更新 OssProperties

oss-sdk/src/main/java/cn/reghao/oss/sdk/ObjectGetService.java

@@ -133,7 +133,7 @@ public class ObjectGetService {
     }
 
     public static void main(String[] args) {
-        String endpoint = "https://oss.reghao.cn";
+        String endpoint = "";
         ObjectGetService objectGetService = new ObjectGetService(endpoint);
 
         String objectName = "video/playback/28d0fd95e224499c9f2cf1d98b4551a5.flv";

oss-sdk/src/test/java/ObjectTest.java

@@ -12,7 +12,7 @@ import java.io.*;
  */
 @Slf4j
 public class ObjectTest {
-    static final String endpoint = "https://oss.reghao.cn";
+    static final String endpoint = "";
     static ObjectUploadService objectUploadService = new ObjectUploadService(endpoint);
 
     static void upload(File file) throws Exception {

oss-store/bin/oss.yml

@@ -12,4 +12,6 @@ spring:
 oss:
   domain: oss.reghao.cn
   diskDirs:
-    - /opt/oss/disk/13f654c8-af87-4710-aac9-7aa086c99aec/
+    - /opt/oss/disk/13f654c8-af87-4710-aac9-7aa086c99aec/
+  referer: reghao.cn
+  secretKey: oss-store

oss-store/src/main/java/cn/reghao/oss/store/config/OssProperties.java

@@ -18,4 +18,6 @@ import java.util.List;
 public class OssProperties {
     private String domain;
     private List<String> diskDirs;
+    private String secretKey;
+    private String referer;
 }

oss-store/src/main/java/cn/reghao/oss/store/controller/ObjectGetController.java

@@ -1,6 +1,7 @@
 package cn.reghao.oss.store.controller;
 
 import cn.reghao.oss.api.constant.ChannelAction;
+import cn.reghao.oss.store.config.OssProperties;
 import cn.reghao.oss.store.service.GetObjectService;
 import cn.reghao.oss.store.util.JwtUtil;
 import cn.reghao.oss.store.util.ObjectUtil;
@@ -23,10 +24,12 @@ import java.util.concurrent.TimeUnit;
 public class ObjectGetController {
     private final GetObjectService getObjectService;
     private final Cache<String, String> cache;
+    private final OssProperties ossProperties;
 
-    public ObjectGetController(GetObjectService getObjectService) {
+    public ObjectGetController(GetObjectService getObjectService, OssProperties ossProperties) {
         this.getObjectService = getObjectService;
         this.cache = Caffeine.newBuilder().maximumSize(10_000).expireAfterAccess(1, TimeUnit.HOURS).build();
+        this.ossProperties = ossProperties;
     }
 
     @RequestMapping(value = "/**", method = RequestMethod.HEAD)
@@ -59,10 +62,10 @@ public class ObjectGetController {
         }
 
         String queryString = String.format("token=%s&t=%s&nonce=%s", token, timestamp, nonce);
-        String url = String.format("%s/%s", "//oss.reghao.cn", objectName);
+        String domain = ossProperties.getDomain();
+        String url = String.format("//%s/%s", domain, objectName);
         String requestString = String.format("%s%s?%s", "GET", url, queryString);
-        String secretKey = "oss.reghao.cn";
-        boolean valid = SignatureUtil.valid(requestString, secretKey, sign);
+        boolean valid = SignatureUtil.valid(requestString, ossProperties.getSecretKey(), sign);
         if (!valid) {
             getObjectService.writeResponse(HttpServletResponse.SC_FORBIDDEN);
             return;
@@ -82,7 +85,7 @@ public class ObjectGetController {
             return;
         }*/
 
-        OssPayload ossPayload = JwtUtil.getOssPayload(token);
+        OssPayload ossPayload = JwtUtil.getOssPayload(token, ossProperties.getSecretKey());
         int channelId = ossPayload.getChannelId();
         long userId = ossPayload.getUserId();
         String prefix = UploadChannel.getUploadChannel(channelId).getPrefix();

oss-store/src/main/java/cn/reghao/oss/store/controller/ObjectUploadController.java

@@ -1,5 +1,6 @@
 package cn.reghao.oss.store.controller;
 
