s3 public read

pkg/common/config/config.go

@@ -128,12 +128,14 @@ type configStruct struct {
 			SecretAccessKey string `yaml:"secretAccessKey"`
 			SessionToken    string `yaml:"sessionToken"`
 			SignEndpoint    string `yaml:"signEndpoint"`
+			PublicRead      bool   `yaml:"publicRead"`
 		} `yaml:"minio"`
 		Cos struct {
 			BucketURL    string `yaml:"bucketURL"`
 			SecretID     string `yaml:"secretID"`
 			SecretKey    string `yaml:"secretKey"`
 			SessionToken string `yaml:"sessionToken"`
+			PublicRead   bool   `yaml:"publicRead"`
 		} `yaml:"cos"`
 		Oss struct {
 			Endpoint        string `yaml:"endpoint"`
@@ -142,6 +144,7 @@ type configStruct struct {
 			AccessKeyID     string `yaml:"accessKeyID"`
 			AccessKeySecret string `yaml:"accessKeySecret"`
 			SessionToken    string `yaml:"sessionToken"`
+			PublicRead      bool   `yaml:"publicRead"`
 		} `yaml:"oss"`
 	} `yaml:"object"`
 

pkg/common/db/s3/cos/cos.go

@@ -316,3 +316,22 @@ func (c *Cos) AccessURL(ctx context.Context, name string, expire time.Duration,
 	}
 	return urlStr, nil
 }
+
+func (c *Cos) getPresignedURL(ctx context.Context, name string, expire time.Duration, opt *cos.PresignedURLOptions) (*url.URL, error) {
+	if !config.Config.Object.Cos.PublicRead {
+		return c.client.Object.GetPresignedURL(ctx, http.MethodGet, name, c.credential.SecretID, c.credential.SecretKey, expire, opt)
+	}
+	u := c.client.Object.GetObjectURL(name)
+	if opt.Query != nil && len(*opt.Query) > 0 {
+		query := u.Query()
+		if len(query) == 0 {
+			query = *opt.Query
+		} else {
+			for key := range *opt.Query {
+				query[key] = (*opt.Query)[key]
+			}
+		}
+		u.RawQuery = query.Encode()
+	}
+	return u, nil
+}

pkg/common/db/s3/cos/internal.go

@@ -0,0 +1,12 @@
+package cos
+
+import (
+	"context"
+	"github.com/tencentyun/cos-go-sdk-v5"
+	"net/http"
+	"net/url"
+	_ "unsafe"
+)
+
+//go:linkname newRequest github.com/tencentyun/cos-go-sdk-v5.(*Client).newRequest
+func newRequest(c *cos.Client, ctx context.Context, baseURL *url.URL, uri, method string, body interface{}, optQuery interface{}, optHeader interface{}) (req *http.Request, err error)

pkg/common/db/s3/cos/internal_test.go

@@ -0,0 +1,10 @@
+package cos
+
+import (
+	"testing"
+)
+
+func TestName(t *testing.T) {
+	newRequest(nil, nil, nil, "", "", nil, nil, nil)
+
+}

pkg/common/db/s3/minio/internal.go

@@ -0,0 +1,10 @@
+package minio
+
+import (
+	"github.com/minio/minio-go/v7"
+	"net/url"
+	_ "unsafe"
+)
+
+//go:linkname makeTargetURL github.com/minio/minio-go/v7.(*Client).makeTargetURL
+func makeTargetURL(client *minio.Client, bucketName, objectName, bucketLocation string, isVirtualHostStyle bool, queryValues url.Values) (*url.URL, error)

pkg/common/db/s3/minio/internal_test.go

@@ -0,0 +1,19 @@
+package minio
+
+import (
+	"testing"
+)
+
+func TestName(t *testing.T) {
+	//u, err := makeTargetURL(&minio.Client{}, "openim", "test.png", "", false, nil)
+	//if err != nil {
+	//	panic(err)
+	//}
+	//u.String()
+	//t.Log(percentEncodeSlash("1234"))
+	//
+	//t.Log(FastRand())
+	t.Log(makeTargetURL(nil, "", "", "", false, nil))
+	//t.Log(privateNew("", nil))
+
+}

pkg/common/db/s3/minio/minio.go

@@ -375,7 +375,15 @@ func (m *Minio) presignedGetObject(ctx context.Context, name string, expire time
 	} else if expire < time.Second {
 		expire = time.Second
 	}
-	rawURL, err := m.sign.PresignedGetObject(ctx, m.bucket, name, expire, query)
+	var (
+		rawURL *url.URL
+		err    error
+	)
+	if config.Config.Object.Minio.PublicRead {
+		rawURL, err = makeTargetURL(m.sign, m.bucket, name, m.location, false, query)
+	} else {
+		rawURL, err = m.sign.PresignedGetObject(ctx, m.bucket, name, expire, query)
+	}
 	if err != nil {
 		return "", err
 	}

pkg/common/db/s3/oss/oss.go

@@ -311,5 +311,13 @@ func (o *OSS) AccessURL(ctx context.Context, name string, expire time.Duration,
 	} else if expire < time.Second {
 		expire = time.Second
 	}
+	if !config.Config.Object.Oss.PublicRead {
+		return o.bucket.SignURL(name, http.MethodGet, int64(expire/time.Second), opts...)
+	}
+	//params, err := oss.GetRawParams(opts)
+	//if err != nil {
+	//	return "", err
+	//}
+
 	return o.bucket.SignURL(name, http.MethodGet, int64(expire/time.Second), opts...)
 }

pkg/common/db/s3/oss/sign.go

@@ -16,10 +16,14 @@ package oss
 
 import (
 	"net/http"
+	"net/url"
 	_ "unsafe"
 
 	"github.com/aliyun/aliyun-oss-go-sdk/oss"
 )
 
-//go:linkname ossSignHeader github.com/aliyun/aliyun-oss-go-sdk/oss.(*Conn).signHeader
+//go:linkname ossSignHeader github.com/aliyun/aliyun-oss-go-sdk/oss.Conn.signHeader
 func ossSignHeader(c *oss.Conn, req *http.Request, canonicalizedResource string)
+
+//go:linkname getURL github.com/aliyun/aliyun-oss-go-sdk/oss.urlMaker.getURL
+func getURL(ptr any, bucket, object, params string) *url.URL

pkg/common/db/s3/oss/sign_test.go

@@ -0,0 +1,27 @@
+package oss
+
+import (
+	"testing"
+)
+
+func TestName(t *testing.T) {
+	//ossSignHeader(nil, nil, "")
+	//t.Log("ossSignHeader")
+
+	//var c oss.Conn
+	//blc := reflect.ValueOf(&c).Elem().FieldByName("url") // *urlMaker
+	//
+	//urlPtr := reflect.New(blc.Type().Elem()).Addr() // *urlMaker
+	//
+	//vblc := reflect.New(reflect.PtrTo(blc.Type()))
+	//*(*unsafe.Pointer)(vblc.UnsafePointer()) = unsafe.Pointer(blc.UnsafeAddr())
+	//vblc.Elem().Elem().Interface().(interface{ Set(string, string) }).Set(conf.Bucket, m.location)
+	//
+	//
+	//
+	//
+	//fmt.Println(inter)
+
+	//getURL(nil, "", "", "")
+
+}