修改对象存储返回临时toekn
parent
c8f04a878a
commit
a9afb684c9
|
|
@ -304,45 +304,43 @@ namespace IRaCIS.Api.Controllers
|
||||||
|
|
||||||
var ossOptions = serviceOption.AliyunOSS;
|
var ossOptions = serviceOption.AliyunOSS;
|
||||||
|
|
||||||
return ResponseOutput.Ok(new ObjectStoreDTO() { ObjectStoreUse = serviceOption.ObjectStoreUse, MinIO = serviceOption.MinIO, AliyunOSS = serviceOption.AliyunOSS, AWS = serviceOption.AWS });
|
var client = new Client(new AlibabaCloud.OpenApiClient.Models.Config()
|
||||||
|
{
|
||||||
|
//AccessKeyId = ossOptions.accessKeyId,
|
||||||
|
//AccessKeySecret = ossOptions.accessKeySecret,
|
||||||
|
AccessKeyId = "LTAI5tJV76pYX5yPg1N9QVE8",
|
||||||
|
AccessKeySecret = "roRNLa9YG1of4pYruJGCNKBXEWTAWa",
|
||||||
|
|
||||||
#region 临时token 屏蔽
|
Endpoint = "sts.cn-hangzhou.aliyuncs.com"
|
||||||
//IClientProfile profile = DefaultProfile.GetProfile(ossOptions.RegionId, ossOptions.AccessKeyId, ossOptions.AccessKeySecret);
|
});
|
||||||
//DefaultAcsClient client = new DefaultAcsClient(profile);
|
|
||||||
|
var assumeRoleRequest = new AlibabaCloud.SDK.Sts20150401.Models.AssumeRoleRequest();
|
||||||
|
// 将<YOUR_ROLE_SESSION_NAME>设置为自定义的会话名称,例如oss-role-session。
|
||||||
|
assumeRoleRequest.RoleSessionName = $"session-name-{NewId.NextGuid()}";
|
||||||
|
// 将<YOUR_ROLE_ARN>替换为拥有上传文件到指定OSS Bucket权限的RAM角色的ARN。
|
||||||
|
//assumeRoleRequest.RoleArn = ossOptions.roleArn;
|
||||||
|
assumeRoleRequest.RoleArn = "acs:ram::1899121822495495:role/webdirect";
|
||||||
|
assumeRoleRequest.DurationSeconds = 7200;
|
||||||
|
var runtime = new AlibabaCloud.TeaUtil.Models.RuntimeOptions();
|
||||||
|
var response = client.AssumeRoleWithOptions(assumeRoleRequest, runtime);
|
||||||
|
var credentials = response.Body.Credentials;
|
||||||
|
|
||||||
|
var tempToken = new AliyunOSSTempToken()
|
||||||
|
{
|
||||||
|
AccessKeyId = credentials.AccessKeyId,
|
||||||
|
AccessKeySecret = credentials.AccessKeySecret,
|
||||||
|
Expiration = credentials.Expiration,
|
||||||
|
SecurityToken = credentials.SecurityToken,
|
||||||
|
|
||||||
|
|
||||||
//// 创建一个STS请求
|
Region = ossOptions.region,
|
||||||
//AssumeRoleRequest request = new AssumeRoleRequest
|
BucketName = ossOptions.bucketName,
|
||||||
//{
|
ViewEndpoint = ossOptions.viewEndpoint,
|
||||||
// RoleArn = ossOptions.RoleArn, // 角色ARN,需要替换为你的角色ARN
|
|
||||||
// RoleSessionName = $"session-name-{NewId.NextGuid()}", // 角色会话名称,可自定义
|
|
||||||
// DurationSeconds = 900, // 令牌有效期(单位:秒),这里设置为1小时
|
|
||||||
//};
|
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
//AssumeRoleResponse response = client.GetAcsResponse(request);
|
return ResponseOutput.Ok(new ObjectStoreDTO() { ObjectStoreUse = serviceOption.ObjectStoreUse, AliyunOSS = serviceOption.AliyunOSS, AliyunOSSTemp= tempToken });
|
||||||
|
|
||||||
//// 返回STS令牌信息给前端
|
|
||||||
//var stsToken = new ObjectStoreDTO()
|
|
||||||
//{
|
|
||||||
// ObjectStoreUse = serviceOption.ObjectStoreUse,
|
|
||||||
// AliyunOSS = new AliyunOSSTempToken()
|
|
||||||
// {
|
|
||||||
// AccessKeyId = response.Credentials.AccessKeyId,
|
|
||||||
// AccessKeySecret = response.Credentials.AccessKeySecret,
|
|
||||||
// SecurityToken = response.Credentials.SecurityToken,
|
|
||||||
// Expiration = response.Credentials.Expiration,
|
|
||||||
|
|
||||||
// Region = ossOptions.Region,
|
|
||||||
// BucketName = ossOptions.BucketName,
|
|
||||||
// ViewEndpoint = ossOptions.ViewEndpoint,
|
|
||||||
|
|
||||||
// },
|
|
||||||
// MinIO = serviceOption.MinIO
|
|
||||||
//};
|
|
||||||
//return ResponseOutput.Ok(stsToken);
|
|
||||||
|
|
||||||
#endregion
|
|
||||||
|
|
||||||
}
|
}
|
||||||
else if (Enum.TryParse<ObjectStoreUse>(serviceOption.ObjectStoreUse, out var parsedValue) && parsedValue == ObjectStoreUse.MinIO)
|
else if (Enum.TryParse<ObjectStoreUse>(serviceOption.ObjectStoreUse, out var parsedValue) && parsedValue == ObjectStoreUse.MinIO)
|
||||||
