阿里oss

最近两天没啥任务,把上个月调研的阿里oss的api封装了下,其中最重要的是文件上传,下面用阿里的一个图来表示下,好处自然是不言而喻,具体请看阿里oss官方文档

服务端签名直传并设置上传回调

  • 从流程上,少了一步转发。
  • 从架构上来说,原来的上传都统一走网站服务器,上传量过大时,瓶颈在网站服务器,可能需要扩容网站服务器。采用表单上传后,上传都是直接从客户端发送到OSS。上传量过大时,压力都在OSS上,由OSS来保障服务质量。

附上阿里云相关产品优惠券:https://promotion.aliyun.com/ntms/act/ambassador/sharetouser.html?userCode=fvr7huoa&utm_source=fvr7huoa

话不多说直接上干货:
controller:

/**
 * 得到秘钥 (管理员目录flag=1,用户目录flag=2)
 * @param flag
 * @param request
 * @param response
 * @throws Exception
 */
@RequestMapping(value = "/ossgetKey")
@SystemControllerLog(description = "得到oss秘钥")
public void getKey(int flag,HttpServletRequest request, HttpServletResponse response) throws Exception {
    aliUtil.getKey(flag,request,response);
}

/**
 * oss回调此方法,然后回应客户端
 * @param request
 * @param response
 * @throws Exception
 */
@RequestMapping(value = "/osscallBack")
@SystemControllerLog(description = "oss回调")
public void callBack(HttpServletRequest request, HttpServletResponse response) throws Exception {
    String c_length=request.getHeader("content-length");
    int c_i=Integer.parseInt(c_length);
    //解析阿里回调服务器的接口数据
    String ossCallbackBody = aliUtil.GetPostBody(request.getInputStream(), c_i);
    //验证是否是阿里发起的回调
    boolean ret = aliUtil.VerifyOSSCallbackRequest(request, ossCallbackBody);
    if (ret)
    {
        //保存oss返回来的文件信息
        //ossCallbackBody={"bucket":"k12b","object":"userdir/mmm.jpg","mimeType":"image/png","size":75540}
        int size=0;
        String bucket="",object="",mimeType="",uuid="";
        JSONObject jsonObject = JsonUtil.getJSONObject(ossCallbackBody);
        try {
            bucket = jsonObject.getString("bucket");     // k12b
            object = jsonObject.getString("object");     // userdir/mmm.jpg
            mimeType = jsonObject.getString("mimeType"); // image/png
            size = jsonObject.getInt("size");            // 75540
        } catch (JSONException e) {
            e.printStackTrace();
        }
        //保存文件信息到数据库
        Files files = new Files();
        //创建时间
        files.setCreateTime(new Date());
        //文件大小
        files.setResSize(size);
        //获取纯文件名
        files.setName(object);
        //获取文件后缀
        files.setSuffix(mimeType);
        //生成随机文件名
        files.setUuid(uuid);
        //生成路径
        files.setPath("");
        this.filesService.insertSelective(files);

        //返回给OSS
        aliUtil.response(request, response, "{\"Status\":\"OK\"}", HttpServletResponse.SC_OK);
    }
    else
    {
        aliUtil.response(request, response, "{\"Status\":\"verdify not ok\"}", HttpServletResponse.SC_BAD_REQUEST);
    }
}

/**
 * 下载阿里文件
 * @param key (形如 "admin/2016-05-03/40e07ea8-0cf2-436c-a3c6-bfd55aedf65c.mp4" )
 * @param request
 * @param response
 * @throws Exception
 */
@RequestMapping(value = "/ossdownload")
@SystemControllerLog(description = "下载oss文件")
public void download(String key,HttpServletRequest request, HttpServletResponse response) throws Exception {
    aliUtil.download(key,request,response);
}
/**
 * 在线播放阿里文件
 * @param key (形如 "admin/2016-05-03/40e07ea8-0cf2-436c-a3c6-bfd55aedf65c.mp4" )
 * @param request
 * @param response
 * @throws Exception
 */
@RequestMapping(value = "/ossplayOnline")
@SystemControllerLog(description = "在线播放oss文件")
public void playOnline(String key,HttpServletRequest request, HttpServletResponse response) throws Exception {
    aliUtil.playOnline(key,request,response);
}

