獲取上傳簽名代碼
/**
* 獲取簽名
* @return
*/
public OssSignature getSignature(OSSClient ossClient,OssProperties ossProperties,String fileName) {
/**
* host的格式為 bucket .endpoint
*/
String host = "";
if (StringUtils.isBlank(ossProperties.getHost())){
host = "http://" + ossProperties.getBucketName() + "." + ossProperties.getEndpoint();
}else{
host = ossProperties.getHost();
}
String dir = ossProperties.getDir();
String str = "/";
if (!dir.contains(str)){
dir = dir + str;
}
OssSignature ossSignature = new OssSignature();
try {
long expireTime = 30;
if(StringUtils.isNotBlank(ossProperties.getExpire())){
expireTime = Long.parseLong(ossProperties.getExpire());
}
long expireEndTime = System.currentTimeMillis() + expireTime * 1000;
Date expiration = new Date(expireEndTime);
PolicyConditions policyConds = new PolicyConditions();
policyConds.addConditionItem(PolicyConditions.COND_CONTENT_LENGTH_RANGE, 0, 1048576000);
policyConds.addConditionItem(MatchMode.Exact, PolicyConditions.COND_KEY, fileName);
String postPolicy = ossClient.generatePostPolicy(expiration, policyConds);
byte[] binaryData = postPolicy.getBytes("utf-8");
String encodedPolicy = BinaryUtil.toBase64String(binaryData);
String postSignature = ossClient.calculatePostSignature(postPolicy);
ossSignature.setAccessKeyId(ossProperties.getAccessKeyId());
ossSignature.setPolicy(encodedPolicy);
ossSignature.setSignature(postSignature);
ossSignature.setDir(fileName);
ossSignature.setHost(host);
ossSignature.setExpire(String.valueOf(expireEndTime / 1000));
JSONObject jasonCallback = new JSONObject();
jasonCallback.put("callbackUrl", ossProperties.getCallback());
jasonCallback.put("callbackBody",
"filename=${object}&size=${size}&mimeType=${mimeType}&height=${imageInfo.height}&width=${imageInfo.width}");
jasonCallback.put("callbackBodyType", "application/x-www-form-urlencoded");
String base64CallbackBody = BinaryUtil.toBase64String(jasonCallback.toString().getBytes("utf-8"));
ossSignature.setCallback(base64CallbackBody);
} catch (Exception e) {
log.error("獲取簽名失敗:",e);
}
return ossSignature;
}
因為上傳回調需要外網訪問本機的地址,所以可以不用寫回調地址。前端判斷響應狀態碼為200,則為成功。具體前端如何做參考前端上傳代碼
/**
* 獲取public key
*
* @param url
* @return
*/
public String executeGet(String url) {
BufferedReader in = null;
String content = null;
try {
// 定義HttpClient
@SuppressWarnings("resource")
HttpClient client = HttpClientBuilder.create().build();
// 實例化HTTP方法
HttpGet request = new HttpGet();
request.setURI(new URI(url));
HttpResponse response = client.execute(request);
in = new BufferedReader(new InputStreamReader(response.getEntity().getContent()));
StringBuffer sb = new StringBuffer("");
String line = "";
String nL = System.getProperty("line.separator");
while ((line = in.readLine()) != null) {
sb.append(line + nL);
}
in.close();
content = sb.toString();
return content;
} catch (Exception e) {
log.error("獲取public key:",e);
return "";
} finally {
if (in != null) {
try {
in.close();// 最后要關閉BufferedReader
} catch (Exception e) {
log.error("關閉BufferedReader:",e);
}
}
}
}
/**
* 獲取Post消息體
*
* @param is
* @param contentLen
* @return
*/
public String getPostBody(InputStream is, int contentLen) {
if (contentLen > 0) {
int readLen = 0;
int readLengthThisTime = 0;
byte[] message = new byte[contentLen];
try {
while (readLen != contentLen) {
readLengthThisTime = is.read(message, readLen, contentLen - readLen);
/* Should not happen.*/
if (readLengthThisTime == -1) {
break;
}
readLen += readLengthThisTime;
}
return new String(message);
} catch (IOException e) {
log.error("獲取Post消息體失敗:",e);
}
}
return "";
}
/**
* 驗證上傳回調的Request
*
* @param request
* @param ossCallbackBody
* @return
* @throws NumberFormatException
* @throws IOException
*/
protected boolean verifyOSSCallbackRequest(HttpServletRequest request, String ossCallbackBody)
throws NumberFormatException, IOException {
boolean ret = false;
String autorizationInput = new String(request.getHeader("Authorization"));
if (StringUtils.isBlank(autorizationInput)){
return false;
}
String pubKeyInput = request.getHeader("x-oss-pub-key-url");
