/// <summary>
/// 生成直接post到oss的签名
/// </summary>
/// <param name="policy"></param>
/// <returns></returns>
public string ComputePostSignature(string policy)
{
string sign = ServiceSignature.Create().ComputeSignature(
_requestContext.OssCredential.AccessKeySecret, policy);
return(sign);
}
public void Sign(ServiceRequest request, ICredentials credentials)
{
var accessKeyId = credentials.AccessId;
var secretAccessKey = credentials.AccessKey;
var httpMethod = request.Method.ToString().ToUpperInvariant();
// Because the resource path to is different from the one in the request uri,
// can't use ServiceRequest.ResourcePath here.
var resourcePath = _resourcePath;
if (!string.IsNullOrEmpty(secretAccessKey))
{
var canonicalString = SignUtils.BuildCanonicalString(httpMethod, resourcePath, request);
var signature = ServiceSignature.Create().ComputeSignature(secretAccessKey, canonicalString);
request.Headers.Add(HttpHeaders.Authorization, "OSS " + accessKeyId + ":" + signature);
}
}
public void Sign(ServiceRequest request, ICredentials credentials)
{
var accessKeyId = credentials.AccessKeyId;
var accessKeySecret = credentials.AccessKeySecret;
var httpMethod = request.Method.ToString().ToUpperInvariant();
// Because the resource path to is different from the one in the request uri,
// can't use ServiceRequest.ResourcePath here.
var resourcePath = _resourcePath;
if (!string.IsNullOrEmpty(accessKeySecret))
{
var canonicalString = SignUtils.BuildCanonicalString(httpMethod, resourcePath, request);
var signature = ServiceSignature.Create().ComputeSignature(accessKeySecret, canonicalString);
// request could be retried and the Authorization header may exist already.
// Fix for #OSS-1579/11349300
request.Headers[HttpHeaders.Authorization] = "OSS " + accessKeyId + ":" + signature;
}
}
/// <summary>
/// 获取文件的下载链接
/// </summary>
/// <param name="bucket">bucket信息</param>
/// <param name="storeKey">文件存储key</param>
/// <param name="expireSeconds">签名超时时间秒数</param>
/// <param name="imgStyle">阿里云图片处理样式</param>
/// <returns></returns>
public string GetFileDownloadLink(BucketInfo bucket, string storeKey, int expireSeconds, string imgStyle = null)
{
long seconds = (DateTime.UtcNow.AddSeconds(expireSeconds).Ticks - 621355968000000000) / 10000000;
string toSign = String.Format("GET\n\n\n{0}\n/{1}/{2}", seconds, bucket.BucketName, storeKey);
if (!String.IsNullOrEmpty(imgStyle))
{
toSign += $"?x-oss-process=style/{imgStyle}";
}
string sign = ServiceSignature.Create().ComputeSignature(
_requestContext.OssCredential.AccessKeySecret, toSign);
string styleSegment = String.IsNullOrEmpty(imgStyle) ? String.Empty : $"x-oss-process=style/{imgStyle}&";
string url = $"{bucket.BucketUri}{storeKey}?{styleSegment}OSSAccessKeyId={_requestContext.OssCredential.AccessKeyId}&Expires={seconds}&Signature={WebUtility.UrlEncode(sign)}";
return(url);
}
internal static String SigInternal(String source, String accessKeyId, String accessKey)
{
ServiceSignature signAlthm = ServiceSignature.Create();
return(LogConsts.PREFIX_VALUE_HEADER_AUTH + accessKeyId + ":" + signAlthm.ComputeSignature(accessKey, source));
}
/// <inheritdoc/>
public Uri GeneratePresignedUri(GeneratePresignedUriRequest generatePresignedUriRequest)
{
ThrowIfNullRequest(generatePresignedUriRequest);
var creds = _credsProvider.GetCredentials();
var accessId = creds.AccessId;
var accessKey = creds.AccessKey;
var securityToken = creds.SecurityToken;
var useToken = creds.UseToken;
var bucketName = generatePresignedUriRequest.BucketName;
var key = generatePresignedUriRequest.Key;
const long ticksOf1970 = 621355968000000000;
var expires = ((generatePresignedUriRequest.Expiration.ToUniversalTime().Ticks - ticksOf1970) / 10000000L)
.ToString(CultureInfo.InvariantCulture);
var resourcePath = OssUtils.MakeResourcePath(key);
var request = new ServiceRequest();
var conf = OssUtils.GetClientConfiguration(_serviceClient);
request.Endpoint = OssUtils.MakeBucketEndpoint(_endpoint, bucketName, conf);
request.ResourcePath = resourcePath;
switch (generatePresignedUriRequest.Method)
{
case SignHttpMethod.Get:
request.Method = HttpMethod.Get;
break;
case SignHttpMethod.Put:
request.Method = HttpMethod.Put;
break;
default:
throw new ArgumentException("Unsupported http method.");
}
request.Headers.Add(HttpHeaders.Date, expires);
if (!string.IsNullOrEmpty(generatePresignedUriRequest.ContentType))
{
request.Headers.Add(HttpHeaders.ContentType, generatePresignedUriRequest.ContentType);
}
if (!string.IsNullOrEmpty(generatePresignedUriRequest.ContentMd5))
{
request.Headers.Add(HttpHeaders.ContentMd5, generatePresignedUriRequest.ContentMd5);
}
foreach (var pair in generatePresignedUriRequest.UserMetadata)
{
request.Headers.Add(OssHeaders.OssUserMetaPrefix + pair.Key, pair.Value);
}
if (generatePresignedUriRequest.ResponseHeaders != null)
{
generatePresignedUriRequest.ResponseHeaders.Populate(request.Parameters);
}
foreach (var param in generatePresignedUriRequest.QueryParams)
{
request.Parameters.Add(param.Key, param.Value);
}
if (useToken)
{
request.Parameters.Add(RequestParameters.SECURITY_TOKEN, securityToken);
}
var canonicalResource = "/" + (bucketName ?? "") + ((key != null ? "/" + key : ""));
var httpMethod = generatePresignedUriRequest.Method.ToString().ToUpperInvariant();
var canonicalString =
SignUtils.BuildCanonicalString(httpMethod, canonicalResource, request /*, expires*/);
var signature = ServiceSignature.Create().ComputeSignature(accessKey, canonicalString);
IDictionary <string, string> queryParams = new Dictionary <string, string>();
queryParams.Add(RequestParameters.EXPIRES, expires);
queryParams.Add(RequestParameters.OSS_ACCESS_KEY_ID, accessId);
queryParams.Add(RequestParameters.SIGNATURE, signature);
foreach (var param in request.Parameters)
{
queryParams.Add(param.Key, param.Value);
}
var queryString = HttpUtils.ConbineQueryString(queryParams);
var uriString = request.Endpoint.ToString();
if (!uriString.EndsWith("/"))
{
uriString += "/";
}
uriString += resourcePath + "?" + queryString;
return(new Uri(uriString));
}