/**
 * 批量删除阿里文件
 * @param keys
 * @param request
 * @return
 * @throws Exception
 */
@RequestMapping(value = "/del", method = RequestMethod.DELETE)
public JsonResult deleteBooks(@RequestParam(name = "keys") List<String> keys, HttpServletRequest request) throws Exception{
    aliUtil.del(keys);
    return new JsonResult(true, ("delete success"));
}

aliUtil:

public class aliUtil {
private static final String endpoint = ""; 
private static final String accessId = "";
private static final String accessKey = "";
private static final String bucket = ""; 
private static final String host = "http://" + bucket + "." + endpoint;
private static final String callbackUrl = "";  //回调接口

/**
 * 初始化 OSSClient
 * @return
 */
private static OSSClient init(){
    return new OSSClient(endpoint, accessId, accessKey);
}
/**
 * 得到秘钥用于文件上传
 * @param flag (管理员目录flag=1,用户目录flag=2)
 * @param request
 * @param response
 * @throws Exception
 */
public static void getKey(int flag,HttpServletRequest request, HttpServletResponse response) throws Exception{
    String dir = "";    //上传目录;管理员资源目录为admin,用户目录为user
    OSSClient client = init();
    try {
        long expireTime = 30*100;//过期时间3000秒,部署项目后需要设为30秒
        long expireEndTime = System.currentTimeMillis() + expireTime * 1000;
        java.sql.Date expiration = new java.sql.Date(expireEndTime);
        PolicyConditions policyConds = new PolicyConditions();
        policyConds.addConditionItem(PolicyConditions.COND_CONTENT_LENGTH_RANGE, 0, 1048576000);//最大文件1G
        policyConds.addConditionItem(MatchMode.StartWith, PolicyConditions.COND_KEY, dir);

        String postPolicy = client.generatePostPolicy(expiration, policyConds);
        byte[] binaryData = postPolicy.getBytes("utf-8");
        String encodedPolicy = BinaryUtil.toBase64String(binaryData);
        String postSignature = client.calculatePostSignature(postPolicy);

        //生成随机文件名
        String uuid = UUID.randomUUID().toString();

        //生成回调
        String callbackBody = "";
        String callbackBodyType = "application/json";
        String callback_param="{" +
                "                \"callbackUrl\":\""+callbackUrl+"\"," +
                "                    \"callbackBody\":\"{\\\"bucket\\\":${bucket},\\\"object\\\":${object},\\\"mimeType\\\":${mimeType},\\\"size\\\":${size}}\"," +
                "                    \"callbackBodyType\":\""+callbackBodyType+"\"" +
                "            }";
        byte[] binaryDatas = callback_param.getBytes("utf-8");

        byte[] encodeBase64 = org.apache.commons.codec.binary.Base64.encodeBase64(binaryDatas);
        String callback=new String(encodeBase64);


        String strDate=new SimpleDateFormat("yyyy-MM-dd").format(new Date());
        if(flag==1){
            dir="admin/"+strDate;
        }else{
            dir="user/"+strDate;
        }
        Map<String, String> respMap = new LinkedHashMap<String, String>();
        respMap.put("accessid", accessId);
        respMap.put("policy", encodedPolicy);
        respMap.put("signature", postSignature);
        respMap.put("dir", dir);
        respMap.put("host", host);
        respMap.put("expire", String.valueOf(expireEndTime));
        respMap.put("filename", uuid);
        respMap.put("callback", callback);
        net.sf.json.JSONObject ja1 = net.sf.json.JSONObject.fromObject(respMap);
        System.out.println(ja1.toString());
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods", "GET, POST");
        response(request, response, ja1.toString());

    } catch (Exception e) {
        e.getMessage();
        throw new RuntimeException("秘钥生成失败!");
    }finally {
        client.shutdown();
    }
}

/**
 * 私有工具方法
 * @param request
 * @param response
 * @param results
 * @throws IOException
 */
private static void response(HttpServletRequest request, HttpServletResponse response, String results) throws IOException {
    String callbackFunName = request.getParameter("callback");
    if (callbackFunName==null || callbackFunName.equalsIgnoreCase(""))
        response.getWriter().println(results);
    else{
        response.getWriter().println(results);
        response.getWriter().println(callbackFunName + "( "+results+" )");
    }

    response.setStatus(HttpServletResponse.SC_OK);
    response.flushBuffer();
}

/**
 * 发送get请求
 * @param url
 * @return
 */
@SuppressWarnings({ "finally" })
public static String executeGet(String url) {
    BufferedReader in = null;

