From 802885b73a8c0880d8fb7a7a306c37ac16aa2535 Mon Sep 17 00:00:00 2001 From: xpecya Date: Sun, 8 Dec 2024 17:03:13 +0800 Subject: [PATCH] =?UTF-8?q?=E5=AE=8C=E6=88=90OSS=E4=B8=8A=E4=BC=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../admin/controller/CommonController.java | 120 ++++++++++++++++++ .../model/dto/oss/CloseableAcsClient.java | 28 ++++ .../reference/admin/model/vo/oss/OssVO.java | 63 +++++++++ 3 files changed, 211 insertions(+) create mode 100644 admin/src/main/java/com/jinrui/reference/admin/controller/CommonController.java create mode 100644 admin/src/main/java/com/jinrui/reference/admin/model/dto/oss/CloseableAcsClient.java create mode 100644 admin/src/main/java/com/jinrui/reference/admin/model/vo/oss/OssVO.java diff --git a/admin/src/main/java/com/jinrui/reference/admin/controller/CommonController.java b/admin/src/main/java/com/jinrui/reference/admin/controller/CommonController.java new file mode 100644 index 0000000..b0f0a77 --- /dev/null +++ b/admin/src/main/java/com/jinrui/reference/admin/controller/CommonController.java @@ -0,0 +1,120 @@ +package com.jinrui.reference.admin.controller; + +import com.aliyuncs.auth.sts.AssumeRoleRequest; +import com.aliyuncs.auth.sts.AssumeRoleResponse; +import com.aliyuncs.http.MethodType; +import com.aliyuncs.profile.DefaultProfile; +import com.aliyuncs.profile.IClientProfile; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.jinrui.reference.admin.model.dto.oss.CloseableAcsClient; +import com.jinrui.reference.admin.model.entity.AdminUser; +import com.jinrui.reference.admin.model.vo.oss.OssVO; +import com.jinrui.reference.admin.service.AdminJwtService; +import com.jinrui.reference.core.model.vo.ResultObject; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.util.StringUtils; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestHeader; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +@RestController +@RequestMapping("/common") +public class CommonController { + + private static final Logger log = LoggerFactory.getLogger(CommonController.class); + + private final String stsEndPoint; + private final String ak; + private final String sk; + private final String roleArn; + private final String endPoint; + private final String region; + private final String bucketName; + private final ObjectMapper objectMapper; + + public CommonController(@Value("${oss.sts.endPoint}") String stsEndPoint, + @Value("${oss.ak}") String ak, + @Value("${oss.sk}") String sk, + @Value("${oss.roleArn}") String roleArn, + @Value("${oss.endPoint}") String endPoint, + @Value("${oss.region}") String region, + @Value("${oss.bucketName}") String bucketName, + ObjectMapper objectMapper) { + this.stsEndPoint = stsEndPoint; + this.ak = ak; + this.sk = sk; + this.roleArn = roleArn; + this.endPoint = endPoint; + this.region = region; + this.bucketName = bucketName; + this.objectMapper = objectMapper; + } + + @PostMapping("/uploadKey") + public ResultObject uploadKey(@RequestHeader("auth-token") String token) { + if (!StringUtils.hasText(token)) { + return ResultObject.failed("登陆Token为空!"); + } + + try { + AdminUser adminUser = AdminJwtService.parseToken(token); + if (adminUser == null) { + log.warn("解析token {}拿不到AdminUser对象!", token); + return ResultObject.failed("登陆Token有误,请联系系统管理员!"); + } + + if (!adminUser.isActive()) { + log.warn("当前用户已被封禁! id = {}", adminUser.getId()); + return ResultObject.failed("当前用户已被封禁!