/// <summary> /// 生成直接post到oss的签名 /// </summary> /// <param name="policy"></param> /// <returns></returns> public string ComputePostSignature(string policy) { string sign = ServiceSignature.Create().ComputeSignature( _requestContext.OssCredential.AccessKeySecret, policy); return(sign); }
public void Sign(ServiceRequest request, ICredentials credentials) { var accessKeyId = credentials.AccessId; var secretAccessKey = credentials.AccessKey; var httpMethod = request.Method.ToString().ToUpperInvariant(); // Because the resource path to is different from the one in the request uri, // can't use ServiceRequest.ResourcePath here. var resourcePath = _resourcePath; if (!string.IsNullOrEmpty(secretAccessKey)) { var canonicalString = SignUtils.BuildCanonicalString(httpMethod, resourcePath, request); var signature = ServiceSignature.Create().ComputeSignature(secretAccessKey, canonicalString); request.Headers.Add(HttpHeaders.Authorization, "OSS " + accessKeyId + ":" + signature); } }
public void Sign(ServiceRequest request, ICredentials credentials) { var accessKeyId = credentials.AccessKeyId; var accessKeySecret = credentials.AccessKeySecret; var httpMethod = request.Method.ToString().ToUpperInvariant(); // Because the resource path to is different from the one in the request uri, // can't use ServiceRequest.ResourcePath here. var resourcePath = _resourcePath; if (!string.IsNullOrEmpty(accessKeySecret)) { var canonicalString = SignUtils.BuildCanonicalString(httpMethod, resourcePath, request); var signature = ServiceSignature.Create().ComputeSignature(accessKeySecret, canonicalString); // request could be retried and the Authorization header may exist already. // Fix for #OSS-1579/11349300 request.Headers[HttpHeaders.Authorization] = "OSS " + accessKeyId + ":" + signature; } }
/// <summary> /// 获取文件的下载链接 /// </summary> /// <param name="bucket">bucket信息</param> /// <param name="storeKey">文件存储key</param> /// <param name="expireSeconds">签名超时时间秒数</param> /// <param name="imgStyle">阿里云图片处理样式</param> /// <returns></returns> public string GetFileDownloadLink(BucketInfo bucket, string storeKey, int expireSeconds, string imgStyle = null) { long seconds = (DateTime.UtcNow.AddSeconds(expireSeconds).Ticks - 621355968000000000) / 10000000; string toSign = String.Format("GET\n\n\n{0}\n/{1}/{2}", seconds, bucket.BucketName, storeKey); if (!String.IsNullOrEmpty(imgStyle)) { toSign += $"?x-oss-process=style/{imgStyle}"; } string sign = ServiceSignature.Create().ComputeSignature( _requestContext.OssCredential.AccessKeySecret, toSign); string styleSegment = String.IsNullOrEmpty(imgStyle) ? String.Empty : $"x-oss-process=style/{imgStyle}&"; string url = $"{bucket.BucketUri}{storeKey}?{styleSegment}OSSAccessKeyId={_requestContext.OssCredential.AccessKeyId}&Expires={seconds}&Signature={WebUtility.UrlEncode(sign)}"; return(url); }
internal static String SigInternal(String source, String accessKeyId, String accessKey) { ServiceSignature signAlthm = ServiceSignature.Create(); return(LogConsts.PREFIX_VALUE_HEADER_AUTH + accessKeyId + ":" + signAlthm.ComputeSignature(accessKey, source)); }
/// <inheritdoc/> public Uri GeneratePresignedUri(GeneratePresignedUriRequest generatePresignedUriRequest) { ThrowIfNullRequest(generatePresignedUriRequest); var creds = _credsProvider.GetCredentials(); var accessId = creds.AccessId; var accessKey = creds.AccessKey; var securityToken = creds.SecurityToken; var useToken = creds.UseToken; var bucketName = generatePresignedUriRequest.BucketName; var key = generatePresignedUriRequest.Key; const long ticksOf1970 = 621355968000000000; var expires = ((generatePresignedUriRequest.Expiration.ToUniversalTime().Ticks - ticksOf1970) / 10000000L) .ToString(CultureInfo.InvariantCulture); var resourcePath = OssUtils.MakeResourcePath(key); var request = new ServiceRequest(); var conf = OssUtils.GetClientConfiguration(_serviceClient); request.Endpoint = OssUtils.MakeBucketEndpoint(_endpoint, bucketName, conf); request.ResourcePath = resourcePath; switch (generatePresignedUriRequest.Method) { case SignHttpMethod.Get: request.Method = HttpMethod.Get; break; case SignHttpMethod.Put: request.Method = HttpMethod.Put; break; default: throw new ArgumentException("Unsupported http method."); } request.Headers.Add(HttpHeaders.Date, expires); if (!string.IsNullOrEmpty(generatePresignedUriRequest.ContentType)) { request.Headers.Add(HttpHeaders.ContentType, generatePresignedUriRequest.ContentType); } if (!string.IsNullOrEmpty(generatePresignedUriRequest.ContentMd5)) { request.Headers.Add(HttpHeaders.ContentMd5, generatePresignedUriRequest.ContentMd5); } foreach (var pair in generatePresignedUriRequest.UserMetadata) { request.Headers.Add(OssHeaders.OssUserMetaPrefix + pair.Key, pair.Value); } if (generatePresignedUriRequest.ResponseHeaders != null) { generatePresignedUriRequest.ResponseHeaders.Populate(request.Parameters); } foreach (var param in generatePresignedUriRequest.QueryParams) { request.Parameters.Add(param.Key, param.Value); } if (useToken) { request.Parameters.Add(RequestParameters.SECURITY_TOKEN, securityToken); } var canonicalResource = "/" + (bucketName ?? "") + ((key != null ? "/" + key : "")); var httpMethod = generatePresignedUriRequest.Method.ToString().ToUpperInvariant(); var canonicalString = SignUtils.BuildCanonicalString(httpMethod, canonicalResource, request /*, expires*/); var signature = ServiceSignature.Create().ComputeSignature(accessKey, canonicalString); IDictionary <string, string> queryParams = new Dictionary <string, string>(); queryParams.Add(RequestParameters.EXPIRES, expires); queryParams.Add(RequestParameters.OSS_ACCESS_KEY_ID, accessId); queryParams.Add(RequestParameters.SIGNATURE, signature); foreach (var param in request.Parameters) { queryParams.Add(param.Key, param.Value); } var queryString = HttpUtils.ConbineQueryString(queryParams); var uriString = request.Endpoint.ToString(); if (!uriString.EndsWith("/")) { uriString += "/"; } uriString += resourcePath + "?" + queryString; return(new Uri(uriString)); }