SpringBoot整合亚马逊S3

一、参考项

AWS S3(官网): Amazon S3 - 亚马逊云科技对象存储_云存储服务-亚马逊云科技中国区域
AWS SDK for Java(官网):Setting up the AWS SDK for Java 2.x - AWS SDK for Java

 二、效果展示

三、引入Pom文件

<!-- https://mvnrepository.com/artifact/com.amazonaws/aws-java-sdk-s3 -->
<dependency>
  <groupId>com.amazonaws</groupId>
  <artifactId>aws-java-sdk-s3</artifactId>
  <version>1.11.803</version>
</dependency>
<dependency>
  <groupId>com.amazonaws</groupId>
  <artifactId>aws-java-sdk-sts</artifactId>
  <version>1.11.803</version>
</dependency>
<dependency>
  <groupId>com.amazonaws</groupId>
  <artifactId>aws-java-sdk-core</artifactId>
  <version>1.11.803</version>
</dependency>

二、定义抽象类

public abstract class BaseObjectStorage {

    /**
     * 上传文件
     *
     * @param pathAndName
     * @param file
     */
    public abstract void upload(String pathAndName, File file);

    /**
     * 授权
     *
     * @param pathAndName
     * @param time
     * @return
     */
    public abstract String authorize(String pathAndName, long time);

    /**
     * 授权(路径全)
     *
     * @param pathAndName
     * @param time
     * @return
     */
    public abstract String authorizeAllName(String pathAndName, long time);

    /**
     * 临时上传文件授权
     *
     * @param dir
     * @return
     */
    public abstract Map<String, Object> tokens(String dir);

    /**
     * 删除文件
     *
     * @param pathAndName
     */
    public abstract void deleteFile(String pathAndName);

}

三、AWS实现类

package cn.xhh.core.objectstorage;

import com.amazonaws.AmazonClientException;
import com.amazonaws.AmazonServiceException;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.client.builder.AwsClientBuilder.EndpointConfiguration;
import com.amazonaws.services.s3.AmazonS3;

import com.amazonaws.services.s3.AmazonS3ClientBuilder;
import com.amazonaws.services.s3.model.CannedAccessControlList;
import com.amazonaws.services.s3.model.PutObjectRequest;
import com.amazonaws.services.securitytoken.AWSSecurityTokenService;
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceAsyncClientBuilder;
import com.amazonaws.services.securitytoken.model.Credentials;
import com.amazonaws.services.securitytoken.model.GetFederationTokenRequest;
import com.amazonaws.services.securitytoken.model.GetFederationTokenResult;
import com.google.common.collect.Maps;
import lombok.Data;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;

import java.io.File;
import java.net.URL;
import java.util.Date;
import java.util.Map;

/**
 * s3cloud上传文件
 */
@Component
@Slf4j
public class S3ObjectStorage extends BaseObjectStorage {


    @Data
    @Component
    @ConfigurationProperties(prefix = "s3")
    public static class OssInfo {
        private String host;
        private String endpoint;
        private String accessKeyId;
        private String accessKeySecret;
        private String bucketName;
        private String rootDirectory;
        private String stsEndpoint;
        private String region;
    }

    @Autowired
    private OssInfo ossInfo;

    @Override
    public void upload(String pathAndName, File file) {
        AWSStaticCredentialsProvider credential = new AWSStaticCredentialsProvider(new BasicAWSCredentials(ossInfo.accessKeyId, ossInfo.accessKeySecret));
        EndpointConfiguration endpointConfiguration = new EndpointConfiguration(ossInfo.endpoint, null);
        AmazonS3 s3 = AmazonS3ClientBuilder.standard().withCredentials(credential).withEndpointConfiguration(endpointConfiguration).build();
        try {
            String bucketPath = ossInfo.bucketName + "/" + ossInfo.rootDirectory;
            s3.putObject(new PutObjectRequest(bucketPath, pathAndName, file)
                    .withCannedAcl(CannedAccessControlList.PublicRead));
            log.info("===s3===上传文件记录：成功");
        } catch (AmazonServiceException ase) {
            log.error("===s3===文件上传服务端异常:", ase);
        } catch (AmazonClientException ace) {
            log.error("===s3===文件上传客户端异常:", ace);
        } finally {
            s3.shutdown();
        }
    }

    @Override
    public String authorize(String pathAndName, long time) {
        AWSStaticCredentialsProvider credential = new AWSStaticCredentialsProvider(new BasicAWSCredentials(ossInfo.accessKeyId, ossInfo.accessKeySecret));
        EndpointConfiguration endpointConfiguration = new EndpointConfiguration(ossInfo.endpoint, null);
        AmazonS3 s3 = AmazonS3ClientBuilder.standard().withCredentials(credential).withEndpointConfiguration(endpointConfiguration).build();
        try {
            Date expiration = new Date(System.currentTimeMillis() + time);
            URL url = s3.generatePresignedUrl(ossInfo.bucketName, ossInfo.rootDirectory + "/" + pathAndName, expiration);
            String resultUrl = url.toString();
            log.info("===s3===文件上传客户端返回url：{}", resultUrl);
            resultUrl = resultUrl.substring(0, resultUrl.indexOf("?"));
            resultUrl = resultUrl.replaceAll(ossInfo.host, ossInfo.endpoint);
            log.info("===s3===文件上传客户端返回url：{}", resultUrl);
            return resultUrl;
        } finally {
            s3.shutdown();
        }
    }

