mmm-go / openapi · 文件

转到一个项目
sts.go 1.3 KB
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 
package oss

import (
	"github.com/aliyun/aliyun-sts-go-sdk/sts"
)

type StsCredentials struct {
	AccessKeyId     string `json:"access_key_id"`
	AccessKeySecret string `json:"access_key_secret"`
	Expiration      int64  `json:"expiration"`
	SecurityToken   string `json:"security_token"`
}

type AssumedRoleUser struct {
	AssumedRoleId string `json:"assumed_role_id"`
	Arn           string `json:"arn"`
}

type StsData struct {
	RequestId       string          `json:"request_id,omitempty"`
	AssumedRoleUser AssumedRoleUser `json:"assumed_role_user,omitempty"`
	Credentials     StsCredentials  `json:"credentials,omitempty"`
}

func GetStsCredentials() (*StsData, error) {
	ossconfig := NewOssConfig()
	stsClient := sts.NewClient(ossconfig.accessID, ossconfig.accessKey, ossconfig.roleAcs, ossconfig.sessionName)
	resp, err := stsClient.AssumeRole(3600)
	if err != nil {
		return nil, err
	}
	c := StsCredentials{
		AccessKeyId:     resp.Credentials.AccessKeyId,
		AccessKeySecret: resp.Credentials.AccessKeySecret,
		Expiration:      resp.Credentials.Expiration.Unix(),
		SecurityToken:   resp.Credentials.SecurityToken,
	}
	ar := AssumedRoleUser{
		AssumedRoleId: resp.AssumedRoleUser.AssumedRoleId,
		Arn:           resp.AssumedRoleUser.Arn,
	}
	return &StsData{
		RequestId:       resp.RequestId,
		Credentials:     c,
		AssumedRoleUser: ar,
	}, nil
}