XCKJ
/
irc-netcore-api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

修改对象存储返回临时toekn

IRC_NewDev
hang 2024-08-27 15:05:46 +08:00
parent c8f04a878a
commit a9afb684c9
2 changed files with 47 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

107
IRaCIS.Core.API/Controllers/ExtraController.cs
View File

@ -304,45 +304,43 @@ namespace IRaCIS.Api.Controllers
var ossOptions = serviceOption.AliyunOSS;
return ResponseOutput.Ok(new ObjectStoreDTO() { ObjectStoreUse = serviceOption.ObjectStoreUse, MinIO = serviceOption.MinIO, AliyunOSS = serviceOption.AliyunOSS, AWS = serviceOption.AWS });
var client = new Client(new AlibabaCloud.OpenApiClient.Models.Config()
{
//AccessKeyId = ossOptions.accessKeyId,
//AccessKeySecret = ossOptions.accessKeySecret,
AccessKeyId = "LTAI5tJV76pYX5yPg1N9QVE8",
AccessKeySecret = "roRNLa9YG1of4pYruJGCNKBXEWTAWa",
#region 临时token 屏蔽
//IClientProfile profile = DefaultProfile.GetProfile(ossOptions.RegionId, ossOptions.AccessKeyId, ossOptions.AccessKeySecret);
//DefaultAcsClient client = new DefaultAcsClient(profile);
Endpoint = "sts.cn-hangzhou.aliyuncs.com"
});
var assumeRoleRequest = new AlibabaCloud.SDK.Sts20150401.Models.AssumeRoleRequest();
// 将<YOUR_ROLE_SESSION_NAME>设置为自定义的会话名称例如oss-role-session。
assumeRoleRequest.RoleSessionName = $"session-name-{NewId.NextGuid()}";
// 将<YOUR_ROLE_ARN>替换为拥有上传文件到指定OSS Bucket权限的RAM角色的ARN。
//assumeRoleRequest.RoleArn = ossOptions.roleArn;
assumeRoleRequest.RoleArn = "acs:ram::1899121822495495:role/webdirect";
assumeRoleRequest.DurationSeconds = 7200;
var runtime = new AlibabaCloud.TeaUtil.Models.RuntimeOptions();
var response = client.AssumeRoleWithOptions(assumeRoleRequest, runtime);
var credentials = response.Body.Credentials;
var tempToken = new AliyunOSSTempToken()
{
AccessKeyId = credentials.AccessKeyId,
AccessKeySecret = credentials.AccessKeySecret,
Expiration = credentials.Expiration,
SecurityToken = credentials.SecurityToken,
//// 创建一个STS请求
//AssumeRoleRequest request = new AssumeRoleRequest
//{
// RoleArn = ossOptions.RoleArn, // 角色ARN需要替换为你的角色ARN
// RoleSessionName = $"session-name-{NewId.NextGuid()}", // 角色会话名称,可自定义
// DurationSeconds = 900, // 令牌有效期单位这里设置为1小时
//};
Region = ossOptions.region,
BucketName = ossOptions.bucketName,
ViewEndpoint = ossOptions.viewEndpoint,
};
//AssumeRoleResponse response = client.GetAcsResponse(request);
return ResponseOutput.Ok(new ObjectStoreDTO() { ObjectStoreUse = serviceOption.ObjectStoreUse, AliyunOSS = serviceOption.AliyunOSS, AliyunOSSTemp= tempToken });
//// 返回STS令牌信息给前端
//var stsToken = new ObjectStoreDTO()
//{
// ObjectStoreUse = serviceOption.ObjectStoreUse,
// AliyunOSS = new AliyunOSSTempToken()
// {
// AccessKeyId = response.Credentials.AccessKeyId,
// AccessKeySecret = response.Credentials.AccessKeySecret,
// SecurityToken = response.Credentials.SecurityToken,
// Expiration = response.Credentials.Expiration,
// Region = ossOptions.Region,
