diff --git a/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/config/AliyunOssConfig.java b/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/config/AliyunOssConfig.java index a0005c88..56387dc8 100644 --- a/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/config/AliyunOssConfig.java +++ b/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/config/AliyunOssConfig.java @@ -23,7 +23,7 @@ public class AliyunOssConfig { * AccessKeyId 【secretKey】eg:LTAI4GFov2QymkmPf9cXdH5z * AccessKeySecret 【secretKey】 eg:ap8nmIvD1TctcCLsADS4JbkOoXOluW * BucketName eg:yuebaoxiao - * Endpoint eg:oss-cn-shenzhen.aliyuncs.com + * Endpoint 对象存储服务的URL eg:oss-cn-shenzhen.aliyuncs.com * * ak 获取地址:https://ak-console.aliyun.com/#/accesskey * @@ -44,6 +44,16 @@ public class AliyunOssConfig { * 4: eg: https://image.jl-media.cn */ private String domain = null; + /** + * 过期时间,单位秒; + * 如:1小时就写:3600L + * 如:9小时就写:32400L + * 如:12小时就写:43200L, 【不支持】,最大是 32400(9小时), 最小 1(1秒钟) + * 如:-1: 就永不过期,原样返回url + * 签名URL的默认过期时间为3600秒,最大值为32400秒 + * 文档:对象存储 授权访问 https://help.aliyun.com/document_detail/32016.html?spm=a2c4g.11186623.6.996.335b6d13O5xgUH + */ + private Long expiryDuration = 32400L; public String getAccessKey() { return accessKey; @@ -84,4 +94,21 @@ public class AliyunOssConfig { public void setDomain(String domain) { this.domain = domain; } + + public Long getExpiryDuration() { + if (expiryDuration == null) { + // 默认一个小时, 3600秒 + expiryDuration = 3600L; + } + if (expiryDuration < 1L && expiryDuration != -1) { + // 最小1秒 + // 如果要永不过期,就不要调用 -1; 直接原样返回 + expiryDuration = 1L; + } + return expiryDuration; + } + + public void setExpiryDuration(Long expiryDuration) { + this.expiryDuration = expiryDuration; + } } diff --git a/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/config/MinioConfig.java b/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/config/MinioConfig.java index 7efa2b85..416e5233 100644 --- a/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/config/MinioConfig.java +++ b/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/config/MinioConfig.java @@ -8,6 +8,8 @@ import org.springframework.context.annotation.Configuration; import io.minio.MinioClient; import org.springframework.stereotype.Component; +import java.util.concurrent.TimeUnit; + /** * Minio 配置信息 * @@ -20,8 +22,14 @@ import org.springframework.stereotype.Component; @ConfigurationProperties(prefix = MinioConfig.PREFIX) public class MinioConfig { public static final String PREFIX = "minio"; + + @Bean + public MinioClient getMinioClient() { + return MinioClient.builder().endpoint(url).credentials(accessKey, secretKey).build(); + } + /** - * 服务地址url 或者叫做 endpoint + * 服务地址url 或者叫做 endpoint 或者叫做 对象存储服务的URL * eg: http://192.168.254.100:9900 */ private String url; @@ -50,6 +58,18 @@ public class MinioConfig { */ private String domain; + /** + * 过期时间 + * 文档:MinIO STS快速入门指南 http://docs.minio.org.cn/docs/master/minio-sts-quickstart-guide + * 文档:适用于与Amazon S3兼容的云存储的MinIO Java SDK: API文档: Presigned操作: presignedGetObject: http://docs.minio.org.cn/docs/master/java-client-quickstart-guide + * 默认7天,单位秒; + * 1小时:3600 = 60 * 60 * 1 + * 24小时(1天):86400 = 60 * 60 * 24 + * 7天:604800 = 86400 * 7 + * -1: 就永不过期,原样返回url + */ + private Integer expiryDuration = 86400; + public String getUrl() { return url; } @@ -90,8 +110,20 @@ public class MinioConfig { this.domain = domain; } - @Bean - public MinioClient getMinioClient() { - return MinioClient.builder().endpoint(url).credentials(accessKey, secretKey).build(); + public Integer getExpiryDuration() { + if (expiryDuration == null) { + // 默认一个小时, 3600秒 + expiryDuration = 86400; + } + if (expiryDuration < 1L && expiryDuration != -1) { + // 最小1秒 + // 如果要永不过期,就不要调用 -1; 直接原样返回 + expiryDuration = 1; + } + return expiryDuration; + } + + public void setExpiryDuration(Integer expiryDuration) { + this.expiryDuration = expiryDuration; } } diff --git a/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/controller/SysFileController.java b/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/controller/SysFileController.java index 7f8d25ae..31b44d72 100644 --- a/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/controller/SysFileController.java +++ b/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/controller/SysFileController.java @@ -80,6 +80,8 @@ public class SysFileController { * 兼容 AWS Security Token Service (STS) 的联合身份临时安全凭证 (federation token) ,更多详细信息请查阅 * aliyun oss 实例: http://react-yuebaoxiao-pro.oss-cn-shanghai.aliyuncs.com/dev/upload/default/20210719-23d31398-4849-408d-8775-a5b668ccafc3.jpeg?Expires=1626736182&OSSAccessKeyId=LTAI4GDQSbwgmbsRxxbDXnKT&Signature=P3w3%2FIpEnZEUhYku6scOos4p54A%3D * minio 示例: https://yq666.bj.gov.cn/appt-file/dev/default/2021/07/19/5fe1478b-969c-4b6e-9cc0-742412dc3128.jpeg?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=D99KGE6ZTQXSATTJWU24%2F20210719%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210719T112025Z&X-Amz-Expires=432000&X-Amz-SignedHeaders=host&X-Amz-Signature=e45171d0885f006ee1de43cec9d88963e2b55c6e671740ae5695410ba16770c5 + * --------------------------------------------------- + * 【说明】文件服务器,一般默认是不加延签参数就可以访问,要让验签看到效果,一般都需要在 对应文件服务器 bucket 上面做访问策略的配置 */ @ApiOperation(value = "临时安全凭证、获取加签的url", notes = "根据输入的url,获取带有临时安全凭证的url") @GetMapping("getPresignedUrl") diff --git a/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/service/AliyunOssDsfServiceImpl.java b/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/service/AliyunOssDsfServiceImpl.java index b5b1b8af..55a6cdb5 100644 --- a/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/service/AliyunOssDsfServiceImpl.java +++ b/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/service/AliyunOssDsfServiceImpl.java @@ -518,6 +518,9 @@ public class AliyunOssDsfServiceImpl implements IDfsService { @Override public String presignedUrl(String fileUrl) { + if (aliyunOssConfig.getExpiryDuration() == -1) { + return fileUrl; + } String objectKey = this.getStorePath(fileUrl); return this.getStsURL(objectKey); } @@ -539,14 +542,16 @@ public class AliyunOssDsfServiceImpl implements IDfsService { return objectName; } if (objectName.startsWith("/")) { - objectName = objectName.replaceFirst("/", ""); // 不能以/ 开头。例如 /dev/upload/123.jpg,需要转为 dev/upload/123.jpg + // 不能以/ 开头。例如 /dev/upload/123.jpg,需要转为 dev/upload/123.jpg + objectName = objectName.replaceFirst("/", ""); } } catch (MalformedURLException e) { // 忽略 } OSS ossClient = new OSSClientBuilder().build(aliyunOssConfig.getEndpoint(), aliyunOssConfig.getAccessKey(), aliyunOssConfig.getSecretKey()); - // 设置URL过期时间为12小时,最大值就是43200 - Date expiration = new Date(System.currentTimeMillis() + (43200 * 1000)); + // 设置URL过期时间为9小时,最大值就是 32400L + // 设置签名URL过期时间为3600秒(1小时)。 + Date expiration = new Date(System.currentTimeMillis() + (aliyunOssConfig.getExpiryDuration() * 1000)); // 生成以GET方法访问的签名URL,访客可以直接通过浏览器访问相关内容。 URL url = ossClient.generatePresignedUrl(aliyunOssConfig.getBucketName(), objectName, expiration); // 关闭OSSClient。 diff --git a/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/service/MinioDfsServiceImpl.java b/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/service/MinioDfsServiceImpl.java index 57fcc984..eae88920 100644 --- a/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/service/MinioDfsServiceImpl.java +++ b/ruoyi-modules/ruoyi-file/src/main/java/com/ruoyi/file/service/MinioDfsServiceImpl.java @@ -143,11 +143,15 @@ public class MinioDfsServiceImpl implements IDfsService */ @Override public String presignedUrl(String fileUrl) { + if (minioConfig.getExpiryDuration() == -1) { + return fileUrl; + } String objectName = this.getStorePath(fileUrl); GetPresignedObjectUrlArgs args = GetPresignedObjectUrlArgs.builder(). bucket(minioConfig.getBucketName()). method(Method.GET). - object(objectName).expiry(5, TimeUnit.DAYS).build(); + object(objectName). + expiry(minioConfig.getExpiryDuration(), TimeUnit.SECONDS).build(); String presignedObjectUrl = null; try {