新增阿里云OSS文件上传参数获取接口 (#115)

* configure update * mongo:4.0 * open-im-server -> open_im_server * sleep 15 * 0.0.0.0 * sleep 10 15 * Update config.yaml * config * Update docker-compose.yaml * Update config.yaml * Create ISSUE_TEMPLATE.md * Update ISSUE_TEMPLATE.md * Create ISSUE_TEMPLATE * add issue template * add issue template * add issue template * add issue template * Update README.md * script * script * script * config * script * config update * script update * image: openim/open_im_server:v1.0.6 * script * script * script * version update * sender message sync * version update * 阿里云oss sts上传参数 * 阿里云oss sts上传参数 Co-authored-by: wenxu12345 <44203734@qq.com> Co-authored-by: skiffer-git <72860476+skiffer-git@users.noreply.github.com> Co-authored-by: Gordon <1432970085@qq.com> Co-authored-by: Gordon <46924906+FGadvancer@users.noreply.github.com>
2026-05-06 10:05:58 +08:00 · 2022-03-21 14:43:41 +08:00
parent e0c6972bed
commit 6c43f75f9f
12 changed files with 142 additions and 2 deletions
@@ -0,0 +1,72 @@
+package apiThird
+
+import (
+	"Open_IM/pkg/common/config"
+	"github.com/aliyun/alibaba-cloud-sdk-go/services/sts"
+	"github.com/gin-gonic/gin"
+	"net/http"
+)
+
+type paramsAliyunCloudStorageCredential struct {
+	Token       string `form:"token"`
+	OperationID string `form:"operationID"`
+}
+
+func AliyunCloudStorageCredential(c *gin.Context) {
+	params := paramsAliyunCloudStorageCredential{}
+	if err := c.BindQuery(&params); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"errCode": 400, "errMsg": "Parameter parsing error，please check the parameters and request service again"})
+		return
+	}
+
+	credential := config.Config.Credential.Aliyun
+	if credential.AccessKeyId == "" || credential.AccessKeySecret == "" || credential.Bucket == "" || credential.Region == "" || credential.RegionId == "" || credential.RoleArn == "" {
+		c.JSON(http.StatusBadRequest, gin.H{"errCode": 400, "errMsg": "Aliyun OSS config error"})
+		return
+	}
+	//构建一个阿里云客户端, 用于发起请求。
+	//构建阿里云客户端时，需要设置AccessKey ID和AccessKey Secret。
+	client, err := sts.NewClientWithAccessKey(credential.RegionId, credential.AccessKeyId, credential.AccessKeySecret)
+
+	//构建请求对象。
+	request := sts.CreateAssumeRoleRequest()
+	request.Scheme = "https"
+
+	type CredentialPolicyStatement struct {
+		Action    []string                          `json:"action,omitempty"`
+		Effect    string                            `json:"effect,omitempty"`
+		Resource  []string                          `json:"resource,omitempty"`
+		Condition map[string]map[string]interface{} `json:"condition,omitempty"`
+	}
+
+	type CredentialPolicy struct {
+		Version   string                      `json:"version,omitempty"`
+		Statement []CredentialPolicyStatement `json:"statement,omitempty"`
+	}
+
+	//设置参数。关于参数含义和设置方法，请参见《API参考》。
+	request.RoleArn = credential.RoleArn
+	request.RoleSessionName = params.OperationID
+	request.Policy = "{\n    \"Version\": \"1\",\n    \"Statement\": [\n        {\n            \"Effect\": \"Allow\",\n            \"Action\": [\n                \"oss:PutObject\"\n            ],\n            \"Resource\": \"acs:oss:*:*:*\"\n        }\n    ]\n}"
+	//request.DurationSeconds = "900"
+
+	//发起请求，并得到响应。
+	res, err := client.AssumeRole(request)
+	if err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"errCode": config.ErrTencentCredential.ErrCode,
+			"errMsg":  err.Error(),
+			"bucket":  "",
+			"region":  "",
+			"data":    res,
+		})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{
+		"errCode": 0,
+		"errMsg":  "",
+		"region":  config.Config.Credential.Aliyun.Region,
+		"bucket":  config.Config.Credential.Aliyun.Bucket,
+		"data":    res,
+	})
+}