From a9afb684c9177deaefb8a2939952258b521e6ac8 Mon Sep 17 00:00:00 2001 From: hang <872297557@qq.com> Date: Tue, 27 Aug 2024 15:05:46 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E5=AF=B9=E8=B1=A1=E5=AD=98?= =?UTF-8?q?=E5=82=A8=E8=BF=94=E5=9B=9E=E4=B8=B4=E6=97=B6toekn?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Controllers/ExtraController.cs | 107 +++++++----------- IRaCIS.Core.Application/Helper/OSSService.cs | 6 + 2 files changed, 47 insertions(+), 66 deletions(-) diff --git a/IRaCIS.Core.API/Controllers/ExtraController.cs b/IRaCIS.Core.API/Controllers/ExtraController.cs index 7cbff77f7..b6cc9483a 100644 --- a/IRaCIS.Core.API/Controllers/ExtraController.cs +++ b/IRaCIS.Core.API/Controllers/ExtraController.cs @@ -304,45 +304,43 @@ namespace IRaCIS.Api.Controllers var ossOptions = serviceOption.AliyunOSS; - return ResponseOutput.Ok(new ObjectStoreDTO() { ObjectStoreUse = serviceOption.ObjectStoreUse, MinIO = serviceOption.MinIO, AliyunOSS = serviceOption.AliyunOSS, AWS = serviceOption.AWS }); + var client = new Client(new AlibabaCloud.OpenApiClient.Models.Config() + { + //AccessKeyId = ossOptions.accessKeyId, + //AccessKeySecret = ossOptions.accessKeySecret, + AccessKeyId = "LTAI5tJV76pYX5yPg1N9QVE8", + AccessKeySecret = "roRNLa9YG1of4pYruJGCNKBXEWTAWa", - #region 临时token 屏蔽 - //IClientProfile profile = DefaultProfile.GetProfile(ossOptions.RegionId, ossOptions.AccessKeyId, ossOptions.AccessKeySecret); - //DefaultAcsClient client = new DefaultAcsClient(profile); + Endpoint = "sts.cn-hangzhou.aliyuncs.com" + }); + + var assumeRoleRequest = new AlibabaCloud.SDK.Sts20150401.Models.AssumeRoleRequest(); + // 将设置为自定义的会话名称,例如oss-role-session。 + assumeRoleRequest.RoleSessionName = $"session-name-{NewId.NextGuid()}"; + // 将替换为拥有上传文件到指定OSS Bucket权限的RAM角色的ARN。 + //assumeRoleRequest.RoleArn = ossOptions.roleArn; + assumeRoleRequest.RoleArn = "acs:ram::1899121822495495:role/webdirect"; + assumeRoleRequest.DurationSeconds = 7200; + var runtime = new AlibabaCloud.TeaUtil.Models.RuntimeOptions(); + var response = client.AssumeRoleWithOptions(assumeRoleRequest, runtime); + var credentials = response.Body.Credentials; + + var tempToken = new AliyunOSSTempToken() + { + AccessKeyId = credentials.AccessKeyId, + AccessKeySecret = credentials.AccessKeySecret, + Expiration = credentials.Expiration, + SecurityToken = credentials.SecurityToken, - //// 创建一个STS请求 - //AssumeRoleRequest request = new AssumeRoleRequest - //{ - // RoleArn = ossOptions.RoleArn, // 角色ARN,需要替换为你的角色ARN - // RoleSessionName = $"session-name-{NewId.NextGuid()}", // 角色会话名称,可自定义 - // DurationSeconds = 900, // 令牌有效期(单位:秒),这里设置为1小时 - //}; + Region = ossOptions.region, + BucketName = ossOptions.bucketName, + ViewEndpoint = ossOptions.viewEndpoint, + }; - //AssumeRoleResponse response = client.GetAcsResponse(request); + return ResponseOutput.Ok(new ObjectStoreDTO() { ObjectStoreUse = serviceOption.ObjectStoreUse, AliyunOSS = serviceOption.AliyunOSS, AliyunOSSTemp= tempToken }); - //// 返回STS令牌信息给前端 - //var stsToken = new ObjectStoreDTO() - //{ - // ObjectStoreUse = serviceOption.ObjectStoreUse, - // AliyunOSS = new AliyunOSSTempToken() - // { - // AccessKeyId = response.Credentials.AccessKeyId, - // AccessKeySecret = response.Credentials.AccessKeySecret, - // SecurityToken = response.Credentials.SecurityToken, - // Expiration = response.Credentials.Expiration, - - // Region = ossOptions.Region, - // BucketName = ossOptions.BucketName, - // ViewEndpoint = ossOptions.ViewEndpoint, - - // }, - // MinIO = serviceOption.MinIO - //}; - //return ResponseOutput.Ok(stsToken); - - #endregion } else if (Enum.TryParse(serviceOption.ObjectStoreUse, out var parsedValue) && parsedValue == ObjectStoreUse.MinIO) @@ -356,44 +354,21 @@ namespace IRaCIS.Api.Controllers } [HttpGet("user/getUploadTempToken")] - public IResponseOutput GetUploadTempToken([FromServices] IOptionsMonitor options) + public IResponseOutput GetUploadTempToken([FromServices] IOptionsMonitor options) { - var ossOptions = options.CurrentValue; + var serviceOption = options.CurrentValue; - var client = new Client(new AlibabaCloud.OpenApiClient.Models.Config() + if (Enum.TryParse(serviceOption.ObjectStoreUse, out var parsedEnum) && parsedEnum == ObjectStoreUse.AliyunOSS) { - //AccessKeyId = ossOptions.accessKeyId, - //AccessKeySecret = ossOptions.accessKeySecret, - AccessKeyId = "LTAI5tJV76pYX5yPg1N9QVE8", - AccessKeySecret = "roRNLa9YG1of4pYruJGCNKBXEWTAWa", + var ossOptions = serviceOption.AliyunOSS; + + + + } + + return ResponseOutput.Ok(); - Endpoint = "sts.cn-hangzhou.aliyuncs.com" - }); - var assumeRoleRequest = new AlibabaCloud.SDK.Sts20150401.Models.AssumeRoleRequest(); - // 将设置为自定义的会话名称,例如oss-role-session。 - assumeRoleRequest.RoleSessionName = $"session-name-{NewId.NextGuid()}"; - // 将替换为拥有上传文件到指定OSS Bucket权限的RAM角色的ARN。 - //assumeRoleRequest.RoleArn = ossOptions.roleArn; - assumeRoleRequest.RoleArn = "acs:ram::1899121822495495:role/webdirect"; - assumeRoleRequest.DurationSeconds = 3600; - var runtime = new AlibabaCloud.TeaUtil.Models.RuntimeOptions(); - var response = client.AssumeRoleWithOptions(assumeRoleRequest, runtime); - var credentials = response.Body.Credentials; - - return ResponseOutput.Ok(new - { - AccessKeyId = credentials.AccessKeyId, - AccessKeySecret = credentials.AccessKeySecret, - Expiration = credentials.Expiration, - SecurityToken = credentials.SecurityToken, - - - Region = ossOptions.region, - BucketName = ossOptions.bucketName, - ViewEndpoint = ossOptions.viewEndpoint, - - }); } diff --git a/IRaCIS.Core.Application/Helper/OSSService.cs b/IRaCIS.Core.Application/Helper/OSSService.cs index a50c92da3..4703f78af 100644 --- a/IRaCIS.Core.Application/Helper/OSSService.cs +++ b/IRaCIS.Core.Application/Helper/OSSService.cs @@ -14,6 +14,7 @@ using System.Security.AccessControl; using System.Text; using System.Threading.Tasks; using System.Runtime.InteropServices; +using System.Text.Json.Serialization; namespace IRaCIS.Core.Application.Helper { @@ -55,7 +56,10 @@ namespace IRaCIS.Core.Application.Helper public class ObjectStoreServiceOptions { public string ObjectStoreUse { get; set; } + public AliyunOSSOptions AliyunOSS { get; set; } + + public MinIOOptions MinIO { get; set; } public AWSOptions AWS { get; set; } @@ -68,6 +72,8 @@ namespace IRaCIS.Core.Application.Helper public AliyunOSSOptions AliyunOSS { get; set; } + public AliyunOSSTempToken AliyunOSSTemp { get; set; } + public MinIOOptions MinIO { get; set; } public AWSOptions AWS { get; set; }