tommy
/
cos-go-sdk-v5
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
226 Commits
1 Branch
15 Tags
719 KiB
Tree: f42ee9765b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f42ee9765b'
${ noResults }
cos-go-sdk-v5/example/sts/sts.go

145 lines
3.8 KiB
Raw Normal View History

first to commit project
6 years ago
update the sts example
5 years ago
first to commit project
6 years ago
update the sts example
5 years ago
first to commit project
6 years ago
update the sts example
5 years ago
first to commit project
6 years ago
update the sts example
5 years ago
first to commit project
6 years ago
update the sts example
5 years ago
add sts policy describe
5 years ago
update the sts example
5 years ago
first to commit project
6 years ago
update the sts example
5 years ago
first to commit project
6 years ago
update the sts example
5 years ago
first to commit project
6 years ago
add sts policy describe
5 years ago
first to commit project
6 years ago
add sts policy describe
5 years ago
first to commit project
6 years ago
update the sts example
5 years ago
first to commit project
6 years ago
  1. package main
  3. import (
  4. "context"
  5. "encoding/json"
  6. "fmt"
  7. "net/http"
  8. "net/url"
  9. "os"
  10. "strings"
  12. "github.com/QcloudApi/qcloud_sign_golang"
  13. "github.com/tencentyun/cos-go-sdk-v5"
  14. "github.com/tencentyun/cos-go-sdk-v5/debug"
  15. )
  17. // Use Qcloud api github.com/QcloudApi/qcloud_sign_golang
  18. // doc https://cloud.tencent.com/document/product/436/14048
  19. type Credent struct {
  20. SessionToken string `json:"sessionToken"`
  21. TmpSecretID string `json:"tmpSecretId"`
  22. TmpSecretKey string `json:"tmpSecretKey"`
  23. }
  25. type PolicyStatement struct {
  26. Action []string `json:"action,omitempty"`
  27. Effect string `json:"effect,omitempty"`
  28. Resource []string `json:"resource,omitempty"`
  29. Condition map[string]map[string]interface{} `json:"condition,omitempty"`
  30. }
  32. type CAMPolicy struct {
  33. Statement []PolicyStatement `json:"statement,omitempty"`
  34. Version string `json:"version,omitempty"`
  35. Principal map[string][]string `json:"principal,omitempty"`
  36. }
  38. // Data data in sts response body
  39. type Data struct {
  40. Credentials Credent `json:"credentials"`
  41. }
  43. // Response sts response body
  44. // In qcloud_sign_golang this response only return ak, sk and token
  45. type Response struct {
  46. Dat Data `json:"data"`
  47. }
  49. func main() {
  50. // 在环境变量中设置您的 SecretId 和 SecretKey
  51. secretID := os.Getenv("COS_SECRETID")
  52. secretKey := os.Getenv("COS_SECRETKEY")
  53. appid := "1259654469" //替换成您的APPID
  54. bucket := "test-1259654469" //替换成您的bucket,格式:<bucketname-APPID>
  56. // 配置
  57. config := map[string]interface{}{"secretId": secretID, "secretKey": secretKey, "debug": false}
  59. policy := &CAMPolicy{
  60. Statement: []PolicyStatement{
  61. PolicyStatement{
  62. Action: []string{
  63. "name/cos:PostObject",
  64. "name/cos:PutObject",
  65. },
  66. Effect: "allow",
  67. Resource: []string{
  68. //这里改成允许的路径前缀,可以根据自己网站的用户登录态判断允许上传的具体路径,例子: a.jpg 或者 a/* 或者 * (使用通配符*存在重大安全风险, 请谨慎评估使用)
  69. "qcs::cos:ap-guangzhou:uid/" + appid + ":" + bucket + "/exampleobject",
  70. },
  71. },
  72. },
  73. Version: "2.0",
  74. }
  75. bPolicy, err := json.Marshal(policy)
  76. if err != nil {
  77. fmt.Print("Error.", err)
  78. return
  79. }
  80. policyStr := string(bPolicy)
  81. // 请求参数
  82. params := map[string]interface{}{
  83. "Region": "gz",
  84. "Action": "GetFederationToken",
  85. "name": "test",
  86. "policy": policyStr,
  87. }
  88. // 发送请求
  89. retData, err := QcloudApi.SendRequest("sts", params, config)
  90. if err != nil {
  91. fmt.Print("Error.", err)
  92. return
  93. }
  94. r := &Response{}
  95. err = json.Unmarshal([]byte(retData), r)
  96. if err != nil {
  97. fmt.Println(err)
  98. return
  99. }
  100. //获取临时ak、sk、token
  101. tAk := r.Dat.Credentials.TmpSecretID
  102. tSk := r.Dat.Credentials.TmpSecretKey
  103. token := r.Dat.Credentials.SessionToken
  105. u, _ := url.Parse("https://" + bucket + ".cos.ap-guangzhou.myqcloud.com")
  106. b := &cos.BaseURL{BucketURL: u}
  107. c := cos.NewClient(b, &http.Client{
  108. Transport: &cos.AuthorizationTransport{
  109. SecretID: tAk,
  110. SecretKey: tSk,
  111. SessionToken: token,
  112. Transport: &debug.DebugRequestTransport{
  113. RequestHeader: true,
  114. RequestBody: true,
  115. ResponseHeader: true,
  116. ResponseBody: true,
  117. },
  118. },
  119. })
  121. name := "exampleobject"
  122. f := strings.NewReader("test")
  124. _, err = c.Object.Put(context.Background(), name, f, nil)
  125. if err != nil {
  126. panic(err)
  127. }
  129. name = "exampleobject"
  130. f = strings.NewReader("test xxx")
  131. opt := &cos.ObjectPutOptions{
  132. ObjectPutHeaderOptions: &cos.ObjectPutHeaderOptions{
  133. ContentType: "text/html",
  134. },
  135. ACLHeaderOptions: &cos.ACLHeaderOptions{
  136. //XCosACL: "public-read",
  137. XCosACL: "private",
  138. },
  139. }
  140. _, err = c.Object.Put(context.Background(), name, f, opt)
  141. if err != nil {
  142. panic(err)
  143. }
  145. }