    String content = null;
    try {
        // 定义HttpClient
        @SuppressWarnings("resource")
        DefaultHttpClient client = new DefaultHttpClient();
        // 实例化HTTP方法
        HttpGet request = new HttpGet();
        request.setURI(new URI(url));
        HttpResponse response = client.execute(request);

        in = new BufferedReader(new InputStreamReader(response.getEntity().getContent()));
        StringBuffer sb = new StringBuffer("");
        String line = "";
        String NL = System.getProperty("line.separator");
        while ((line = in.readLine()) != null) {
            sb.append(line + NL);
        }
        in.close();
        content = sb.toString();
    } catch (Exception e) {
    } finally {
        if (in != null) {
            try {
                in.close();// 最后要关闭BufferedReader
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        return content;
    }
}

/**
 * 验证回调是否是阿里发送的
 * @param request
 * @param ossCallbackBody
 * @return
 * @throws NumberFormatException
 * @throws IOException
 */
public static boolean VerifyOSSCallbackRequest(HttpServletRequest request, String ossCallbackBody) throws NumberFormatException, IOException
{
    boolean ret = false;
    String autorizationInput = new String(request.getHeader("Authorization"));
    String pubKeyInput = request.getHeader("x-oss-pub-key-url");
    byte[] authorization = BinaryUtil.fromBase64String(autorizationInput);
    byte[] pubKey = BinaryUtil.fromBase64String(pubKeyInput);
    String pubKeyAddr = new String(pubKey);
    if (!pubKeyAddr.startsWith("http://gosspublic.alicdn.com/") && !pubKeyAddr.startsWith("https://gosspublic.alicdn.com/"))
    {
        System.out.println("pub key addr must be oss addrss");
        return false;
    }
    String retString = executeGet(pubKeyAddr);
    retString = retString.replace("-----BEGIN PUBLIC KEY-----", "");
    retString = retString.replace("-----END PUBLIC KEY-----", "");
    String queryString = request.getQueryString();
    String uri = request.getRequestURI();
    String decodeUri = java.net.URLDecoder.decode(uri, "UTF-8");
    String authStr = decodeUri;
    if (queryString != null && !queryString.equals("")) {
        authStr += "?" + queryString;
    }
    authStr += "\n" + ossCallbackBody;
    ret = doCheck(authStr, authorization, retString);
    return ret;
}

/**
 * 解析阿里回调服务器的接口数据
 * @param is
 * @param contentLen
 * @return
 */
public static String GetPostBody(InputStream is, int contentLen) {
    if (contentLen > 0) {
        int readLen = 0;
        int readLengthThisTime = 0;
        byte[] message = new byte[contentLen];
        try {
            while (readLen != contentLen) {
                readLengthThisTime = is.read(message, readLen, contentLen - readLen);
                if (readLengthThisTime == -1) {// Should not happen.
                    break;
                }
                readLen += readLengthThisTime;
            }
            return new String(message);
        } catch (IOException e) {
            e.printStackTrace();
            throw new RuntimeException("解析阿里数据出错!");
        }
    }
    return "";
}


public static boolean doCheck(String content, byte[] sign, String publicKey) {
    try {
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        byte[] encodedKey = BinaryUtil.fromBase64String(publicKey);
        PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
        java.security.Signature signature = java.security.Signature.getInstance("MD5withRSA");
        signature.initVerify(pubKey);
        signature.update(content.getBytes());
        boolean bverify = signature.verify(sign);
        return bverify;

    } catch (Exception e) {
        e.printStackTrace();
    }

    return false;
}

public static void response(HttpServletRequest request, HttpServletResponse response, String results, int status) throws IOException {
    String callbackFunName = request.getParameter("callback");
    response.addHeader("Content-Length", String.valueOf(results.length()));
    if (callbackFunName == null || callbackFunName.equalsIgnoreCase(""))
        response.getWriter().println(results);
    else
        response.getWriter().println(callbackFunName + "( " + results + " )");
    response.setStatus(status);
    response.flushBuffer();
}

