|
OSS前端直传+后端签名
一、服务端签名后前端直传
首先安装阿里云SDK Aliyun.OSS.SDK.NetCore- public static string accessKeyId = "你的accessKeyId";
- public static string accessKeySecret = "你的accessKeySecret";
- public static string bucketName = "你的桶名称";
- public static string endpoint = "oss-cn-beijing.aliyuncs.com";
- public static int expireTime = 30;
- public Dictionary<string, string> GetPolicy(string fileName)
- {
- var dir = DateTime.Now.ToString("yyyyMMdd") + "/";
- // 构造OssClient实例。 endpoint 格式:https://oss-cn-beijing.aliyuncs.com
- var ossClient = new OssClient("https://" + endpoint, accessKeyId, accessKeySecret);
- var config = new PolicyConditions();
- config.AddConditionItem(PolicyConditions.CondContentLengthRange, 1, 1024L * 1024 * 1024 * 5);// 文件大小范围:单位byte
- config.AddConditionItem(MatchMode.StartWith, PolicyConditions.CondKey, dir);
- var expire = DateTimeOffset.Now.AddMinutes(30);// 过期时间
- // 生成 Policy,并进行 Base64 编码
- var policy = ossClient.GeneratePostPolicy(expire.LocalDateTime, config);
- var policyBase64 = Convert.ToBase64String(Encoding.UTF8.GetBytes(policy));
- // 计算签名
- var hmac = new HMACSHA1(Encoding.UTF8.GetBytes(accessKeySecret));
- var bytes = hmac.ComputeHash(Encoding.UTF8.GetBytes(policyBase64));
- var sign = Convert.ToBase64String(bytes);
- // 将签名和回调的内容,返回给前端
- var host = $"https://{bucketName}.{endpoint}";
- var key = $"{dir}{Guid.NewGuid()}/{fileName}";
- var fullUrl = $"https://{bucketName}.{endpoint}/{key}";
- var rt = new Dictionary<string, string>
- {
- { "OSSAccessKeyId",accessKeyId},
- { "Host",host },
- { "key",key},
- { "policy",policyBase64},
- { "Signature",sign},
- { "success_action_status","200"},
- { "fullUrl",fullUrl },
- {"expire",expire.ToString() }
- };
- return rt;
- }
复制代码 前端首先访问后端获取签名,获取签名后使用FromData的形式上传文件- async startUpload() {
- // 获取后端签名和上传地址
- const res = await axios.get("http://localhost:5152/api/OSS/GetPolicy", {
- params: {
- name: this.file.name
- }
- });
- var formData = new FormData();
- formData.append("name", this.file.name);
- formData.append("OSSAccessKeyId", res.data.OSSAccessKeyId);
- formData.append("key", res.data.key);
- formData.append("policy", res.data.policy);
- formData.append("signature", res.data.Signature);
- formData.append("success_action_status", res.data.success_action_status);
- formData.append("file", this.file);
- axios
- .post(res.data.Host, formData, {
- headers: {
- "Content-Type": "multipart/form-data"
- },
- withCredentials: false
- })
- .then(res => {
- console.log(res);
- });
- }
复制代码 二、服务端STS签名前端分片上传+断点续传
当文件过大时,考虑使用分片上传和断点续传的方式来上传文件到oss,这时我们就不能直接使用accesskeyId和accessKeySecret的方式来在前端上传,以免暴露我们的密钥,当然也不能直接使用第一种的方式进行签名(或许可以,没有找到示例,也没有研究出来),所以我们采用STStoken的方式签名,然后在前端使用阿里云提供的SDK进行文件上传。
断点续传的思路是在每个分片上传的时候存储当前文件的上传进度,如果中间因为各种原因无法继续上传时,当用户重新上传同一个文件的时候,获取文件的上传进度,继续上传没有上传完的部分,而不是重新上传整个文件。为了确保断点续传前后上传的是同一个文件,我们使用md5作为存储进度的key值,如果是同一个文件,则续传,如果不是同一个文件,则从0开始上传。
首先登录阿里云开通sts账户和权限。
安装 aliyun-net-sdk-core和aliyun-net-sdk-sts sdk- public Dictionary<string, string> GetSTSToken()
- {
- //此处使用sts账户的id和secret
- var AccessKeyID = "***";
- var AccessKeySecret = "***";
- string bucketName = "***";
- // ststoken
- IClientProfile profile = DefaultProfile.GetProfile("oss-cn-beijing", AccessKeyID, AccessKeySecret);
- DefaultAcsClient client = new DefaultAcsClient(profile);
- var request = new AssumeRoleRequest();