byte[] authorization = BinaryUtil.fromBase64String(autorizationInput);
byte[] pubKey = BinaryUtil.fromBase64String(pubKeyInput);
String pubKeyAddr = new String(pubKey);
String http = "http://gosspublic.alicdn.com/";
String https = "https://gosspublic.alicdn.com/";
if (!pubKeyAddr.startsWith(http)
&& !pubKeyAddr.startsWith(https)) {
System.out.println("pub key addr must be oss addrss");
return false;
}
String retString = executeGet(pubKeyAddr);
retString = retString.replace("-----BEGIN PUBLIC KEY-----", "");
retString = retString.replace("-----END PUBLIC KEY-----", "");
String queryString = request.getQueryString();
String uri = request.getRequestURI();
String decodeUri = java.net.URLDecoder.decode(uri, "UTF-8");
String authStr = decodeUri;
if (queryString != null && !"".equals(queryString)) {
authStr += "?" + queryString;
}
authStr += "\n" + ossCallbackBody;
ret = doCheck(authStr, authorization, retString);
return ret;
}
/**
* Post請求
*/
public void callback(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String ossCallbackBody = getPostBody(request.getInputStream(),
Integer.parseInt(request.getHeader("content-length")));
boolean ret = verifyOSSCallbackRequest(request, ossCallbackBody);
///System.out.println("verify result : " + ret);
if (ret) {
response(request, response, "{\"Status\":\"OK\"}", HttpServletResponse.SC_OK);
} else {
response(request, response, "{\"Status\":\"verdify not ok\"}", HttpServletResponse.SC_BAD_REQUEST);
}
}
/**
* 驗證RSA
*
* @param content
* @param sign
* @param publicKey
* @return
*/
public static boolean doCheck(String content, byte[] sign, String publicKey) {
try {
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
byte[] encodedKey = BinaryUtil.fromBase64String(publicKey);
PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
java.security.Signature signature = java.security.Signature.getInstance("MD5withRSA");
signature.initVerify(pubKey);
signature.update(content.getBytes());
boolean bverify = signature.verify(sign);
return bverify;
} catch (Exception e) {
e.printStackTrace();
}
return false;
}
/**
* 服務器響應結果
*
* @param request
* @param response
* @param results
* @param status
* @throws IOException
*/
private void response(HttpServletRequest request, HttpServletResponse response, String results, int status)
throws IOException {
String callbackFunName = request.getParameter("callback");
response.addHeader("Content-Length", String.valueOf(results.length()));
if (callbackFunName == null || "".equalsIgnoreCase(callbackFunName)){
response.getWriter().println(results);
}
else{
response.getWriter().println(callbackFunName + "( " + results + " )");
}
response.setStatus(status);
response.flushBuffer();
}
/**
* 服務器響應結果
*/
private void response(HttpServletRequest request, HttpServletResponse response, String results) throws IOException {
String callbackFunName = request.getParameter("callback");
if (callbackFunName == null || "".equalsIgnoreCase(callbackFunName)){
response.getWriter().println(results);
}
else{
response.getWriter().println(callbackFunName + "( " + results + " )");
}
response.setStatus(HttpServletResponse.SC_OK);
response.flushBuffer();
}
使用說明
@SpringBootApplication
@EnableAliyunOss
@EnableSwagger2Doc
@RestController
public class Application {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
@Autowired
private OssProperties aliyunOssProperties;
@Autowired
private OSSClient ossClient;
@ApiOperation("臨時授權")
@PostMapping("/getSignature")
public OssSignature<String> getSignature(@RequestParam("orgFileName") String orgFileName) {
String id = UuidUtils.createId();
String str = "/";
String dir = ossProperties.getDir();
if (!dir.contains(str)){
dir = dir+str;
}
String ext = orgFileName.substring(orgFileName.lastIndexOf("."));
String newFileName = dir + id + ext;
OssSignature<String> signature = new OssClientManager().getSignature(ossClient, ossProperties,newFileName);
signature.setData(dir);
return signature;
}
/**
* Post請求
*/
@GetMapping("/callback")
public void callback(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
new OssClientManager().callback(request,response);
}
}