|
|
@ -356,44 +354,21 @@ namespace IRaCIS.Api.Controllers
|
||||||
|
|
||||||
}
|
}
|
||||||
[HttpGet("user/getUploadTempToken")]
|
[HttpGet("user/getUploadTempToken")]
|
||||||
public IResponseOutput GetUploadTempToken([FromServices] IOptionsMonitor<AliyunOSSOptions> options)
|
public IResponseOutput GetUploadTempToken([FromServices] IOptionsMonitor<ObjectStoreServiceOptions> options)
|
||||||
{
|
{
|
||||||
var ossOptions = options.CurrentValue;
|
var serviceOption = options.CurrentValue;
|
||||||
|
|
||||||
var client = new Client(new AlibabaCloud.OpenApiClient.Models.Config()
|
if (Enum.TryParse<ObjectStoreUse>(serviceOption.ObjectStoreUse, out var parsedEnum) && parsedEnum == ObjectStoreUse.AliyunOSS)
|
||||||
{
|
{
|
||||||
//AccessKeyId = ossOptions.accessKeyId,
|
var ossOptions = serviceOption.AliyunOSS;
|
||||||
//AccessKeySecret = ossOptions.accessKeySecret,
|
|
||||||
AccessKeyId = "LTAI5tJV76pYX5yPg1N9QVE8",
|
|
||||||
AccessKeySecret = "roRNLa9YG1of4pYruJGCNKBXEWTAWa",
|
|
||||||
|
}
|
||||||
|
|
||||||
|
return ResponseOutput.Ok();
|
||||||
|
|
||||||
Endpoint = "sts.cn-hangzhou.aliyuncs.com"
|
|
||||||
});
|
|
||||||
|
|
||||||
var assumeRoleRequest = new AlibabaCloud.SDK.Sts20150401.Models.AssumeRoleRequest();
|
|
||||||
// 将<YOUR_ROLE_SESSION_NAME>设置为自定义的会话名称,例如oss-role-session。
|
|
||||||
assumeRoleRequest.RoleSessionName = $"session-name-{NewId.NextGuid()}";
|
|
||||||
// 将<YOUR_ROLE_ARN>替换为拥有上传文件到指定OSS Bucket权限的RAM角色的ARN。
|
|
||||||
//assumeRoleRequest.RoleArn = ossOptions.roleArn;
|
|
||||||
assumeRoleRequest.RoleArn = "acs:ram::1899121822495495:role/webdirect";
|
|
||||||
assumeRoleRequest.DurationSeconds = 3600;
|
|
||||||
var runtime = new AlibabaCloud.TeaUtil.Models.RuntimeOptions();
|
|
||||||
var response = client.AssumeRoleWithOptions(assumeRoleRequest, runtime);
|
|
||||||
var credentials = response.Body.Credentials;
|
|
||||||
|
|
||||||
return ResponseOutput.Ok(new
|
|
||||||
{
|
|
||||||
AccessKeyId = credentials.AccessKeyId,
|
|
||||||
AccessKeySecret = credentials.AccessKeySecret,
|
|
||||||
Expiration = credentials.Expiration,
|
|
||||||
SecurityToken = credentials.SecurityToken,
|
|
||||||
|
|
||||||
|
|
||||||
Region = ossOptions.region,
|
|
||||||
BucketName = ossOptions.bucketName,
|
|
||||||
ViewEndpoint = ossOptions.viewEndpoint,
|
|
||||||
|
|
||||||
});
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -14,6 +14,7 @@ using System.Security.AccessControl;
|
||||||
using System.Text;
|
using System.Text;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
using System.Runtime.InteropServices;
|
using System.Runtime.InteropServices;
|
||||||
|
using System.Text.Json.Serialization;
|
||||||
|
|
||||||
namespace IRaCIS.Core.Application.Helper
|
namespace IRaCIS.Core.Application.Helper
|
||||||
{
|
{
|
||||||
|
|
@ -55,7 +56,10 @@ namespace IRaCIS.Core.Application.Helper
|
||||||
public class ObjectStoreServiceOptions
|
public class ObjectStoreServiceOptions
|
||||||
{
|
{
|
||||||
public string ObjectStoreUse { get; set; }
|
public string ObjectStoreUse { get; set; }
|
||||||
|
|
||||||
public AliyunOSSOptions AliyunOSS { get; set; }
|
public AliyunOSSOptions AliyunOSS { get; set; }
|
||||||
|
|
||||||
|
|
||||||
public MinIOOptions MinIO { get; set; }
|
public MinIOOptions MinIO { get; set; }
|
||||||
|
|
||||||
public AWSOptions AWS { get; set; }
|
public AWSOptions AWS { get; set; }
|
||||||
|
|
@ -68,6 +72,8 @@ namespace IRaCIS.Core.Application.Helper
|
||||||
|
|
||||||
public AliyunOSSOptions AliyunOSS { get; set; }
|
public AliyunOSSOptions AliyunOSS { get; set; }
|
||||||
|
|
||||||
|
public AliyunOSSTempToken AliyunOSSTemp { get; set; }
|
||||||
|
|
||||||
public MinIOOptions MinIO { get; set; }
|
public MinIOOptions MinIO { get; set; }
|
||||||
|
|
||||||
public AWSOptions AWS { get; set; }
|
public AWSOptions AWS { get; set; }
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue