You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
96 lines
2.9 KiB
96 lines
2.9 KiB
2 years ago
|
package apiThird
|
||
|
|
||
|
import (
|
||
|
api "Open_IM/pkg/base_info"
|
||
|
"Open_IM/pkg/common/config"
|
||
|
"Open_IM/pkg/common/constant"
|
||
|
"Open_IM/pkg/common/log"
|
||
|
"Open_IM/pkg/common/token_verify"
|
||
|
"fmt"
|
||
|
openapi "github.com/alibabacloud-go/darabonba-openapi/client"
|
||
|
sts20150401 "github.com/alibabacloud-go/sts-20150401/client"
|
||
|
"github.com/alibabacloud-go/tea/tea"
|
||
|
"github.com/fatih/structs"
|
||
|
|
||
|
//"github.com/fatih/structs"
|
||
|
"github.com/gin-gonic/gin"
|
||
|
"net/http"
|
||
|
"time"
|
||
|
)
|
||
|
|
||
|
var stsClient *sts20150401.Client
|
||
|
|
||
|
/**
|
||
|
* 使用AK&SK初始化账号Client
|
||
|
* @param accessKeyId
|
||
|
* @param accessKeySecret
|
||
|
* @return Client
|
||
|
* @throws Exception
|
||
|
*/
|
||
|
func getStsClient() *sts20150401.Client {
|
||
|
if stsClient != nil {
|
||
|
return stsClient
|
||
|
}
|
||
|
conf := &openapi.Config{
|
||
|
// 您的AccessKey ID
|
||
|
AccessKeyId: tea.String(config.Config.Credential.Ali.AccessKeyID),
|
||
|
// 您的AccessKey Secret
|
||
|
AccessKeySecret: tea.String(config.Config.Credential.Ali.AccessKeySecret),
|
||
|
// Endpoint
|
||
|
Endpoint: tea.String(config.Config.Credential.Ali.StsEndpoint),
|
||
|
}
|
||
|
result, err := sts20150401.NewClient(conf)
|
||
|
if err != nil {
|
||
|
log.NewError("", "alists client初始化失败 ", err)
|
||
|
}
|
||
|
stsClient = result
|
||
|
return stsClient
|
||
|
}
|
||
|
|
||
|
func AliOSSCredential(c *gin.Context) {
|
||
|
req := api.OSSCredentialReq{}
|
||
|
if err := c.BindJSON(&req); err != nil {
|
||
|
log.NewError("0", "BindJSON failed ", err.Error())
|
||
|
c.JSON(http.StatusBadRequest, gin.H{"errCode": 400, "errMsg": err.Error()})
|
||
|
return
|
||
|
}
|
||
|
ok, userID := token_verify.GetUserIDFromToken(c.Request.Header.Get("token"), req.OperationID)
|
||
|
if !ok {
|
||
|
log.NewError(req.OperationID, "GetUserIDFromToken false ", c.Request.Header.Get("token"))
|
||
|
c.JSON(http.StatusInternalServerError, gin.H{"errCode": 500, "errMsg": "GetUserIDFromToken failed"})
|
||
|
return
|
||
|
}
|
||
|
log.NewInfo(req.OperationID, "AliOSSCredential args ", userID)
|
||
|
|
||
|
stsResp, err := getStsClient().AssumeRole(&sts20150401.AssumeRoleRequest{
|
||
|
DurationSeconds: tea.Int64(config.Config.Credential.Ali.StsDurationSeconds),
|
||
|
Policy: nil,
|
||
|
RoleArn: tea.String(config.Config.Credential.Ali.OssRoleArn),
|
||
|
RoleSessionName: tea.String(fmt.Sprintf("%s-%d", userID, time.Now().Unix())),
|
||
|
})
|
||
|
|
||
|
resp := api.OSSCredentialResp{}
|
||
|
if err != nil {
|
||
|
resp.ErrCode = constant.ErrTencentCredential.ErrCode
|
||
|
resp.ErrMsg = err.Error()
|
||
|
} else {
|
||
|
resp = api.OSSCredentialResp{
|
||
|
CommResp: api.CommResp{},
|
||
|
OssData: api.OSSCredentialRespData{
|
||
|
Endpoint: config.Config.Credential.Ali.OssEndpoint,
|
||
|
AccessKeyId: *stsResp.Body.Credentials.AccessKeyId,
|
||
|
AccessKeySecret: *stsResp.Body.Credentials.AccessKeySecret,
|
||
|
Token: *stsResp.Body.Credentials.SecurityToken,
|
||
|
Bucket: config.Config.Credential.Ali.Bucket,
|
||
|
FinalHost: config.Config.Credential.Ali.FinalHost,
|
||
|
},
|
||
|
Data: nil,
|
||
|
}
|
||
|
}
|
||
|
|
||
|
resp.Data = structs.Map(&resp.OssData)
|
||
|
log.NewInfo(req.OperationID, "AliOSSCredential return ", resp)
|
||
|
|
||
|
c.JSON(http.StatusOK, resp)
|
||
|
}
|