    @Override
    public String authorizeAllName(String pathAndName, long time) {
        AWSStaticCredentialsProvider credential = new AWSStaticCredentialsProvider(new BasicAWSCredentials(ossInfo.accessKeyId, ossInfo.accessKeySecret));
        EndpointConfiguration endpointConfiguration = new EndpointConfiguration(ossInfo.endpoint, null);
        AmazonS3 s3 = AmazonS3ClientBuilder.standard().withCredentials(credential).withEndpointConfiguration(endpointConfiguration).build();
        try {
            Date expiration = new Date(System.currentTimeMillis() + time);
            URL url = s3.generatePresignedUrl(ossInfo.bucketName, pathAndName, expiration);
            String resultUrl = url.toString();
            resultUrl = resultUrl.replaceAll(ossInfo.host, ossInfo.endpoint);
            log.info("===s3==========authorizeAllName，S3文件上传客户端返回url：{}", resultUrl);
            return resultUrl;
        } finally {
            s3.shutdown();
        }
    }

    @Override
    public Map<String, Object> tokens(String dir) {
        Map<String, Object> result = null;
        AWSSecurityTokenService stsClient = null;
        try {
            result = Maps.newHashMap();
            AWSStaticCredentialsProvider credential = new AWSStaticCredentialsProvider(new BasicAWSCredentials(ossInfo.accessKeyId, ossInfo.accessKeySecret));
            EndpointConfiguration endpointConfiguration = new EndpointConfiguration(ossInfo.stsEndpoint, null);
            stsClient = AWSSecurityTokenServiceAsyncClientBuilder.standard().withCredentials(credential)
                    .withEndpointConfiguration(endpointConfiguration).build();
            GetFederationTokenRequest request = new GetFederationTokenRequest().withName("Bob")
                    .withPolicy("{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Sid1\",\"Effect\":\"Allow\",\"Action\":[\"s3:*\"],\"Resource\":[\"*\"]}]}")
                    .withDurationSeconds(3600);
            GetFederationTokenResult response = stsClient.getFederationToken(request);
            Credentials tempCredentials = response.getCredentials();

 /*
            // TODO 备份获取Token
            stsClient = AWSSecurityTokenServiceClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(new BasicAWSCredentials(ossInfo.accessKeyId, ossInfo.accessKeySecret))).withRegion(ossInfo.region).build();
            //获取sessionToken实体
            GetSessionTokenRequest getSessionTokenRequest = new GetSessionTokenRequest().withDurationSeconds(3000);
            //创建请求
            Credentials tempCredentials = stsClient.getSessionToken(getSessionTokenRequest).getCredentials();
*/

            result.put("storeType", "s3");
            result.put("accessKeyId", tempCredentials.getAccessKeyId());
            result.put("sessionToken", tempCredentials.getSessionToken());
            result.put("secretKey", tempCredentials.getSecretAccessKey());
            result.put("expire", tempCredentials.getExpiration());
            result.put("dir", dir);
            result.put("bucketName", ossInfo.bucketName);
            result.put("region", ossInfo.region);
            result.put("host", "https://" + ossInfo.endpoint + "/" + ossInfo.bucketName);
            log.info("===s3===上传文件记录：accessKeyId：{}，sessionToken：{}", tempCredentials.getAccessKeyId(), tempCredentials.getSessionToken());
        } catch (Exception e) {
            e.printStackTrace();
        } finally {
            if (null != stsClient) {
                stsClient.shutdown();
            }
        }
        return result;

    }

    @Override
    public void deleteFile(String pathAndName) {
        AWSStaticCredentialsProvider credential = new AWSStaticCredentialsProvider(new BasicAWSCredentials(ossInfo.accessKeyId, ossInfo.accessKeySecret));
        EndpointConfiguration endpointConfiguration = new EndpointConfiguration(ossInfo.endpoint, null);
        AmazonS3 s3 = AmazonS3ClientBuilder.standard().withCredentials(credential).withEndpointConfiguration(endpointConfiguration).build();
        try {
            s3.deleteObject(ossInfo.bucketName, ossInfo.bucketName + pathAndName);
        } finally {
            s3.shutdown();
        }
    }


}

四、application配置文件

objectstorage.type: s3
s3:
  endpoint: s3.us-east-1.amazonaws.com
  access-key-id: 您的公钥AKIAXZXXXX2GMAJVNUS
  access-key-secret: 您的秘钥CGNF3NQl4d0zvDuGEGuBsW9OS
  bucket-name: xhh-test-bucket
  root-directory: xhh/export
  region: us-east-1