更新时间:2024-06-24 gmt 08:00
使用临时url进行授权访问-九游平台
开发过程中,您有任何问题可以在github上,或者在中发帖求助。详细介绍了每个接口的参数和使用方法。
obs客户端支持通过访问密钥、请求方法类型、请求参数等信息生成一个在query参数中携带鉴权信息的url,可将该url提供给其他用户进行临时访问。在生成url时,您需要指定url的有效期来限制访客用户的访问时长。
如果您想授予其他用户对桶或对象临时进行其他操作的权限(例如上传或下载对象),则需要生成带对应请求的url后(例如使用生成put请求的url上传对象),将该url提供给其他用户。
通过该方式可支持的操作以及相关信息见下表:
|
操作名 |
http请求方法(obs .net sdk对应值) |
子资源(obs .net sdk对应值) |
是否需要桶名 |
是否需要对象名 |
|---|---|---|---|---|
|
创建桶 |
httpverb.put |
n/a |
是 |
否 |
|
获取桶列表 |
httpverb.get |
n/a |
否 |
否 |
|
删除桶 |
httpverb.delete |
n/a |
是 |
否 |
|
列举桶内对象 |
httpverb.get |
n/a |
是 |
否 |
|
列举桶内多版本对象 |
httpverb.get |
subresourceenum.versions |
是 |
否 |
|
列举分段上传任务 |
httpverb.get |
subresourceenum.uploads |
是 |
否 |
|
获取桶元数据 |
httpverb.head |
n/a |
是 |
否 |
|
获取桶区域位置 |
httpverb.get |
subresourceenum.location |
是 |
否 |
|
获取桶存量信息 |
httpverb.get |
subresourceenum.storageinfo |
是 |
否 |
|
设置桶配额 |
httpverb.put |
subresourceenum.quota |
是 |
否 |
|
获取桶配额 |
httpverb.get |
subresourceenum.quota |
是 |
否 |
|
设置桶存储类型 |
httpverb.put |
subresourceenum.storagepolicy |
是 |
否 |
|
获取桶存储类型 |
httpverb.get |
subresourceenum.storagepolicy |
是 |
否 |
|
设置桶访问权限 |
httpverb.put |
subresourceenum.acl |
是 |
否 |
|
获取桶访问权限 |
httpverb.get |
subresourceenum.acl |
是 |
否 |
|
开启/关闭桶日志 |
httpverb.put |
subresourceenum.logging |
是 |
否 |
|
查看桶日志 |
httpverb.get |
subresourceenum.logging |
是 |
否 |
|
设置桶策略 |
httpverb.put |
subresourceenum.policy |
是 |
否 |
|
查看桶策略 |
httpverb.get |
subresourceenum.policy |
是 |
否 |
|
删除桶策略 |
httpverb.delete |
subresourceenum.policy |
是 |
否 |
|
设置生命周期规则 |
httpverb.put |
subresourceenum.lifecycle |
是 |
否 |
|
查看生命周期规则 |
httpverb.get |
subresourceenum.lifecycle |
是 |
否 |
|
删除生命周期规则 |
httpverb.delete |
subresourceenum.lifecycle |
是 |
否 |
|
设置托管配置 |
httpverb.put |
subresourceenum.website |
是 |
否 |
|
查看托管配置 |
httpverb.get |
subresourceenum.website |
是 |
否 |
|
清除托管配置 |
httpverb.delete |
subresourceenum.website |
是 |
否 |
|
设置桶多版本状态 |
httpverb.put |
subresourceenum.versioning |
是 |
否 |
|
查看桶多版本状态 |
httpverb.get |
subresourceenum.versioning |
是 |
否 |
|
设置跨域规则 |
httpverb.put |
subresourceenum.cors |
是 |
否 |
|
查看跨域规则 |
httpverb.get |
subresourceenum.cors |
是 |
否 |
|
删除跨域规则 |
httpverb.delete |
subresourceenum.cors |
是 |
否 |
|
设置桶标签 |
httpverb.put |
subresourceenum.tagging |
是 |
否 |
|
查看桶标签 |
httpverb.get |
subresourceenum.tagging |
是 |
否 |
|
删除桶标签 |
httpverb.delete |
subresourceenum.tagging |
是 |
否 |
|
上传对象 |
httpverb.put |
n/a |
是 |
是 |
|
追加上传 |
httpverb.post |
subresourceenum.append |
是 |
是 |
|
下载对象 |
httpverb.get |
n/a |
是 |
是 |
|
复制对象 |
httpverb.put |
n/a |
是 |
是 |
|
删除对象 |
httpverb.delete |
n/a |
是 |
是 |
|
批量删除对象 |
httpverb.post |
subresourceenum.delete |
是 |
是 |
|
获取对象属性 |
httpverb.head |
n/a |
是 |
是 |
|
设置对象访问权限 |
httpverb.put |
subresourceenum.acl |
是 |
是 |
|
查看对象访问权限 |
httpverb.get |
subresourceenum.acl |
是 |
是 |
|
初始化分段上传任务 |
httpverb.post |
subresourceenum.uploads |
是 |
是 |
|
上传段 |
httpverb.put |
n/a |
是 |
是 |
|
复制段 |
httpverb.put |
n/a |
是 |
是 |
|
列举已上传的段 |
httpverb.get |
n/a |
是 |
是 |
|
合并段 |
httpverb.post |
n/a |
是 |
是 |
|
取消分段上传任务 |
httpverb.delete |
n/a |
是 |
是 |
|
恢复归档存储对象 |
httpverb.post |