请联系系统管理员!"); + } + + log.info("用户(id = {})获取上传OSS文件Token!", adminUser.getId()); + } catch (Exception e) { + log.error("解析登陆Token出错!", e); + return ResultObject.failed(500, "服务端错误,请联系系统管理员!"); + } + + + OssVO ossVO = getCredentials(); + try { + String responseString = objectMapper.writeValueAsString(ossVO); + log.info("OSS临时凭证返回值: {}", responseString); + } catch (JsonProcessingException e) { + log.error("OSS临时访问凭证JSON映射报错!", e); + } + return ResultObject.success(ossVO); + } + + /** + * 获取临时访问凭证 + */ + public OssVO getCredentials() { + OssVO ossVO = new OssVO(); + String roleSessionName = "test"; + Long durationSeconds = 3600L; + String regionId = ""; + IClientProfile profile = DefaultProfile.getProfile(regionId, ak, sk); + try (CloseableAcsClient client = new CloseableAcsClient(profile)) { + DefaultProfile.addEndpoint(regionId, "Sts", stsEndPoint); + AssumeRoleRequest request = new AssumeRoleRequest(); + request.setSysMethod(MethodType.POST); + request.setRoleArn(roleArn); + request.setRoleSessionName(roleSessionName); + request.setDurationSeconds(durationSeconds); + AssumeRoleResponse response = client.getAcsResponse(request); + ossVO.setAccessKeyId(response.getCredentials().getAccessKeyId()); + ossVO.setAccessKeySecret(response.getCredentials().getAccessKeySecret()); + ossVO.setSecurityToken(response.getCredentials().getSecurityToken()); + ossVO.setEndPoint(endPoint); + ossVO.setRegion(region); + ossVO.setBucket(bucketName); + } catch (Exception e) { + log.error("获取OSS临时访问凭证异常!", e); + } + return ossVO; + } +} diff --git a/admin/src/main/java/com/jinrui/reference/admin/model/dto/oss/CloseableAcsClient.java b/admin/src/main/java/com/jinrui/reference/admin/model/dto/oss/CloseableAcsClient.java new file mode 100644 index 0000000..d890b37 --- /dev/null +++ b/admin/src/main/java/com/jinrui/reference/admin/model/dto/oss/CloseableAcsClient.java @@ -0,0 +1,28 @@ +package com.jinrui.reference.admin.model.dto.oss; + +import com.aliyuncs.DefaultAcsClient; +import com.aliyuncs.auth.sts.AssumeRoleRequest; +import com.aliyuncs.auth.sts.AssumeRoleResponse; +import com.aliyuncs.exceptions.ClientException; +import com.aliyuncs.profile.IClientProfile; + +/** + * 为了弥补辣鸡阿里云OSS Client竟然不是AutoCloseable的问题 + */ +public class CloseableAcsClient implements AutoCloseable { + + private final DefaultAcsClient client; + + public CloseableAcsClient(IClientProfile iClientProfile) { + this.client = new DefaultAcsClient(iClientProfile); + } + + public AssumeRoleResponse getAcsResponse(AssumeRoleRequest request) throws ClientException { + return client.getAcsResponse(request); + } + + @Override + public void close() { + client.shutdown(); + } +} diff --git a/admin/src/main/java/com/jinrui/reference/admin/model/vo/oss/OssVO.java b/admin/src/main/java/com/jinrui/reference/admin/model/vo/oss/OssVO.java new file mode 100644 index 0000000..fab2b6c --- /dev/null +++ b/admin/src/main/java/com/jinrui/reference/admin/model/vo/oss/OssVO.java @@ -0,0 +1,63 @@ +package com.jinrui.reference.admin.model.vo.oss; + +/** + * OSS上传访问凭证 + */ +@SuppressWarnings("unused") +public class OssVO { + + private String accessKeyId; + private String accessKeySecret; + private String securityToken; + private String endPoint; + private String region; + private String bucket; + + public String getAccessKeyId() { + return accessKeyId; + } + + public void setAccessKeyId(String accessKeyId) { + this.accessKeyId = accessKeyId; + } + + public String getAccessKeySecret() { + return accessKeySecret; + } + + public void setAccessKeySecret(String accessKeySecret) { + this.accessKeySecret = accessKeySecret; + } + + public String getSecurityToken() { + return securityToken; + } + + public void setSecurityToken(String securityToken) { + this.securityToken = securityToken; + } + + public String getEndPoint() { + return endPoint; + } + + public void setEndPoint(String endPoint) { + this.endPoint = endPoint; + } + + public String getRegion() { + return region; + } + + public void setRegion(String region) { + this.region = region; + } + + public String getBucket() { + return bucket; + } + + public void setBucket(String bucket) { + this.bucket = bucket; + } +}