2 سال پیش · fff9deecba
--- a/dfs-web/pom.xml
+++ b/dfs-web/pom.xml
@@ -46,6 +46,11 @@
 
				             <artifactId>dfs-api</artifactId>
			
 
				             <version>1.0.0-SNAPSHOT</version>
			
 
				         </dependency>
			
 
				+        <dependency>
			
 
				+            <groupId>cn.reghao.oss</groupId>
			
 
				+            <artifactId>oss-common</artifactId>
			
 
				+            <version>1.0.0-SNAPSHOT</version>
			
 
				+        </dependency>
			
 
				 
			
 
				         <dependency>
			
 
				             <groupId>org.projectlombok</groupId>
			
--- a/dfs-web/src/main/java/cn/reghao/dfs/web/controller/SignController.java
+++ b/dfs-web/src/main/java/cn/reghao/dfs/web/controller/SignController.java
@@ -2,6 +2,9 @@ package cn.reghao.dfs.web.controller;
 
				 
			
 
				 import cn.reghao.jutil.jdk.result.WebResult;
			
 
				 import cn.reghao.dfs.web.model.dto.Policy;
			
 
				+import cn.reghao.jutil.jdk.security.Base64Util;
			
 
				+import cn.reghao.jutil.jdk.serializer.JsonConverter;
			
 
				+import cn.reghao.oss.common.OssUtil;
			
 
				 import io.swagger.annotations.Api;
			
 
				 import io.swagger.annotations.ApiOperation;
			
 
				 import org.springframework.http.MediaType;
			
@@ -9,6 +12,7 @@ import org.springframework.web.bind.annotation.GetMapping;
 
				 import org.springframework.web.bind.annotation.RequestMapping;
			
 
				 import org.springframework.web.bind.annotation.RestController;
			
 
				 
			
 
				+import java.time.LocalDate;
			
 
				 import java.time.LocalDateTime;
			
 
				 import java.util.ArrayList;
			
 
				 import java.util.HashMap;
			
@@ -23,22 +27,44 @@ import java.util.Map;
 
				 @RestController
			
 
				 @RequestMapping("/ajax")
			
 
				 public class SignController {
			
 
				+    private String region;
			
 
				+    private String bucket;
			
 
				+    static String accessKeyId = "accesskey123456";
			
 
				+    static String secretAccessKey = "secretKey123456";
			
 
				+
			
 
				+    public SignController() {
			
 
				+        this.region = "chengdu";
			
 
				+        this.bucket = "tnb";
			
 
				+        this.accessKeyId = "AKIAIOSFODNN7EXAMPLE";
			
 
				+        this.secretAccessKey = "PLAKIFODNN7EXAMAIOSE";
			
 
				+    }
			
 
				+
			
 
				     @ApiOperation("获取存储桶的策略配置")
			
 
				     @GetMapping(value = "/policy", produces = MediaType.APPLICATION_JSON_VALUE)
			
 
				-    public String getBucketPolicy() {
			
 
				+    public String getBucketPolicy() throws Exception {
			
 
				+        String serviceName = "s3";
			
 
				+        String dateStr = LocalDate.now().toString().replace("-", "");
			
 
				+
			
 
				+        // x-amz-credential header 的值
			
 
				+        // 用于计算签名的凭据, 它提供访问密钥 ID 和范围信息, 标识签名对其有效的区域和服务
			
 
				+        // 字符串格式：<your-access-key-id>/<date>/<aws-region>/<aws-service>/aws4_request
			
 
				+        // 示例：AKIAIOSFODNN7EXAMPLE/20130728/us-east-1/s3/aws4_request
			
 
				+        String credential = accessKeyId + "/" + dateStr + "/" + region + "/" +  serviceName + "/aws4_request";
			
 
				+
			
 
				+        String dateTimeStr = LocalDate.now().toString().replace("-" ,"");
			
 
				         Policy policy = new Policy();
			
 
				         policy.setExpiration(LocalDateTime.now().toString());
			
 
				 
			
 
				         List<Object> conditions = new ArrayList<>();
			
 
				         Map<String, String> map = new HashMap<>();
			
 
				-        map.put("bucket", "chengdu");
			
 
				         map.put("acl", "public-read");
			
 
				-        map.put("success_action_redirect", "sigv4examplebucket");
			
 
				-        map.put("x-amz-meta-uuid", "sigv4examplebucket");
			
 
				-        map.put("x-amz-server-side-encryption", "sigv4examplebucket");
			
 
				-        map.put("x-amz-credential", "sigv4examplebucket");
			
 
				-        map.put("x-amz-algorithm", "sigv4examplebucket");
			
 
				-        map.put("x-amz-date", "sigv4examplebucket");
			
 
				+        map.put("bucket", bucket);
			
 
				+        map.put("success_action_redirect", "http://api.reghao.cn/file");
			
 
				+        /*map.put("x-amz-meta-uuid", "sigv4examplebucket");
			
 
				+        map.put("x-amz-server-side-encryption", "sigv4examplebucket");*/
			
 
				+        map.put("x-amz-credential", credential);
			
 
				+        map.put("x-amz-algorithm", "AWS4-HMAC-SHA256");
			
 
				+        map.put("x-amz-date", dateTimeStr);
			
 
				         conditions.add(map);
			
 
				 
			
 
				         List<String> list1 = new ArrayList<>();
			
@@ -46,8 +72,9 @@ public class SignController {
 
				         list1.add("$key");
			
 
				         list1.add("user/user1/");
			
 
				         conditions.add(list1);
			
 
				+        policy.setConditions(conditions);
			
 
				 
			
 
				-        List<String> list2 = new ArrayList<>();
			
 
				+        /*List<String> list2 = new ArrayList<>();
			
 
				         list2.add("starts-with");
			
 
				         list2.add("$Content-Type");
			
 
				         list2.add("image/");
			
@@ -57,7 +84,17 @@ public class SignController {
 
				         list3.add("starts-with");
			
 
				         list3.add("$x-amz-meta-tag");
			
 
				         list3.add("");
			
 
				-        conditions.add(list3);
			
 
				-        return WebResult.success(conditions);
			
 
				+        conditions.add(list3);*/
			
 
				+
			
 
				+        byte[] signingKey = OssUtil.getSigningKey(secretAccessKey, dateStr, region, serviceName);
			
 
				+
			
 
				+        String json = JsonConverter.objectToJson(policy);
			
 
				+        String policyBase64 = Base64Util.encode(json);
			
 
				+        byte[] signature = OssUtil.hmacSha256(signingKey, policyBase64);
			
 
				+        String signatureHex = OssUtil.bytesToHex(signature);
			
 
				+        Map<String, String> map1 = new HashMap<>();
			
 
				+        map1.put("signature", signatureHex);
			
 
				+        map1.put("policy", policyBase64);
			
 
				+        return WebResult.success(map1);
			
 
				     }
			
 
				 }