search

ali-sdk / ali-oss

Aliyun OSS(Object Storage Service) JavaScript SDK for the Browser and Node.js
https://www.alibabacloud.com/help/doc-detail/52834.htm
MIT License
1.94k stars 578 forks source link

静态URL+herder签名下载文件,被告知签名错误,有朋友遇到过吗,支持一下 #827

Closed jimtang9527 closed 4 years ago

jimtang9527 commented 4 years ago

使用服务器端签名URL是可行的。因为APP有特殊的缓存优化场景,需要使用静态URL+header签名方式访问私有bucket。按下面代码未成功。有朋友遇到过吗,支持一下。

2020.7.2 成功了。 OSS签名调试成本极高。只是告诉你不成功。要反复看文档去找线索,然后去尝试。 反复测试发现签名的文件必须加上bucket才行,在访问时要使用相对路径。另外不需要在url添加参数,因为header已带上了url需要的参数。

const axios = require('axios')
const AliOSS = require('ali-oss')
//TODO 这里设置参数
let domain = 'https://xxx'
let accessKeyId = 'key'
let accessKeySecret='secret'
let bucket='test'
let region='oss-cn-qingdao'
let ossPath = '/mark/9234731/9234731/avatars/202007/9A531B8A343A6E086578C7BBF6DDE430.jpg'//测试文件路径
const client = new AliOSS({
    region,
    accessKeyId,
    accessKeySecret,
    bucket,
    secure: true
})
let date = new Date().toUTCString()
headers = {
    'x-oss-date': date,
   'process':'image/resize,w_400'
}
//这里要绝对路径,需要加上bucket
let Authorization = client.authorization('GET', `/${bucket}/${ossPath}`, {}, headers)
headers['Authorization'] = Authorization 
//测试签名是否正确
const instance = axios.create({
    baseURL: domain,
    headers
})
//请求相对路径,去掉bucket
instance.get(ossPath, {
        timeout: 5000
    }).then(function(response) {
        console.log(response.status);
    })
    .catch(function(error) {
        console.log(error.response);
    });
weiyie commented 4 years ago

使用服务器端签名URL是可行的。因为APP有特殊的缓存优化场景,需要使用静态URL+header签名方式访问私有bucket。按下面代码未成功。有朋友遇到过吗,支持一下。

const axios = require('axios')
const AliOSS = require('ali-oss')
//TODO 这里设置参数
let domain = 'https://xxx'
let accessKeyId = 'key'
let accessKeySecret='secret'
let bucket='test'
let region='oss-cn-qingdao'
let ossPath = '/mark/9234731/9234731/avatars/202007/9A531B8A343A6E086578C7BBF6DDE430.jpg'//测试文件路径
const client = new AliOSS({
    region,
    accessKeyId,
    accessKeySecret,
    bucket,
    secure: true
})
let date = new Date().toUTCString()
headers = {
    'x-oss-date': date
}
let Authorization = client.authorization('GET', ossPath, { process: 'image/resize,w_400' }, headers)
headers['Authorization'] = Authorization
//访问文件,会出现签名错误
const instance = axios.create({
    baseURL: domain,
    headers
})
instance.get(ossPath, {
        timeout: 5000
    }).then(function(response) {
        console.log(response.status);
    })
    .catch(function(error) {
        console.log(error.response);
    });

process 对应的签名字段为x-oss-process 

{'x-oss-process': 'image/resize,w_400'}

并且 请求路径要加上x-oss-process=image/resize,w_400请求参数

 instance.get(`${ossPath}?x-oss-process=image/resize,w_400`, {
        timeout: 5000
    }).then(function(response) {
        console.log(response.status);
    })
    .catch(function(error) {
        console.log(error.response);
});
jimtang9527 commented 4 years ago

@weiyie 测试了,加上后未成功。

weiyie commented 4 years ago

@weiyie 测试了,加上后未成功。


    const test = async () => {
    const domain = 'https://wzc123.oss-cn-hangzhou.aliyuncs.com';
    const ossPath = '/test.jpg';

    const date = new Date().toUTCString();
    const headers = {
      'x-oss-date': date
    };

    const Authorization = client.authorization(
      'GET',
      '/wzc123/test.jpg',
      { 'x-oss-process': 'image/resize,w_200' },
      headers
    );
    headers.Authorization = Authorization;

    const instance = axios.create({
      baseURL: domain,
      headers
    });

    try {
      const test1 = await instance.get(
        `${domain}${ossPath}?x-oss-process=image/resize,w_200`,
        {
          timeout: 5000
        }
      );
      console.log('------ ', test1);
    } catch (error) {
      console.log(error);
    }
  };
  test();

我这个是可以的 你参考试试