subresourceenum.restore |
是 |
是 |
通过obs .net sdk生成临时url访问obs的步骤如下:
- 通过obsclient.createtemporarysignature生成带签名信息的url。
- 使用任意http库发送http/https请求,访问obs服务。
如果遇到跨域报错、签名不匹配问题,请参考以下步骤排查问题:
- 未配置跨域,需要在控制台配置cors规则,请参考。
- 签名计算问题,请参考url中携带签名排查签名参数是否正确;比如上传对象功能,后端将content-type参与计算签名生成授权url,但是前端使用授权url时没有设置content-type字段或者传入错误的值,此时会出现跨域错误。九游平台的解决方案为:content-type字段前后端保持一致。
以下代码展示了如何使用临时url进行授权访问,包括:创建桶、上传对象、下载对象、列举对象、删除对象。
创建桶
// 初始化配置参数
obsconfig config = new obsconfig();
config.endpoint = "https://your-endpoint";
// 认证用的ak和sk硬编码到代码中或者明文存储都有很大的安全风险,建议在配置文件或者环境变量中密文存放,使用时解密,确保安全;本示例以ak和sk保存在环境变量中为例,运行本示例前请先在本地环境中设置环境变量accesskeyid和secretaccesskey。
// 您可以登录访问管理控制台获取访问密钥ak/sk,获取方式请参见https://support.huaweicloud.com/usermanual-ca/ca_01_0003.html
string accesskey= environment.getenvironmentvariable("accesskeyid", environmentvariabletarget.machine);
string secretkey= environment.getenvironmentvariable("secretaccesskey", environmentvariabletarget.machine);
// 创建obsclient实例
obsclient client = new obsclient(accesskey, secretkey, config);
// url有效期,3600秒
long exipreseconds = 3600;
createtemporarysignaturerequest request = new createtemporarysignaturerequest();
request.bucketname = "bucketname";
request.method = httpverb.put;
request.expires = exipreseconds;
createtemporarysignatureresponse response = client.createtemporarysignature(request);
console.writeline("creating bucket using temporary signature url:");
console.writeline("\t" response.signurl);
// 使用put请求创建桶
httpwebrequest webrequest = webrequest.create(response.signurl) as httpwebrequest;
webrequest.method = "put";
foreach (keyvaluepair header in response.actualsignedrequestheaders)
{
if (!header.key.equals("host", stringcomparison.ordinalignorecase))
{
webrequest.headers.add(header.key, header.value);
}
}
string location = "your bucket location";
webrequest.sendchunked = true;
webrequest.allowwritestreambuffering = false;
using (stream requeststream = webrequest.getrequeststream())
{
byte[] buffer = encoding.utf8.getbytes("" location "
上传对象
// 初始化配置参数
obsconfig config = new obsconfig();
config.endpoint = "https://your-endpoint";
// 认证用的ak和sk硬编码到代码中或者明文存储都有很大的安全风险,建议在配置文件或者环境变量中密文存放,使用时解密,确保安全;本示例以ak和sk保存在环境变量中为例,运行本示例前请先在本地环境中设置环境变量accesskeyid和secretaccesskey。
// 您可以登录访问管理控制台获取访问密钥ak/sk,获取方式请参见https://support.huaweicloud.com/usermanual-ca/ca_01_0003.html
string accesskey= environment.getenvironmentvariable("accesskeyid", environmentvariabletarget.machine);
string secretkey= environment.getenvironmentvariable("secretaccesskey", environmentvariabletarget.machine);
// 创建obsclient实例
obsclient client = new obsclient(accesskey, secretkey, config);
// url有效期,3600秒
long exipreseconds = 3600;
createtemporarysignaturerequest request = new createtemporarysignaturerequest();
request.bucketname = "bucketname";
request.objectkey = "objectkey";
request.method = httpverb.put;
request.expires = exipreseconds;
createtemporarysignatureresponse response = client.createtemporarysignature(request);
console.writeline("creating object using temporary signature url:");
console.writeline("\t" response.signurl);
// 使用put请求上传对象