+import cn.reghao.oss.store.config.OssProperties;
 import cn.reghao.oss.store.model.vo.ObjectProp;
 import cn.reghao.oss.store.model.vo.ObjectResult;
 import cn.reghao.oss.store.service.ChannelValidateService;
@@ -36,15 +37,17 @@ public class ObjectUploadController {
     private final ObjectNameService objectNameService;
     private final PutObjectService putObjectService;
     private final FileProcessor fileProcessor;
+    private final OssProperties ossProperties;
 
     public ObjectUploadController(ChannelValidateService channelValidateService, FileStoreService fileStoreService,
                                   ObjectNameService objectNameService, PutObjectService putObjectService,
-                                  FileProcessor fileProcessor) {
+                                  FileProcessor fileProcessor, OssProperties ossProperties) {
         this.channelValidateService = channelValidateService;
         this.fileStoreService = fileStoreService;
         this.objectNameService = objectNameService;
         this.putObjectService = putObjectService;
         this.fileProcessor = fileProcessor;
+        this.ossProperties = ossProperties;
     }
 
     @PutMapping(value = "/**")
@@ -63,7 +66,7 @@ public class ObjectUploadController {
                         .body(WebResult.failWithMsg("no token in request"));
             }
 
-            OssPayload ossPayload = JwtUtil.getOssPayload(token);
+            OssPayload ossPayload = JwtUtil.getOssPayload(token, ossProperties.getSecretKey());
             String action = ossPayload.getAction();
             if (!"upload".equals(action)) {
                 return ResponseEntity.status(HttpStatus.FORBIDDEN)

oss-store/src/main/java/cn/reghao/oss/store/inerceptor/AccessLogInterceptor.java

@@ -2,6 +2,7 @@ package cn.reghao.oss.store.inerceptor;
 
 import cn.reghao.jutil.web.ServletUtil;
 import cn.reghao.oss.api.constant.UploadChannel;
+import cn.reghao.oss.store.config.OssProperties;
 import cn.reghao.oss.store.util.ObjectUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.lang.Nullable;
@@ -22,6 +23,12 @@ import java.util.List;
 @Slf4j
 @Component
 public class AccessLogInterceptor implements HandlerInterceptor {
+    private final String referFrom;
+
+    public AccessLogInterceptor(OssProperties ossProperties) {
+        this.referFrom = ossProperties.getReferer();
+    }
+
     @Override
     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
         String uri = request.getRequestURI();
@@ -41,7 +48,7 @@ public class AccessLogInterceptor implements HandlerInterceptor {
         String objectName = uri.replaceFirst("/", "");
         if (objectName.startsWith(UploadChannel.img.getPrefix())) {
             return true;
-        } else if (referer == null || !referer.contains("reghao.cn")) {
+        } else if (referer == null || !referer.contains(referFrom)) {
             log.error("request object {} from {} has been blocked", uri, referer);
             response.setStatus(403);
             return false;

oss-store/src/main/java/cn/reghao/oss/store/inerceptor/TokenFilter.java

@@ -1,5 +1,6 @@
 package cn.reghao.oss.store.inerceptor;
 
+import cn.reghao.oss.store.config.OssProperties;
 import cn.reghao.oss.store.util.JwtUtil;
 import cn.reghao.oss.store.util.UserContext;
 import cn.reghao.jutil.web.ServletUtil;
@@ -15,6 +16,12 @@ import java.io.IOException;
  */
 @Component
 public class TokenFilter implements Filter {
+    private final OssProperties ossProperties;
+
+    public TokenFilter(OssProperties ossProperties) {
+        this.ossProperties = ossProperties;
+    }
+
     @Override
     public void init(FilterConfig filterConfig) throws ServletException {
     }
@@ -25,7 +32,7 @@ public class TokenFilter implements Filter {
         long userId = -1L;
         String token = ServletUtil.getBearerToken(request);
         if (token != null) {
-            OssPayload ossPayload = JwtUtil.getOssPayload(token);
+            OssPayload ossPayload = JwtUtil.getOssPayload(token, ossProperties.getSecretKey());
             userId = ossPayload.getUserId();
         }
 

oss-store/src/main/java/cn/reghao/oss/store/rpc/ObjectServiceImpl.java

@@ -1,8 +1,8 @@
 package cn.reghao.oss.store.rpc;
 