// BucketName = ossOptions.BucketName,
// ViewEndpoint = ossOptions.ViewEndpoint,
// },
// MinIO = serviceOption.MinIO
//};
//return ResponseOutput.Ok(stsToken);
#endregion
}
else if (Enum.TryParse<ObjectStoreUse>(serviceOption.ObjectStoreUse, out var parsedValue) && parsedValue == ObjectStoreUse.MinIO)
@ -356,44 +354,21 @@ namespace IRaCIS.Api.Controllers
}
[HttpGet("user/getUploadTempToken")]
public IResponseOutput GetUploadTempToken([FromServices] IOptionsMonitor<AliyunOSSOptions> options)
public IResponseOutput GetUploadTempToken([FromServices] IOptionsMonitor<ObjectStoreServiceOptions> options)
{
var ossOptions = options.CurrentValue;
var serviceOption = options.CurrentValue;
var client = new Client(new AlibabaCloud.OpenApiClient.Models.Config()
if (Enum.TryParse<ObjectStoreUse>(serviceOption.ObjectStoreUse, out var parsedEnum) && parsedEnum == ObjectStoreUse.AliyunOSS)
{
//AccessKeyId = ossOptions.accessKeyId,
//AccessKeySecret = ossOptions.accessKeySecret,
AccessKeyId = "LTAI5tJV76pYX5yPg1N9QVE8",
AccessKeySecret = "roRNLa9YG1of4pYruJGCNKBXEWTAWa",
var ossOptions = serviceOption.AliyunOSS;
}
return ResponseOutput.Ok();
Endpoint = "sts.cn-hangzhou.aliyuncs.com"
});
var assumeRoleRequest = new AlibabaCloud.SDK.Sts20150401.Models.AssumeRoleRequest();
// 将<YOUR_ROLE_SESSION_NAME>设置为自定义的会话名称例如oss-role-session。
assumeRoleRequest.RoleSessionName = $"session-name-{NewId.NextGuid()}";
// 将<YOUR_ROLE_ARN>替换为拥有上传文件到指定OSS Bucket权限的RAM角色的ARN。
//assumeRoleRequest.RoleArn = ossOptions.roleArn;
assumeRoleRequest.RoleArn = "acs:ram::1899121822495495:role/webdirect";
assumeRoleRequest.DurationSeconds = 3600;
var runtime = new AlibabaCloud.TeaUtil.Models.RuntimeOptions();
var response = client.AssumeRoleWithOptions(assumeRoleRequest, runtime);
var credentials = response.Body.Credentials;
return ResponseOutput.Ok(new
{
AccessKeyId = credentials.AccessKeyId,
AccessKeySecret = credentials.AccessKeySecret,
Expiration = credentials.Expiration,
SecurityToken = credentials.SecurityToken,
Region = ossOptions.region,
BucketName = ossOptions.bucketName,
ViewEndpoint = ossOptions.viewEndpoint,
});
}

6
IRaCIS.Core.Application/Helper/OSSService.cs
View File

@ -14,6 +14,7 @@ using System.Security.AccessControl;
using System.Text;
using System.Threading.Tasks;
using System.Runtime.InteropServices;
using System.Text.Json.Serialization;
namespace IRaCIS.Core.Application.Helper
{
@ -55,7 +56,10 @@ namespace IRaCIS.Core.Application.Helper
public class ObjectStoreServiceOptions
{
public string ObjectStoreUse { get; set; }
public AliyunOSSOptions AliyunOSS { get; set; }
public MinIOOptions MinIO { get; set; }
public AWSOptions AWS { get; set; }
@ -68,6 +72,8 @@ namespace IRaCIS.Core.Application.Helper
public AliyunOSSOptions AliyunOSS { get; set; }
public AliyunOSSTempToken AliyunOSSTemp { get; set; }
public MinIOOptions MinIO { get; set; }
public AWSOptions AWS { get; set; }