- request.RoleArn = "***";
- request.RoleSessionName = "xxx";//这里的名字随便写
- request.DurationSeconds = 3600;//过期时间
- var response = client.GetAcsResponse(request);
- var result = new Dictionary<string, string>
- {
- {"AccessKeyId", response.Credentials.AccessKeyId},
- {"AccessKeySecret",response.Credentials.AccessKeySecret },
- {"SecurityToken",response.Credentials.SecurityToken },
- {"Expiration",response.Credentials.Expiration },
- {"BucketName",bucketName }
- };
- return result;
- }
复制代码 签名完成后,安装阿里云oss sdk- npm install ali-oss;
- npm install spark-md5;
复制代码- <template>
-
-
- <input type="file" @change="fileChange" />
- {{ progress }}
-
-
- </template>
- #自行导入包,自行定义变量
- async fileChange(e) {
- this.file = e.target.files[0];
- this.uploadFile(this.file);
- },
- async uploadFile(file) {
- const objectKey = "xxx" + "/file/" + this.file.name;
- // 初始化 OSS 客户端 SDK
- await this.initOSSClient();
- this.resumeUpload(objectKey, file);
- }
- # 首先初始化oss 对象
- async initOSSClient() {
- const res = await axios.get("http://localhost:5152/api/OSS/GetSTSToken");
- console.log(res);
- const {
- AccessKeyId,
- AccessKeySecret,
- SecurityToken,
- BucketName
- } = res.data;
- this.bucketName = BucketName;
- this.client = new OSS({
- region: "oss-cn-beijing",
- accessKeyId: AccessKeyId,
- accessKeySecret: AccessKeySecret,
- stsToken: SecurityToken,
- bucket: BucketName
- });
- },
- # 断点上传
- async resumeUpload(objectKey, file) {
- //使用SparkMd5计算文件的md5值
- let md5 =await this.calculateFileMD5(file);
- let checkpoint = JSON.parse(
- window.localStorage.getItem("checkpoint_" + md5)
- );
- var _this = this;
- // 重试五次。
- for (let i = 0; i < 5; i++) {
- try {
- const result = await this.client.multipartUpload(objectKey, file, {
- checkpoint,
- async progress(percentage, cpt) {
- checkpoint = cpt;
- _this.progress = parseInt(percentage * 100);
- // 将 checkpoint 保存到浏览器localstorage 中。
- window.localStorage.setItem(
- "checkpoint_" + md5,
- JSON.stringify(checkpoint)
- );
- }
- });
- // 删除本地保存的 checkpoint,如果此处不删除的话,上传成功后,用户无法再次上传同名文件
- window.localStorage.removeItem("checkpoint_" + md5);
- break; // 跳出当前循环。
- } catch (e) {
- console.log(e);
- }
- }
- },
- // 使用sparkMD5 计算文件md5
- calculateFileMD5(file, chunkSize = 2097152) {
- // chunkSize为分块大小,默认为2MB
- return new Promise((resolve, reject) => {
- const fileReader = new FileReader();
- let currentPosition = 0;
- const spark = new SparkMD5.ArrayBuffer();
- fileReader.onerror = function() {
- reject("文件读取失败!");
- };
- fileReader.onload = function() {
- spark.append(fileReader.result); // 将读取到的数据添加到MD5计算器中
- currentPosition += chunkSize;
- if (currentPosition < file.size) {
- // 文件还没读完,继续读取下一块
- loadNext();
- } else {
- // 文件读取完毕,计算MD5值并返回结果
- const hash = spark.end();
- resolve(hash);
- }
- };
- function loadNext() {
- const blob = file.slice(currentPosition, currentPosition + chunkSize);
- fileReader.readAsArrayBuffer(blob);
- }
- // 开始读取第一块
- loadNext();
- });
- }
复制代码 如果想自己控制上传的各步骤可以使用initiateMultipartUpload uploadPart completeMultipartUpload 等方法自行实现各步骤,大致思路就是先initiateMultipartUpload初始化一个分片上传,返回uploadid,然后将文件按一定的大小分片,之后循环上传每个分片,完成分片之后调用completeMultipartUpload方法合并文件,这种方式比较复杂。
来源:https://www.cnblogs.com/zhangjun0204/archive/2023/03/22/17243583.html
免责声明:由于采集信息均来自互联网,如果侵犯了您的权益,请联系我们【E-Mail:cb@itdo.tech】 我们会及时删除侵权内容,谢谢合作! |
|