mmm-go / openapi · 提交

转到一个项目

作者 tangxvhui
提交 cb57ef83311442f3ad300c35be0759ef4c73fced 1 个父辈 eee61602

新增

内嵌 并排对比
正在显示 4 个修改的文件 包含 130 行增加68 行删除
@@ -4,8 +4,10 @@ go 1.12 @@ -4,8 +4,10 @@ go 1.12
4 4
5 require ( 5 require (
6 github.com/aliyun/alibaba-cloud-sdk-go v1.60.348 6 github.com/aliyun/alibaba-cloud-sdk-go v1.60.348
  7 + github.com/aliyun/aliyun-sts-go-sdk v0.0.0-20171106034748-98d3903a2309
7 github.com/astaxie/beego v1.10.0 8 github.com/astaxie/beego v1.10.0
8 github.com/klauspost/cpuid v1.2.3 // indirect 9 github.com/klauspost/cpuid v1.2.3 // indirect
  10 + github.com/satori/go.uuid v1.2.0
9 gitlab.fjmaimaimai.com/mmm-go/gocomm v0.0.1 11 gitlab.fjmaimaimai.com/mmm-go/gocomm v0.0.1
10 ) 12 )
11 13
1 package oss 1 package oss
  2 +
  3 +type OssConfig struct {
  4 + accessID string
  5 + accessKey string
  6 + roleAcs string
  7 + endPoint string
  8 + bucketName string
  9 + callbackUrl string
  10 + sessionName string
  11 +}
  12 +
  13 +func NewOssConfig() *OssConfig {
  14 + return &OssConfig{
  15 + accessID: "",
  16 + accessKey: "",
  17 + roleAcs: "",
  18 + bucketName: "",
  19 + callbackUrl: "",
  20 + endPoint: "",
  21 + sessionName: "",
  22 + }
  23 +}
  24 +
  25 +func (config *OssConfig) SetBucketName(name string) {
  26 + config.bucketName = name
  27 +}
  28 +
  29 +func (config *OssConfig) SetCallbackUrl(url string) {
  30 + config.callbackUrl = url
  31 +}
  32 +
  33 +func (config *OssConfig) SetSessionName(name string) {
  34 + config.sessionName = name
  35 +}
1 package oss 1 package oss
  2 +
  3 +type PolicyToken struct {
  4 + AccessKeyId string `json:"accessid"`
  5 + Host string `json:"host"`
  6 + Expire int64 `json:"expire"`
  7 + Signature string `json:"signature"`
  8 + Policy string `json:"policy"`
  9 + Directory string `json:"dir"`
  10 + Callback string `json:"callback"`
  11 +}
  12 +
  13 +type CallbackParam struct {
  14 + CallbackUrl string `json:"callbackUrl"`
  15 + CallbackBody string `json:"callbackBody"`
  16 + CallbackBodyType string `json:"callbackBodyType"`
  17 +}
  18 +
  19 +// func get_policy_token() string {
  20 +// now := time.Now().Unix()
  21 +// expire_end := now + expire_time
  22 +// var tokenExpire = get_gmt_iso8601(expire_end)
  23 +
  24 +// //create post policy json
  25 +// var config ConfigStruct
  26 +// config.Expiration = tokenExpire
  27 +// var condition []string
  28 +// condition = append(condition, "starts-with")
  29 +// condition = append(condition, "$key")
  30 +// condition = append(condition, upload_dir)
  31 +// config.Conditions = append(config.Conditions, condition)
  32 +
  33 +// //calucate signature
  34 +// result,err:=json.Marshal(config)
  35 +// debyte := base64.StdEncoding.EncodeToString(result)
  36 +// h := hmac.New(func() hash.Hash { return sha1.New() }, []byte(accessKeySecret))
  37 +// io.WriteString(h, debyte)
  38 +// signedStr := base64.StdEncoding.EncodeToString(h.Sum(nil))
  39 +
  40 +// var callbackParam CallbackParam
  41 +// callbackParam.CallbackUrl = callbackUrl
  42 +// callbackParam.CallbackBody = "filename=${object}&size=${size}&mimeType=${mimeType}&height=${imageInfo.height}&width=${imageInfo.width}"
  43 +// callbackParam.CallbackBodyType = "application/x-www-form-urlencoded"
  44 +// callback_str,err:=json.Marshal(callbackParam)
  45 +// if err != nil {
  46 +// fmt.Println("callback json err:", err)
  47 +// }
  48 +// callbackBase64 := base64.StdEncoding.EncodeToString(callback_str)
  49 +
  50 +// var policyToken PolicyToken
  51 +// policyToken.AccessKeyId = accessKeyId
  52 +// policyToken.Host = host
  53 +// policyToken.Expire = expire_end
  54 +// policyToken.Signature = string(signedStr)
  55 +// policyToken.Directory = upload_dir
  56 +// policyToken.Policy = string(debyte)
  57 +// policyToken.Callback = string(callbackBase64)
  58 +// response,err:=json.Marshal(policyToken)
  59 +// if err != nil {
  60 +// fmt.Println("json err:", err)
