOutput.Ok(new ObjectStoreDTO() { ObjectStoreUse = serviceOption.ObjectStoreUse, AliyunOSS = tempToken,AWS= awstempToken });
} }
else if (Enum.TryParse<ObjectStoreUse>(serviceOption.ObjectStoreUse, out var parsedValue) && parsedValue == ObjectStoreUse.MinIO) else if (Enum.TryParse<ObjectStoreUse>(serviceOption.ObjectStoreUse, out var parsedValue) && parsedValue == ObjectStoreUse.MinIO)
{ {
return ResponseOutput.Ok(new ObjectStoreDTO() { ObjectStoreUse = serviceOption.ObjectStoreUse, MinIO = serviceOption.MinIO, AWS = serviceOption.AWS }); return ResponseOutput.Ok(new ObjectStoreDTO() { ObjectStoreUse = serviceOption.ObjectStoreUse, MinIO = serviceOption.MinIO});
} }
else else
{ {
return ResponseOutput.Ok(new ObjectStoreDTO() { ObjectStoreUse = serviceOption.ObjectStoreUse, MinIO = serviceOption.MinIO, AWS = serviceOption.AWS }); var awsOptions = serviceOption.AWS;
//aws 临时凭证
// 创建 STS 客户端
var stsClient = new AmazonSecurityTokenServiceClient(awsOptions.AccessKeyId, awsOptions.SecretAccessKey);
// 使用 AssumeRole 请求临时凭证
var assumeRoleRequest = new AssumeRoleRequest
{
RoleArn = awsOptions.RoleArn, // 角色 ARN
RoleSessionName = $"session-name-{NewId.NextGuid()}",
DurationSeconds = awsOptions.DurationSeconds // 临时凭证有效期
};
var assumeRoleResponse = await stsClient.AssumeRoleAsync(assumeRoleRequest);
var credentials = assumeRoleResponse.Credentials;
var tempToken = new AWSTempToken()
{
AccessKeyId = credentials.AccessKeyId,
SecretAccessKey = credentials.SecretAccessKey,
SessionToken= credentials.SessionToken,
Expiration=credentials.Expiration,
BucketName = awsOptions.BucketName,
EndPoint = awsOptions.EndPoint,
ViewEndpoint = awsOptions.ViewEndpoint,
};
return ResponseOutput.Ok(new ObjectStoreDTO() { ObjectStoreUse = serviceOption.ObjectStoreUse, MinIO = serviceOption.MinIO, AWS = tempToken });
} }
} }
private async Task<AWSTempToken> GetAWSTemToken(ObjectStoreServiceOptions serviceOption)
{
var awsOptions = serviceOption.AWS;
//aws 临时凭证
// 创建 STS 客户端
var stsClient = new AmazonSecurityTokenServiceClient(awsOptions.AccessKeyId, awsOptions.SecretAccessKey);
// 使用 AssumeRole 请求临时凭证
var assumeRoleRequest = new AssumeRoleRequest
{
RoleArn = awsOptions.RoleArn, // 角色 ARN
RoleSessionName = $"session-name-{NewId.NextGuid()}",
DurationSeconds = awsOptions.DurationSeconds // 临时凭证有效期
};
var assumeRoleResponse = await stsClient.AssumeRoleAsync(assumeRoleRequest);
var credentials = assumeRoleResponse.Credentials;
var tempToken = new AWSTempToken()
{
AccessKeyId = credentials.AccessKeyId,
SecretAccessKey = credentials.SecretAccessKey,
SessionToken = credentials.SessionToken,
Expiration = credentials.Expiration,
BucketName = awsOptions.BucketName,
EndPoint = awsOptions.EndPoint,
ViewEndpoint = awsOptions.ViewEndpoint,
};
return tempToken;
}
#region aliyun-net-sdk-sts 之前 #region aliyun-net-sdk-sts 之前
//[HttpGet("user/GenerateSTS")] //[HttpGet("user/GenerateSTS")]

1
IRaCIS.Core.API/IRaCIS.Core.API.csproj
View File

@ -64,6 +64,7 @@
<PackageReference Include="AlibabaCloud.SDK.Sts20150401" Version="1.1.4" /> <PackageReference Include="AlibabaCloud.SDK.Sts20150401" Version="1.1.4" />
<PackageReference Include="AspNetCoreRateLimit" Version="5.0.0" /> <PackageReference Include="AspNetCoreRateLimit" Version="5.0.0" />
<PackageReference Include="Autofac.Extensions.DependencyInjection" Version="9.0.0" /> <PackageReference Include="Autofac.Extensions.DependencyInjection" Version="9.0.0" />
<PackageReference Include="AWSSDK.SecurityToken" Version="3.7.400.13" />
<PackageReference Include="ConfigMapFileProvider" Version="2.0.1" /> <PackageReference Include="ConfigMapFileProvider" Version="2.0.1" />
<PackageReference Include="Hangfire.AspNetCore" Version="1.8.14" /> <PackageReference Include="Hangfire.AspNetCore" Version="1.8.14" />
<PackageReference Include="Hangfire.Dashboard.BasicAuthorization" Version="1.0.2" /> <PackageReference Include="Hangfire.Dashboard.BasicAuthorization" Version="1.0.2" />

