Browse Source

Merge pull request #59 from agin719/sts

update the sts example
tags/v0.7.8
toranger 5 years ago
committed by GitHub
parent
commit
6e6011337e
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
  1. 61
      example/sts/sts.go

61
example/sts/sts.go

@ -4,12 +4,14 @@ import (
"context"
"encoding/json"
"fmt"
"github.com/QcloudApi/qcloud_sign_golang"
"github.com/tencentyun/cos-go-sdk-v5"
"github.com/tencentyun/cos-go-sdk-v5/debug"
"net/http"
"net/url"
"os"
"strings"
"github.com/QcloudApi/qcloud_sign_golang"
"github.com/tencentyun/cos-go-sdk-v5"
"github.com/tencentyun/cos-go-sdk-v5/debug"
)
// Use Qcloud api github.com/QcloudApi/qcloud_sign_golang
@ -20,6 +22,19 @@ type Credent struct {
TmpSecretKey string `json:"tmpSecretKey"`
}
type PolicyStatement struct {
Action []string `json:"action,omitempty"`
Effect string `json:"effect,omitempty"`
Resource []string `json:"resource,omitempty"`
Condition map[string]map[string]interface{} `json:"condition,omitempty"`
}
type CAMPolicy struct {
Statement []PolicyStatement `json:"statement,omitempty"`
Version string `json:"version,omitempty"`
Principal map[string][]string `json:"principal,omitempty"`
}
// Data data in sts response body
type Data struct {
Credentials Credent `json:"credentials"`
@ -32,16 +47,43 @@ type Response struct {
}
func main() {
// 替换实际的 SecretId 和 SecretKey
secretID := "ak"
secretKey := "sk"
// 在环境变量中设置您的 SecretId 和 SecretKey
secretID := os.Getenv("COS_SECRETID")
secretKey := os.Getenv("COS_SECRETKEY")
appid := "1259654469" //替换成您的APPID
bucket := "test-1259654469" //替换成您的bucket,格式:<bucketname-APPID>
// 配置
config := map[string]interface{}{"secretId": secretID, "secretKey": secretKey, "debug": false}
policy := &CAMPolicy{
Statement: []PolicyStatement{
PolicyStatement{
Action: []string{
"name/cos:PostObject",
"name/cos:PutObject",
},
Effect: "allow",
Resource: []string{
"qcs::cos:ap-guangzhou:uid/" + appid + ":" + bucket + "/*",
},
},
},
Version: "2.0",
}
bPolicy, err := json.Marshal(policy)
if err != nil {
fmt.Print("Error.", err)
return
}
policyStr := string(bPolicy)
// 请求参数
params := map[string]interface{}{"Region": "gz", "Action": "GetFederationToken", "name": "alantong", "policy": "{\"statement\": [{\"action\": [\"name/cos:GetObject\",\"name/cos:PutObject\"],\"effect\": \"allow\",\"resource\":[\"qcs::cos:ap-guangzhou:uid/1253960454:prefix//1253960454/alangz/*\"]}],\"version\": \"2.0\"}"}
params := map[string]interface{}{
"Region": "gz",
"Action": "GetFederationToken",
"name": "test",
"policy": policyStr,
}
// 发送请求
retData, err := QcloudApi.SendRequest("sts", params, config)
if err != nil {
@ -59,7 +101,7 @@ func main() {
tSk := r.Dat.Credentials.TmpSecretKey
token := r.Dat.Credentials.SessionToken
u, _ := url.Parse("https://alangz-1253960454.cos.ap-guangzhou.myqcloud.com")
u, _ := url.Parse("https://" + bucket + ".cos.ap-guangzhou.myqcloud.com")
b := &cos.BaseURL{BucketURL: u}
c := cos.NewClient(b, &http.Client{
Transport: &cos.AuthorizationTransport{
@ -98,4 +140,5 @@ func main() {
if err != nil {
panic(err)
}
}
Loading…
Cancel
Save