1、先讲下初心,要实现需求客户端上传图片或者视频到阿里云OSS,使用STS认证方式(类似于客户端向服务端要认证签名),在做OSS的STS认证时发现关于php实现这块的技术播客写的普遍笼统,于是决定写一遍相对完整的
2、看博客之前还请大家先看下这个官方文档https://help.aliyun.com/document_detail/31920.html ,看步骤一和步骤二就可以了,步骤一的操作要完成
3、如何使用(这是在thinkphp5.0框架下的使用方法),下图红框中的扩展包是你在官方文档步骤二里面下载的php扩展包
4、如何在thinkphp5.0框架中使用我贴一下代码(其他php框架使用框架本身自带的公共方法引入对应的扩展包即可,或者写绝对路径引入,楼主这里使用的是绝对路径,所以在new 类的时候用了\)
这里楼主写的一个简单的service类,
<?php
namespace app\services;
class StsService
{
protected $url = 'https://sts.aliyuncs.com';
protected $accessKeySecret;
protected $accessKeyId;
protected $roleArn;//指定角色的 ARN ,角色策略权限
protected $roleSessionName = 'client';//用户自定义参数。此参数用来区分不同的 token,可用于用户级别的访问审计。格式:^[a-zA-Z0-9\.@\-_]+$
protected $durationSeconds = '900';//指定的过期时间
public function __construct()
{
$this->accessKeySecret = config('oss_sts_accessKeySecret');
$this->accessKeyId = config('oss_sts_accessKeyId');
$this->roleArn = config('oss_sts_roleArn');
}
public function getStsOuah()
{
require_once VENDOR_PATH.'aliyuncs/sts-server/aliyun-php-sdk-core/Config.php';
$iClientProfile = \DefaultProfile::getProfile("cn-hangzhou", $this->accessKeyId, $this->accessKeySecret);
$client = new \DefaultAcsClient($iClientProfile);
$request = new \Sts\Request\V20150401\AssumeRoleRequest();
$request->setRoleSessionName("client_name");
$request->setRoleArn($this->roleArn);
// $request->setPolicy(VENDOR_PATH.'aliyuncs/sts-server/policy/bucket_write_policy.txt');
$request->setDurationSeconds($this->durationSeconds);
$response = $client->doAction($request);
$rows = array();
$body = $response->getBody();
$content = json_decode($body);
if ($response->getStatus() == 200){
$rows['statusCode'] = 200;
$rows['accessKeyId'] = $content->Credentials->AccessKeyId;
$rows['accessKeySecret'] = $content->Credentials->AccessKeySecret;
$rows['expiration'] = $content->Credentials->Expiration;
$rows['securityToken'] = $content->Credentials->SecurityToken;
}else{
$rows['statusCode'] = 500;
$rows['errorCode'] = $content->Code;
$rows['errorMessage'] = $content->Message;
}
return $rows;
}
}
调用的话,这里的result就是你想要的客户端使用的一些数据了
$result = (new StsService())->getStsOuah();
这里的result(这里转过json了)就是你想要的客户端上传视频、图片到oss的一些数据了(token之类的)
{
"statusCode": 200,
"accessKeyId": "asdqgpoXWpvKyvTHtUsNWkA",
"accessKeySecret": "FDEZhn4WR3sFssrtF6UvxxcQ8h1qAQ8dVnsBXMDq53wfDRN",
"expiration": "2020-05-26T10:13:50Z",
"securityToken": "CAIShQJ1q6Ft5B2yfSjIr5bhIPDFiq9O75WbdG3IklQdeNpfobdgdZLAozz2IHlPeHRoCOgftPo+mm5U7voYlqJ4T55IQ1Dza8J148z1Lo5KrsyT1fau5Jko1beHewHKeTOZsebWZ+LmNqC/Ht6md1HDkAJq3LL+bk/Mdle5MJqP+/UFB5ZtKWveVzddA8pMLQZPsdITMWCrVcygKRn3mGHdfiEK00he8Toluf7nnZfBsECO3QemkbYvyt6vcsT+Xa5FJ4xiVtq55utye5fa3TRYgxowr/4t0PEcqG+e5I/MXQcNu0ncKZnd9tx+MQl+fbMmHK1Jqvfxk/Bis/DUjZ7wzxtd2kCLkdB2j+oagAGz8ltUbfoUtw1sdFzkUiP7JoyFZPCgVdMVDfonKHQGx0KnMvuOgn9wjGyoA/5/n0OotlzL4+5SO7yZO4sBDg9KwapoAt/li65JCM1LEr3yYXAcJ9LmkWU1sOekN5qLFfIYLeUP1xv2FiORDaR4RzkNKtYnwWxkmFWL5ffvci507g=="
}