10
IRaCIS.Core.API/appsettings.Test_IRC.json
View File

@ -39,10 +39,12 @@
"AWS": { "AWS": {
"EndPoint": "s3.us-east-1.amazonaws.com", "EndPoint": "s3.us-east-1.amazonaws.com",
"UseSSL": true, "UseSSL": true,
"AccessKey": "AKIAZQ3DRSOHFPJJ6FEU", "RoleArn": "arn:aws:iam::471112624751:role/sts_s3_upload",
"SecretKey": "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", "AccessKeyId": "AKIAW3MEAFJXWRCGSX5Z",
"BucketName": "ei-irc-test-store", "SecretAccessKey": "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",
"ViewEndpoint": "https://ei-irc-test-store.s3.amazonaws.com/" "BucketName": "ei-med-s3-lili-uat-store",
"ViewEndpoint": "https://ei-med-s3-lili-uat-store.s3.amazonaws.com/",
"DurationSeconds": 7200
} }
}, },

40
IRaCIS.Core.Application/Helper/OSSService.cs
View File

@ -30,15 +30,17 @@ namespace IRaCIS.Core.Application.Helper
} }
[LowerCamelCaseJson]
public class AWSOptions public class AWSOptions
{ {
public string EndPoint { get; set; } public string EndPoint { get; set; }
public bool UseSSL { get; set; } public bool UseSSL { get; set; }
public string AccessKey { get; set; } public string AccessKeyId { get; set; }
public string SecretKey { get; set; } public string RoleArn { get; set; }
public string SecretAccessKey { get; set; }
public string BucketName { get; set; } public string BucketName { get; set; }
public string ViewEndpoint { get; set; } public string ViewEndpoint { get; set; }
public int DurationSeconds { get; set; }
} }
public class AliyunOSSOptions public class AliyunOSSOptions
@ -86,7 +88,7 @@ namespace IRaCIS.Core.Application.Helper
public MinIOOptions MinIO { get; set; } public MinIOOptions MinIO { get; set; }
public AWSOptions AWS { get; set; } public AWSTempToken AWS { get; set; }
} }
@ -113,7 +115,17 @@ namespace IRaCIS.Core.Application.Helper
} }
[LowerCamelCaseJson]
public class AWSTempToken
{
public string SessionToken { get; set; }
public string EndPoint { get; set; }
public string AccessKeyId { get; set; }
public string SecretAccessKey { get; set; }
public string BucketName { get; set; }
public string ViewEndpoint { get; set; }
public DateTime Expiration { get; set; }
}
public enum ObjectStoreUse public enum ObjectStoreUse
{ {
@ -190,7 +202,7 @@ namespace IRaCIS.Core.Application.Helper
var minioClient = new MinioClient().WithEndpoint($"{minIOConfig.EndPoint}:{minIOConfig.Port}") var minioClient = new MinioClient().WithEndpoint($"{minIOConfig.EndPoint}:{minIOConfig.Port}")
.WithCredentials(minIOConfig.AccessKey, minIOConfig.SecretKey).WithSSL(minIOConfig.UseSSL) .WithCredentials(minIOConfig.AccessKeyId, minIOConfig.SecretAccessKey).WithSSL(minIOConfig.UseSSL)
.Build(); .Build();
var putObjectArgs = new PutObjectArgs() var putObjectArgs = new PutObjectArgs()
@ -207,7 +219,7 @@ namespace IRaCIS.Core.Application.Helper
var minioClient = new MinioClient().WithEndpoint($"{minIOConfig.EndPoint}") var minioClient = new MinioClient().WithEndpoint($"{minIOConfig.EndPoint}")
.WithCredentials(minIOConfig.AccessKey, minIOConfig.SecretKey).WithSSL(minIOConfig.UseSSL) .WithCredentials(minIOConfig.AccessKeyId, minIOConfig.SecretAccessKey).WithSSL(minIOConfig.UseSSL)
.Build(); .Build();
var putObjectArgs = new PutObjectArgs() var putObjectArgs = new PutObjectArgs()
@ -272,7 +284,7 @@ namespace IRaCIS.Core.Application.Helper
var minioClient = new MinioClient().WithEndpoint($"{minIOConfig.EndPoint}:{minIOConfig.Port}") var minioClient = new MinioClient().WithEndpoint($"{minIOConfig.EndPoint}:{minIOConfig.Port}")