httpwebrequest webrequest = webrequest.create(response.signurl) as httpwebrequest;
webrequest.method = "put";
foreach (keyvaluepair header in response.actualsignedrequestheaders)
{
if (!header.key.equals("host", stringcomparison.ordinalignorecase))
{
webrequest.headers.add(header.key, header.value);
}
}
webrequest.sendchunked = true;
webrequest.allowwritestreambuffering = false;
using (stream requeststream = webrequest.getrequeststream())
{
byte[] buffer = encoding.utf8.getbytes("hello obs");
requeststream.write(buffer, 0, buffer.length);
}
httpwebresponse webresponse = null;
try
{
webresponse = webrequest.getresponse() as httpwebresponse;
}
catch (webexception ex)
{
webresponse = ex.response as httpwebresponse;
}
console.writeline("response status:" convert.toint32(webresponse.statuscode));
using (memorystream dest = new memorystream())
{
using (stream stream = webresponse.getresponsestream())
{
byte[] buffer = new byte[8192];
int bytesread;
while ((bytesread = stream.read(buffer, 0, buffer.length)) > 0)
{
dest.write(buffer, 0, bytesread);
}
}
console.writeline("response content:");
console.writeline(encoding.utf8.getstring(dest.toarray()));
}
下载对象
// 初始化配置参数
obsconfig config = new obsconfig();
config.endpoint = "https://your-endpoint";
// 认证用的ak和sk硬编码到代码中或者明文存储都有很大的安全风险,建议在配置文件或者环境变量中密文存放,使用时解密,确保安全;本示例以ak和sk保存在环境变量中为例,运行本示例前请先在本地环境中设置环境变量accesskeyid和secretaccesskey。
// 您可以登录访问管理控制台获取访问密钥ak/sk,获取方式请参见https://support.huaweicloud.com/usermanual-ca/ca_01_0003.html
string accesskey= environment.getenvironmentvariable("accesskeyid", environmentvariabletarget.machine);
string secretkey= environment.getenvironmentvariable("secretaccesskey", environmentvariabletarget.machine);
// 创建obsclient实例
obsclient client = new obsclient(accesskey, secretkey, config);
// url有效期,3600秒
long exipreseconds = 3600;
createtemporarysignaturerequest request = new createtemporarysignaturerequest();
request.bucketname = "bucketname";
request.objectkey = "objectkey";
request.method = httpverb.get;
request.expires = exipreseconds;
createtemporarysignatureresponse response = client.createtemporarysignature(request);
console.writeline("getting object using temporary signature url:");
console.writeline("\t" response.signurl);
// 使用get请求下载对象
httpwebrequest webrequest = webrequest.create(response.signurl) as httpwebrequest;
webrequest.method = "get";
foreach (keyvaluepair header in response.actualsignedrequestheaders)
{
if (!header.key.equals("host", stringcomparison.ordinalignorecase))
{
webrequest.headers.add(header.key, header.value);
}
}
httpwebresponse webresponse = null;
try
{
webresponse = webrequest.getresponse() as httpwebresponse;
}
catch (webexception ex)
{
webresponse = ex.response as httpwebresponse;
}
console.writeline("response status:" convert.toint32(webresponse.statuscode));
using (memorystream dest = new memorystream())
{
using (stream stream = webresponse.getresponsestream())
{
byte[] buffer = new byte[8192];
int bytesread;
while ((bytesread = stream.read(buffer, 0, buffer.length)) > 0)
{
dest.write(buffer, 0, bytesread);
}
}
console.writeline("response content:");
console.writeline(encoding.utf8.getstring(dest.toarray()));