/**
 * 根据key下载文件
 * @param key
 * @param request
 * @param response
 * @return
 */
public static HttpServletResponse download(String key, HttpServletRequest request, HttpServletResponse response) {
    //初始化OSSClient
    OSSClient client = init();
    // 获取Object,返回结果为OSSObject对象
    OSSObject object = client.getObject(bucket, key);

    // 获取Object Metadata
    ObjectMetadata metadata = object.getObjectMetadata();

     // 获取Object的输入流
    InputStream fis = object.getObjectContent();

    // 取得文件名。
    String fileName = key;

    try {
        if (request.getHeader("User-Agent").toLowerCase().indexOf("firefox") > 0){
            fileName = new String(fileName.getBytes("UTF-8"), "ISO8859-1");//firefox浏览器
        }else {
            if (request.getHeader("User-Agent").toUpperCase().indexOf("MSIE") > 0){
                fileName = URLEncoder.encode(fileName, "UTF-8");//IE浏览器
            }
        }
        response.setContentType("text/plain");
        response.setHeader("Location",fileName);
        response.reset();
        response.setHeader("Cache-Control", "max-age=0" );
        response.setHeader("Content-Disposition", "attachment; filename=" + fileName);
        BufferedInputStream bis = null;
        BufferedOutputStream bos = null;
        OutputStream fos = null;
        bis = new BufferedInputStream(fis);
        fos = response.getOutputStream();
        bos = new BufferedOutputStream(fos);
        int bytesRead = 0;
        byte[] buffer = new byte[5 * 1024];
        while ((bytesRead = bis.read(buffer)) != -1) {
            bos.write(buffer, 0, bytesRead);// 将文件发送到客户端
        }
        bos.close();
        bis.close();
        fos.close();
        fis.close();
    } catch (IOException e) {
        e.printStackTrace();
    }finally {
        client.shutdown();
    }
    return response;
}
/**
 * 根据key在线播放资源
 * @param key
 * @param request
 * @param response
 * @return
 */
public static HttpServletResponse playOnline(String key, HttpServletRequest request, HttpServletResponse response) {
    //初始化 OSSClient
    OSSClient client = init();
    // 获取Object,返回结果为OSSObject对象
    OSSObject object = client.getObject(bucket, key);
    // 获取Object的输入流
    InputStream fis = object.getObjectContent();
    try {
        BufferedInputStream bis = null;
        BufferedOutputStream bos = null;
        OutputStream fos = null;
        bis = new BufferedInputStream(fis);
        fos = response.getOutputStream();
        bos = new BufferedOutputStream(fos);
        int bytesRead = 0;
        byte[] buffer = new byte[5 * 1024];
        while ((bytesRead = bis.read(buffer)) != -1) {
            bos.write(buffer, 0, bytesRead);// 将文件发送到客户端
        }
        bos.close();
        bis.close();
        fos.close();
        fis.close();
    } catch (IOException e) {
        e.printStackTrace();
    }finally {
        client.shutdown();
    }
    return response;
}

/**
 * 批量删除文件
 *
 * @param keys
 */
public static void del(List<String> keys) throws Exception {
    //初始化 OSSClient
    OSSClient client = init();
    try {
        System.out.println("\nDeleting all objects:");
        DeleteObjectsResult deleteObjectsResult = client.deleteObjects(
                new DeleteObjectsRequest(bucket).withKeys(keys));
        List<String> deletedObjects = deleteObjectsResult.getDeletedObjects();
        for (String object : deletedObjects) {
            System.out.println("\t" + object);
        }
        System.out.println();

    } catch (OSSException oe) {
        throw new RuntimeException("Caught an OSSException, which means your request made it to OSS, "
                + "but was rejected with an error response for some reason." + "**Error Message: " + oe.getErrorCode() + "**Error Code:" + oe.getErrorCode() + "**Request ID:" + oe.getRequestId() + "**Host ID:" + oe.getHostId());
    } catch (ClientException ce) {
        throw new RuntimeException("Caught an ClientException, which means the client encountered "
                + "a serious internal problem while trying to communicate with OSS, "
                + "such as not being able to access the network. " + "**Error Message: " + ce.getMessage());
    } finally {
        client.shutdown();
    }
}
©️2020 CSDN 皮肤主题: 精致技术 设计师:CSDN官方博客 返回首页