  61 +// }
  62 +// return string(response)
  63 +// }
1 package oss 1 package oss
2 2
3 import ( 3 import (
4 - "crypto/hmac"  
5 - "crypto/sha1"  
6 - "crypto/tls"  
7 - "encoding/base64"  
8 - "io/ioutil"  
9 - "net/http"  
10 - "net/url"  
11 - "time" 4 + "github.com/aliyun/aliyun-sts-go-sdk/sts"
12 ) 5 )
13 6
14 -type AliyunStsClient struct {  
15 - ChildAccountKeyId string  
16 - ChildAccountSecret string  
17 - RoleAcs string 7 +type StsCredentials struct {
  8 + AccessKeyId string `json:"access_key_id"`
  9 + AccessKeySecret string `json:"access_key_secret"`
  10 + Expiration int64 `json:"expiration"`
  11 + SecurityToken string `json:"security_token"`
18 } 12 }
19 13
20 -func NewStsClient(key, secret, roleAcs string) *AliyunStsClient {  
21 - return &AliyunStsClient{  
22 - ChildAccountKeyId: key,  
23 - ChildAccountSecret: secret,  
24 - RoleAcs: roleAcs,  
25 - } 14 +type AssumedRoleUser struct {
  15 + AssumedRoleId string `json:"assumed_role_id"`
  16 + Arn string `json:"arn"`
26 } 17 }
27 18
28 -func (cli *AliyunStsClient) GenerateSignatureUrl(sessionName, durationSeconds string) (string, error) {  
29 - assumeUrl := "SignatureVersion=1.0"  
30 - assumeUrl += "&Format=JSON"  
31 - assumeUrl += "&Timestamp=" + url.QueryEscape(time.Now().UTC().Format("2006-01-02T15:04:05Z"))  
32 - assumeUrl += "&RoleArn=" + url.QueryEscape(cli.RoleAcs)  
33 - assumeUrl += "&RoleSessionName=" + sessionName  
34 - assumeUrl += "&AccessKeyId=" + cli.ChildAccountKeyId  
35 - assumeUrl += "&SignatureMethod=HMAC-SHA1"  
36 - assumeUrl += "&Version=2015-04-01"  
37 - assumeUrl += "&Action=AssumeRole"  
38 - assumeUrl += "&SignatureNonce=" + "TODO"  
39 - assumeUrl += "&DurationSeconds=" + durationSeconds  
40 -  
41 - // 解析成V type  
42 - signToString, err := url.ParseQuery(assumeUrl)  
43 - if err != nil {  
44 - return "", err  
45 - }  
46 -  
47 - // URL顺序化  
48 - result := signToString.Encode()  
49 -  
50 - // 拼接  
51 - StringToSign := "GET" + "&" + "%2F" + "&" + url.QueryEscape(result)  
52 -  
53 - // HMAC  
54 - hashSign := hmac.New(sha1.New, []byte(cli.ChildAccountSecret+"&"))  
55 - hashSign.Write([]byte(StringToSign))  
56 -  
57 - // 生成signature  
58 - signature := base64.StdEncoding.EncodeToString(hashSign.Sum(nil))  
59 -  
60 - // Url 添加signature  
61 - assumeUrl = "https://sts.aliyuncs.com/?" + assumeUrl + "&Signature=" + url.QueryEscape(signature)  
62 -  
63 - return assumeUrl, nil 19 +type StsData struct {
  20 + RequestId string `json:"request_id,omitempty"`
  21 + AssumedRoleUser AssumedRoleUser `json:"assumed_role_user,omitempty"`
  22 + Credentials StsCredentials `json:"credentials,omitempty"`
64 } 23 }
65 24
66 -// 请求构造好的URL,获得授权信息  
67 -// 安全认证 HTTPS  
68 -func (cli *AliyunStsClient) GetStsResponse(url string) ([]byte, error) {  
69 - tr := &http.Transport{  
70 - TLSClientConfig: &tls.Config{InsecureSkipVerify: true},  
71 - }  
72 - client := &http.Client{Transport: tr}  
73 -  
74 - resp, err := client.Get(url) 25 +func GetStsCredentials() (*StsData, error) {
  26 + ossconfig := NewOssConfig()
  27 + stsClient := sts.NewClient(ossconfig.accessID, ossconfig.accessKey, ossconfig.roleAcs, ossconfig.sessionName)
  28 + resp, err := stsClient.AssumeRole(3600)
75 if err != nil { 29 if err != nil {
76 return nil, err 30 return nil, err
77 } 31 }
78 - defer resp.Body.Close()  
79 -  
80 - body, err := ioutil.ReadAll(resp.Body)  
81 -  
82 - return body, err 32 + c := StsCredentials{
  33 + AccessKeyId: resp.Credentials.AccessKeyId,
  34 + AccessKeySecret: resp.Credentials.AccessKeySecret,
  35 + Expiration: resp.Credentials.Expiration.Unix(),
  36 + SecurityToken: resp.Credentials.SecurityToken,
  37 + }
  38 + ar := AssumedRoleUser{
  39 + AssumedRoleId: resp.AssumedRoleUser.AssumedRoleId,
  40 + Arn: resp.AssumedRoleUser.Arn,
  41 + }
  42 + return &StsData{
  43 + RequestId: resp.RequestId,
  44 + Credentials: c,
  45 + AssumedRoleUser: ar,
  46 + }, nil
83 } 47 }