}
列举对象
// 初始化配置参数
obsconfig config = new obsconfig();
config.endpoint = "https://your-endpoint";
// 认证用的ak和sk硬编码到代码中或者明文存储都有很大的安全风险,建议在配置文件或者环境变量中密文存放,使用时解密,确保安全;本示例以ak和sk保存在环境变量中为例,运行本示例前请先在本地环境中设置环境变量accesskeyid和secretaccesskey。
// 您可以登录访问管理控制台获取访问密钥ak/sk,获取方式请参见https://support.huaweicloud.com/usermanual-ca/ca_01_0003.html
string accesskey= environment.getenvironmentvariable("accesskeyid", environmentvariabletarget.machine);
string secretkey= environment.getenvironmentvariable("secretaccesskey", environmentvariabletarget.machine);
// 创建obsclient实例
obsclient client = new obsclient(accesskey, secretkey, config);
// url有效期,3600秒
long exipreseconds = 3600;
createtemporarysignaturerequest request = new createtemporarysignaturerequest();
request.bucketname = "bucketname";
request.method = httpverb.get;
request.expires = exipreseconds;
createtemporarysignatureresponse response = client.createtemporarysignature(request);
console.writeline("getting object list using temporary signature url:");
console.writeline("\t" response.signurl);
// 使用get请求获取对象列表
httpwebrequest webrequest = webrequest.create(response.signurl) as httpwebrequest;
webrequest.method = "get";
foreach (keyvaluepair header in response.actualsignedrequestheaders)
{
if (!header.key.equals("host", stringcomparison.ordinalignorecase))
{
webrequest.headers.add(header.key, header.value);
}
}
httpwebresponse webresponse = null;
try
{
webresponse = webrequest.getresponse() as httpwebresponse;
}
catch (webexception ex)
{
webresponse = ex.response as httpwebresponse;
}
console.writeline("response status:" convert.toint32(webresponse.statuscode));
using (memorystream dest = new memorystream())
{
using (stream stream = webresponse.getresponsestream())
{
byte[] buffer = new byte[8192];
int bytesread;
while ((bytesread = stream.read(buffer, 0, buffer.length)) > 0)
{
dest.write(buffer, 0, bytesread);
}
}
console.writeline("response content:");
console.writeline(encoding.utf8.getstring(dest.toarray()));
}
删除对象
// 初始化配置参数
obsconfig config = new obsconfig();
config.endpoint = "https://your-endpoint";
// 认证用的ak和sk硬编码到代码中或者明文存储都有很大的安全风险,建议在配置文件或者环境变量中密文存放,使用时解密,确保安全;本示例以ak和sk保存在环境变量中为例,运行本示例前请先在本地环境中设置环境变量accesskeyid和secretaccesskey。
// 您可以登录访问管理控制台获取访问密钥ak/sk,获取方式请参见https://support.huaweicloud.com/usermanual-ca/ca_01_0003.html
string accesskey= environment.getenvironmentvariable("accesskeyid", environmentvariabletarget.machine);
string secretkey= environment.getenvironmentvariable("secretaccesskey", environmentvariabletarget.machine);
// 创建obsclient实例
obsclient client = new obsclient(accesskey, secretkey, config);
// url有效期,3600秒
long exipreseconds = 3600;
createtemporarysignaturerequest request = new createtemporarysignaturerequest();
request.bucketname = "bucketname";
request.objectkey = "objectkey";
request.method = httpverb.delete;
request.expires = exipreseconds;
createtemporarysignatureresponse response = client.createtemporarysignature(request);
console.writeline("deleting object using temporary signature url:");
console.writeline("\t" response.signurl);
// 使用delete请求删除对象