 import cn.reghao.jutil.media.ImageOps;
-import cn.reghao.oss.api.constant.ObjectType;
 import cn.reghao.oss.api.dto.*;
+import cn.reghao.oss.store.config.OssProperties;
 import cn.reghao.oss.store.db.repository.ObjectRepository;
 import cn.reghao.oss.store.model.po.FileMeta;
 import cn.reghao.oss.store.service.ObjectNameService;
@@ -30,14 +30,14 @@ public class ObjectServiceImpl implements ObjectService {
     private final FileMetaMapper fileMetaMapper;
     private final ObjectNameService objectNameService;
     private final ObjectRepository objectRepository;
-    private final SignService signService;
+    private final String secretKey;
 
     public ObjectServiceImpl(FileMetaMapper fileMetaMapper, ObjectNameService objectNameService,
-                             ObjectRepository objectRepository, SignService signService) {
+                             ObjectRepository objectRepository, OssProperties ossProperties) {
         this.fileMetaMapper = fileMetaMapper;
         this.objectNameService = objectNameService;
         this.objectRepository = objectRepository;
-        this.signService = signService;
+        this.secretKey = ossProperties.getSecretKey();
     }
 
     @Override
@@ -73,7 +73,6 @@ public class ObjectServiceImpl implements ObjectService {
     private String getSignedUrl(String url, long loginUser) {
         String secretId = loginUser+"";
         long timestamp = System.currentTimeMillis() + 3600*1000;
-        String secretKey = "oss.reghao.cn";
 
         String action = ChannelAction.download.getName();
         OssPayload ossPayload = new OssPayload(action, UploadChannel.video.getCode(), loginUser);

oss-store/src/main/java/cn/reghao/oss/store/rpc/OssServerServiceImpl.java

@@ -17,22 +17,20 @@ import org.springframework.stereotype.Service;
 @DubboService
 @Service
 public class OssServerServiceImpl implements OssServerService {
-    private final String domain;
+    private final OssProperties ossProperties;
 
     public OssServerServiceImpl(OssProperties ossProperties) {
-        this.domain = ossProperties.getDomain();
+        this.ossProperties = ossProperties;
     }
 
     @Override
     public ServerInfo getServerInfo(long userId, int channelId) {
         String action = ChannelAction.upload.getName();
         long expireAt = System.currentTimeMillis() + 3600*1000;
-        // String signKey = RandomString.getSalt(64);
-        String signKey = domain;
         OssPayload ossPayload = new OssPayload(action, channelId, userId);
-        String token = JwtUtil.createToken(ossPayload, expireAt, signKey);
+        String token = JwtUtil.createToken(ossPayload, expireAt, ossProperties.getSecretKey());
 
-        String ossUrl = String.format("https://%s/", domain);
+        String ossUrl = String.format("https://%s/", ossProperties.getDomain());
         long maxSize = UploadChannel.getUploadChannel(channelId).getMaxSize();
         return new ServerInfo(ossUrl, channelId, maxSize, token);
     }

oss-store/src/main/java/cn/reghao/oss/store/rpc/SignService.java

@@ -1,5 +1,6 @@
 package cn.reghao.oss.store.rpc;
 
+import cn.reghao.oss.store.config.OssProperties;
 import cn.reghao.oss.store.util.JwtUtil;
 import cn.reghao.oss.store.util.SignatureUtil;
 import cn.reghao.oss.api.constant.ChannelAction;
@@ -16,10 +17,14 @@ import java.util.UUID;
  */
 @Service
 public class SignService {
+    private final String secretKey;
+
+    public SignService(OssProperties ossProperties) {
+        this.secretKey = ossProperties.getSecretKey();
+    }
+
     public String getSignedUrl(long loginUser, String url, int channelId, long expire) {
         long timestamp = System.currentTimeMillis() + expire*1000;
-        String secretKey = "oss.reghao.cn";
-
         String action = ChannelAction.access.getName();
         OssPayload ossPayload = new OssPayload(action, channelId, loginUser);
 

oss-store/src/main/java/cn/reghao/oss/store/util/JwtUtil.java

@@ -31,13 +31,4 @@ public class JwtUtil {
         String userIdStr = claims.getSubject();
         return new OssPayload(action, channelId, Long.parseLong(userIdStr));
     }
-
-    public static OssPayload getOssPayload(String token) {
-        String signKey = "oss.reghao.cn";
-        Claims claims = Jwts.parser().setSigningKey(signKey).parseClaimsJws(token).getBody();
-        String action = (String) claims.get("action");
-        int channelId = (Integer) claims.get("channelId");
-        String userIdStr = claims.getSubject();
-        return new OssPayload(action, channelId, Long.parseLong(userIdStr));
-    }
 }