.WithCredentials(minIOConfig.AccessKey, minIOConfig.SecretKey).WithSSL(minIOConfig.UseSSL) .WithCredentials(minIOConfig.AccessKeyId, minIOConfig.SecretAccessKey).WithSSL(minIOConfig.UseSSL)
.Build(); .Build();
var putObjectArgs = new PutObjectArgs() var putObjectArgs = new PutObjectArgs()
@ -288,7 +300,7 @@ namespace IRaCIS.Core.Application.Helper
var minioClient = new MinioClient().WithEndpoint($"{minIOConfig.EndPoint}") var minioClient = new MinioClient().WithEndpoint($"{minIOConfig.EndPoint}")
.WithCredentials(minIOConfig.AccessKey, minIOConfig.SecretKey).WithSSL(minIOConfig.UseSSL) .WithCredentials(minIOConfig.AccessKeyId, minIOConfig.SecretAccessKey).WithSSL(minIOConfig.UseSSL)
.Build(); .Build();
var putObjectArgs = new PutObjectArgs() var putObjectArgs = new PutObjectArgs()
@ -337,7 +349,7 @@ namespace IRaCIS.Core.Application.Helper
var minIOConfig = ObjectStoreServiceOptions.MinIO; var minIOConfig = ObjectStoreServiceOptions.MinIO;
var minioClient = new MinioClient().WithEndpoint($"{minIOConfig.EndPoint}:{minIOConfig.Port}") var minioClient = new MinioClient().WithEndpoint($"{minIOConfig.EndPoint}:{minIOConfig.Port}")
.WithCredentials(minIOConfig.AccessKey, minIOConfig.SecretKey).WithSSL(minIOConfig.UseSSL) .WithCredentials(minIOConfig.AccessKeyId, minIOConfig.SecretAccessKey).WithSSL(minIOConfig.UseSSL)
.Build(); .Build();
var getObjectArgs = new GetObjectArgs() var getObjectArgs = new GetObjectArgs()
@ -353,7 +365,7 @@ namespace IRaCIS.Core.Application.Helper
var minIOConfig = ObjectStoreServiceOptions.AWS; var minIOConfig = ObjectStoreServiceOptions.AWS;
var minioClient = new MinioClient().WithEndpoint($"{minIOConfig.EndPoint}") var minioClient = new MinioClient().WithEndpoint($"{minIOConfig.EndPoint}")
.WithCredentials(minIOConfig.AccessKey, minIOConfig.SecretKey).WithSSL(minIOConfig.UseSSL) .WithCredentials(minIOConfig.AccessKeyId, minIOConfig.SecretAccessKey).WithSSL(minIOConfig.UseSSL)
.Build(); .Build();
var getObjectArgs = new GetObjectArgs() var getObjectArgs = new GetObjectArgs()
@ -409,7 +421,7 @@ namespace IRaCIS.Core.Application.Helper
var minIOConfig = ObjectStoreServiceOptions.MinIO; var minIOConfig = ObjectStoreServiceOptions.MinIO;
var minioClient = new MinioClient().WithEndpoint($"{minIOConfig.EndPoint}:{minIOConfig.Port}") var minioClient = new MinioClient().WithEndpoint($"{minIOConfig.EndPoint}:{minIOConfig.Port}")
.WithCredentials(minIOConfig.AccessKey, minIOConfig.SecretKey).WithSSL(minIOConfig.UseSSL) .WithCredentials(minIOConfig.AccessKeyId, minIOConfig.SecretAccessKey).WithSSL(minIOConfig.UseSSL)
.Build(); .Build();
@ -434,7 +446,7 @@ namespace IRaCIS.Core.Application.Helper
var minIOConfig = ObjectStoreServiceOptions.AWS; var minIOConfig = ObjectStoreServiceOptions.AWS;
var minioClient = new MinioClient().WithEndpoint($"{minIOConfig.EndPoint}") var minioClient = new MinioClient().WithEndpoint($"{minIOConfig.EndPoint}")
.WithCredentials(minIOConfig.AccessKey, minIOConfig.SecretKey).WithSSL(minIOConfig.UseSSL) .WithCredentials(minIOConfig.AccessKeyId, minIOConfig.SecretAccessKey).WithSSL(minIOConfig.UseSSL)
.Build(); .Build();
var args = new PresignedGetObjectArgs() var args = new PresignedGetObjectArgs()
@ -518,7 +530,7 @@ namespace IRaCIS.Core.Application.Helper
var minioClient = new MinioClient().WithEndpoint($"{minIOConfig.EndPoint}:{minIOConfig.Port}") var minioClient = new MinioClient().WithEndpoint($"{minIOConfig.EndPoint}:{minIOConfig.Port}")
.WithCredentials(minIOConfig.AccessKey, minIOConfig.SecretKey).WithSSL(minIOConfig.UseSSL) .WithCredentials(minIOConfig.AccessKeyId, minIOConfig.SecretAccessKey).WithSSL(minIOConfig.UseSSL)
.Build(); .Build();