Shulou(Shulou.com)06/02 Report--

In view of what the OSS JavaScript client is like, this article introduces the corresponding analysis and answer in detail, hoping to help more partners who want to solve this problem to find a more simple and feasible way.

Use OSS to upload to the file server for file storage, or transfer it directly to the client, and the server only needs to do a signature encryption, which can not only achieve security, but also reduce the pressure on the server:

OSS customer daunt direct official documentation

The general implementation process can be seen. My understanding of signature is to prevent usurpation and ensure security.

If you take a look at the above process, you should understand it, that is, sign, upload, then receive callback messages, and then tell the client that the upload is successful.

Here is the signature of the server. You can choose to download it according to your own language. My side is mainly based on java.

If you do not understand, file storage and other bucket configuration, cross-domain users can take a look at the official documentation

The OSS configuration document describes some of the configurations for setting up OSS in this way

Once set up, let's take a look at the official code. What do we need to set up?

BucketName: myxxxxxxxxxxxxx1 accessKey: LTAxxxxxxxxxxxxx1 secretKey: 46MxxxxxxxxxxxxxOe4yU region: oss-cn-beijing.aliyuncs.com dir: xxxxxxxxxxxxx/

BucketName is the name of Bucket, region is the region, and dir is the directory.

I've sorted out all the code here, take what you need:

Https://github.com/qurenneng/CloudObjectWeb-java, can order a start.

After downloading, the dependencies are ready to run directly, and then visit http://localhost:8084/index.html. Note that cross-domain settings must be set here. Moreover, there is a problem with OSS, that is, callback after a successful upload, so it must be placed on the CVM before testing. Because you need to accept the callback parameters sent by OSS, the test can only be tested on the server. You can see https://www.aliyun.com/activity?userCode=ooxl1zly if you need it.

Let's take a look at the code:

CommonApiController:

/ * * Aliyun oss web direct transmission

* verify the signature:

* @ return

, /

@ GetMapping ("/ callbackSign")

Public Map callbackSign () {

OssStsAuth ossStsAuth= new OssStsAuth ()

Map sign = ossStsAuth.getSign (ossProperties)

Return sign

}

/ * *

* Ali Cloud oss callback for callback:

* @ return

, /

@ RequestMapping ("/ callbackUrl")

Public void callbackUrl (HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {

OssStsAuth ossStsAuth= new OssStsAuth ()

String ossCallbackBody = ossStsAuth.GetPostBody (request.getInputStream ()

Integer.parseInt (request.getHeader ("content-length")

Boolean b = ossStsAuth.VerifyOSSCallbackRequest (request, ossCallbackBody)

If (b) {

OssStsAuth.response (request, response, "{\" Status\ ":\" OK\ "}", HttpServletResponse.SC_OK)

} else {

OssStsAuth.response (request, response, "{\" Status\ ":\" verdify not ok\ "}", HttpServletResponse.SC_BAD_REQUEST)

}

}

The above is the control layer uploaded by the client, and the following API is the user's API for accepting OSS callback.

OssStsAuth:

Public Map getSign (OssProperties cosProperties) {

String accessId = cosProperties.getAccessKey (); / / Please fill in your AccessKeyId.

String accessKey = cosProperties.getSecretKey (); / / Please fill in your AccessKeySecret.

String endpoint = cosProperties.getRegion (); / / Please fill in your endpoint.

String bucket = cosProperties.getBucketName (); / / Please fill in your bucketname.

String host = "http://"> / / callbackUrl is the URL of the upload callback server. Please configure the IP and Port below as your own real information.

String callbackUrl = "http://ip:8084/callbackUrl";

String dir = cosProperties.getDir (); / / the prefix specified when the user uploads the file.

Map respMap = new LinkedHashMap ()

OSSClient client = new OSSClient (endpoint, accessId, accessKey)

Try {

Long expireTime = 1000; / / the official default is 30 seconds. Caching problems will occur here to solve problems when verifying signatures.

Long expireEndTime = System.currentTimeMillis () + expireTime * 1000

Date expiration = new Date (expireEndTime)

PolicyConditions policyConds = new PolicyConditions ()

PolicyConds.addConditionItem (PolicyConditions.COND_CONTENT_LENGTH_RANGE, 0, 1048576000)

PolicyConds.addConditionItem (MatchMode.StartWith, PolicyConditions.COND_KEY, dir)

String postPolicy = client.generatePostPolicy (expiration, policyConds)

Byte [] binaryData = postPolicy.getBytes ("utf-8")

String encodedPolicy = BinaryUtil.toBase64String (binaryData)

String postSignature = client.calculatePostSignature (postPolicy)

RespMap.put ("accessid", accessId)

RespMap.put ("policy", encodedPolicy)

RespMap.put ("signature", postSignature)

RespMap.put ("dir", dir)

RespMap.put ("host", host)

RespMap.put ("expire", String.valueOf (expireEndTime / 1000))

JSONObject jasonCallback = new JSONObject ()

JasonCallback.put ("callbackUrl", callbackUrl)

JasonCallback.put ("callbackBody"

"filename=$ {object} & size=$ {size} & mimeType=$ {mimeType} & height=$ {imageInfo.height} & width=$ {imageInfo.width}")

JasonCallback.put ("callbackBodyType", "application/x-www-form-urlencoded")

String base64CallbackBody = BinaryUtil.toBase64String (jasonCallback.toString () .getBytes ())

RespMap.put ("callback", base64CallbackBody)

Return respMap

} catch (Exception e) {

System.out.println (e.getMessage ())

}

Return respMap

}

The parameters that need to be configured are set in the application.yml file

OssProperties: in this configuration, just visit the upload directly after running. The configuration and other settings must be done. If you have any questions, please comment below.

This is the answer to the question about what the OSS JavaScript client is. I hope the above content can be of some help to you. If you still have a lot of doubts to solve, you can follow the industry information channel for more related knowledge.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.