search

tencentyun / qcloud-cos-sts-sdk

QCloud COS STS SDK for Backend Server
MIT License
198 stars 188 forks source link

永远是不在签名 q-key-time 有效时间范围内. #105

Closed toknT closed 10 months ago

toknT commented 10 months ago

服务器端 (nodejs)

    const config = {
      secretId: process.env.COS_SECRET_ID,
      secretKey: process.env.COS_SECRET_KEY,
      proxy: '',
      durationSeconds: 1800,
      endpoint: 'sts.tencentcloudapi.com',
      bucket: process.env.COS_BUCKET,
      region: process.env.COS_REGION,
      allowPrefix: 'user_uploads/*',
      allowActions: [
        // 简单上传
        'name/cos:PutObject',
        'name/cos:PostObject',
        // 分片上传
        'name/cos:InitiateMultipartUpload',
        'name/cos:ListMultipartUploads',
        'name/cos:ListParts',
        'name/cos:UploadPart',
        'name/cos:CompleteMultipartUpload',
      ],
    };
    const shortBucketName = config.bucket.substring(
      0,
      config.bucket.lastIndexOf('-'),
    );
    const appId = config.bucket.substring(1 + config.bucket.lastIndexOf('-'));
    const policy = {
      version: '2.0',
      statement: [
        {
          action: config.allowActions,
          effect: 'allow',
          principal: { qcs: ['*'] },
          resource: [
            'qcs::cos:' +
              config.region +
              ':uid/' +
              appId +
              ':prefix//' +
              appId +
              '/' +
              shortBucketName +
              '/' +
              config.allowPrefix,
          ],
        },
      ],
    };
    const result = await STS.getCredential({
      secretId: config.secretId,
      secretKey: config.secretKey,
      proxy: config.proxy,
      durationSeconds: config.durationSeconds,
      endpoint: config.endpoint,
      policy: policy,
    });
    const cred = {
      tmpSecretId: result.credentials.tmpSecretId,
      tmpSecretKey: result.credentials.tmpSecretKey,
      sessionToken: result.credentials.sessionToken,
      startTime: result.startTime,
      expiredTime: result.expiredTime,
    };

移动端(Flutter)

    CosTransferManger transferManager = Cos().getDefaultTransferManger();
    String bucket = BUCKET;
    String cosPath = "user_uploads/test.docx";

await transferManager.upload(
      bucket,
      cosPath,
      filePath: srcPath,
      resultListener: ResultListener(successCallBack, failCallBack),
      stateCallback: stateCallback,
      progressCallBack: progressCallBack,
      initMultipleUploadCallback: initMultipleUploadCallback,
    );

cos_error

toknT commented 10 months ago

莫名奇妙就好了。😅可能上传的是子目录发现那个目录子账号没权限后加了权限但没马上生效吧(用的子账号生成的临时密钥),