From cec6174bb672105c35a39d413bfa3018338a6d05 Mon Sep 17 00:00:00 2001
From: hang <872297557@qq.com>
Date: Wed, 4 Sep 2024 09:41:12 +0800
Subject: [PATCH] =?UTF-8?q?=E6=96=B9=E4=BE=BF=E5=89=8D=E7=AB=AF=E5=AF=B9?=
 =?UTF-8?q?=E6=8E=A5=E8=BF=94=E5=9B=9Etoken?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Controllers/ExtraController.cs            | 41 ++++++++++++++++++-
 1 file changed, 40 insertions(+), 1 deletion(-)

diff --git a/IRaCIS.Core.API/Controllers/ExtraController.cs b/IRaCIS.Core.API/Controllers/ExtraController.cs
index b62bd168d..b507b0813 100644
--- a/IRaCIS.Core.API/Controllers/ExtraController.cs
+++ b/IRaCIS.Core.API/Controllers/ExtraController.cs
@@ -342,7 +342,9 @@ namespace IRaCIS.Api.Controllers
 
                 };
 
-                return ResponseOutput.Ok(new ObjectStoreDTO() { ObjectStoreUse = serviceOption.ObjectStoreUse,  AliyunOSS = tempToken });
+                var awstempToken = await GetAWSTemToken(serviceOption);
+
+                return ResponseOutput.Ok(new ObjectStoreDTO() { ObjectStoreUse = serviceOption.ObjectStoreUse,  AliyunOSS = tempToken,AWS= awstempToken });
 
 
             }
@@ -392,6 +394,43 @@ namespace IRaCIS.Api.Controllers
         }
 
 
+        private async Task<AWSTempToken> GetAWSTemToken(ObjectStoreServiceOptions serviceOption)
+        {
+            var awsOptions = serviceOption.AWS;
+
+            //aws 临时凭证
+            // 创建 STS 客户端
+            var stsClient = new AmazonSecurityTokenServiceClient(awsOptions.AccessKeyId, awsOptions.SecretAccessKey);
+
+            // 使用 AssumeRole 请求临时凭证
+            var assumeRoleRequest = new AssumeRoleRequest
+            {
+
+                RoleArn = awsOptions.RoleArn, // 角色 ARN
+                RoleSessionName = $"session-name-{NewId.NextGuid()}",
+                DurationSeconds = awsOptions.DurationSeconds          // 临时凭证有效期
+            };
+
+            var assumeRoleResponse = await stsClient.AssumeRoleAsync(assumeRoleRequest);
+
+            var credentials = assumeRoleResponse.Credentials;
+
+            var tempToken = new AWSTempToken()
+            {
+                AccessKeyId = credentials.AccessKeyId,
+                SecretAccessKey = credentials.SecretAccessKey,
+                SessionToken = credentials.SessionToken,
+                Expiration = credentials.Expiration,
+
+                BucketName = awsOptions.BucketName,
+                EndPoint = awsOptions.EndPoint,
+                ViewEndpoint = awsOptions.ViewEndpoint,
+
+            };
+
+            return tempToken;
+        }
+
 
         #region aliyun-net-sdk-sts  之前
         //[HttpGet("user/GenerateSTS")]