httpwebrequest webrequest = webrequest.create(response.signurl) as httpwebrequest;
webrequest.method = "delete";
foreach (keyvaluepair header in response.actualsignedrequestheaders)
{
if (!header.key.equals("host", stringcomparison.ordinalignorecase))
{
webrequest.headers.add(header.key, header.value);
}
}
httpwebresponse webresponse = null;
try
{
webresponse = webrequest.getresponse() as httpwebresponse;
}
catch (webexception ex)
{
webresponse = ex.response as httpwebresponse;
}
console.writeline("response status:" convert.toint32(webresponse.statuscode));
using (memorystream dest = new memorystream())
{
using (stream stream = webresponse.getresponsestream())
{
byte[] buffer = new byte[8192];
int bytesread;
while ((bytesread = stream.read(buffer, 0, buffer.length)) > 0)
{
dest.write(buffer, 0, bytesread);
}
}
console.writeline("response content:");
console.writeline(encoding.utf8.getstring(dest.toarray()));
}
初始化分段上传任务
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 |
// 初始化配置参数 obsconfigconfig=newobsconfig(); config.endpoint="https://your-endpoint"; // 认证用的ak和sk硬编码到代码中或者明文存储都有很大的安全风险,建议在配置文件或者环境变量中密文存放,使用时解密,确保安全;本示例以ak和sk保存在环境变量中为例,运行本示例前请先在本地环境中设置环境变量accesskeyid和secretaccesskey。 // 您可以登录访问管理控制台获取访问密钥ak/sk,获取方式请参见https://support.huaweicloud.com/usermanual-ca/ca_01_0003.html stringaccesskey=environment.getenvironmentvariable("accesskeyid",environmentvariabletarget.machine); stringsecretkey=environment.getenvironmentvariable("secretaccesskey",environmentvariabletarget.machine); // 创建obsclient实例 obsclientclient=newobsclient(accesskey,secretkey,config); // url有效期,3600秒 longexipreseconds=3600; createtemporarysignaturerequestrequest=newcreatetemporarysignaturerequest(); request.bucketname="bucketname"; request.objectkey="objectkey"; request.method=httpverb.post; request.expires=exipreseconds; request.subresource=subresourceenum.uploads; createtemporarysignatureresponseresponse=client.createtemporarysignature(request); console.writeline("creating mission using temporary signature url:"); console.writeline("\t"response.signurl); // 使用post请求创建多段任务 httpwebrequestwebrequest=webrequest.create(response.signurl)ashttpwebrequest; webrequest.method="post"; foreach(keyvaluepair<string,string>headerinresponse.actualsignedrequestheaders) { if(!header.key.equals("host",stringcomparison.ordinalignorecase)) { webrequest.headers.add(header.key,header.value); } } httpwebresponsewebresponse=null; try { webresponse=webrequest.getresponse()ashttpwebresponse; } catch(webexceptionex) { webresponse=ex.responseashttpwebresponse; } console.writeline("response status:"convert.toint32(webresponse.statuscode)); using(memorystreamdest=newmemorystream()) { using(streamstream=webresponse.getresponsestream()) { byte[]buffer=newbyte[8192]; intbytesread; while((bytesread=stream.read(buffer,0,buffer.length))>0) { dest.write(buffer,0,bytesread); } } console.writeline("response content:"); console.writeline(encoding.utf8.getstring(dest.toarray())); } |
httpverb是obs .net sdk定义的枚举类型,代表请求方法类型。
父主题:
相关文档
意见反馈
文档内容是否对您有帮助?
提交成功!非常感谢您的反馈,我们会继续努力做到更好!
您可在查看反馈及问题处理状态。
系统繁忙,请稍后重试
如您有其它疑问,您也可以通过华为云社区问答频道来与我们联系探讨
