框架:tp5
image.png
这是一些配置,我想大家都应该清楚,介入第三方这都是一些常识了。
sdk:
image.png
引入这三个sdk,一个是核心,一个ram,一个是sts
代码:
public function token()
{
include_once '../extend/fast/aliyun-php-sdk-core/Config.php';
$accessKeyId = Env::get('sts.key');
$accessKeySecret = Env::get('sts.secret');
$region_id = Env::get('sts.region_id');
$endpoint = Env::get('sts.endpoint');
\DefaultProfile::addEndpoint($region_id, $region_id, "Sts", $endpoint);
$iClientProfile = \DefaultProfile::getProfile($region_id, $accessKeyId, $accessKeySecret);
$client = new \DefaultAcsClient($iClientProfile);
$roleArn = Env::get('sts.arn');
$policy = <<<POLICY
{
"Version": "1",
"Statement": [
{
"Effect": "Allow",
"Action": [
"oss:GetObject",
"oss:PutObject",
"oss:ListParts",
"oss:AbortMultipartUpload",
"oss:ListObjects"
],
"Resource": "acs:oss:*:*:*"
},
{
"Effect": "Allow",
"Action": "oss:*",
"Resource": [
"acs:oss:*:*:rebot",
"acs:oss:*:*:rebot/*"
]
}
]
}
POLICY;
$request = new Sts\AssumeRoleRequest();
$request->setRoleSessionName("LXJ");
$request->setRoleArn($roleArn);
$request->setPolicy($policy);
$request->setDurationSeconds(3600);
try {
$response = $client->getAcsResponse($request);
$response = (array)$response;
$credentials = (array)$response['Credentials'];
$data = [
'AccessKeySecret' => $credentials['AccessKeySecret'],
'AccessKeyId' => $credentials['AccessKeyId'],
'SecurityToken' => $credentials['SecurityToken'],
'Expiration' => $credentials['Expiration'],
'Time' => 3600
];
return json(['code' => 1,'data' => $data]);
} catch(\ServerException $e) {
print "Error: " . $e->getErrorCode() . " Message: " . $e->getMessage() . "\n";
} catch(\ClientException $e) {
print "Error: " . $e->getErrorCode() . " Message: " . $e->getMessage() . "\n";
}
}
网友评论