1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
namespace Freyo\Flysystem\QcloudCOSv5\Plugins; |
4
|
|
|
|
5
|
|
|
use League\Flysystem\Plugin\AbstractPlugin; |
6
|
|
|
|
7
|
|
|
class GetFederationToken extends AbstractPlugin |
8
|
|
|
{ |
9
|
|
|
/** |
10
|
|
|
* Get the method name. |
11
|
|
|
* |
12
|
|
|
* @return string |
13
|
|
|
*/ |
14
|
|
|
public function getMethod() |
15
|
|
|
{ |
16
|
|
|
return 'getFederationToken'; |
17
|
|
|
} |
18
|
|
|
|
19
|
|
|
/** |
20
|
|
|
* @param string $path |
21
|
|
|
* @param int $seconds |
22
|
|
|
* |
23
|
|
|
* @return bool|array |
24
|
|
|
*/ |
25
|
|
|
public function handle($path = '', $seconds = 7200) |
26
|
|
|
{ |
27
|
|
|
$params = [ |
28
|
|
|
'durationSeconds' => $seconds, |
29
|
|
|
'name' => 'cos', |
30
|
|
|
'policy' => urlencode($this->getPolicy($path)) |
31
|
|
|
]; |
32
|
|
|
|
33
|
|
|
return $this->request($params, 'GetFederationToken'); |
34
|
|
|
} |
35
|
|
|
|
36
|
|
|
/** |
37
|
|
|
* @param $path |
38
|
|
|
* |
39
|
|
|
* @return string |
40
|
|
|
*/ |
41
|
|
|
protected function getPolicy($path) |
42
|
|
|
{ |
43
|
|
|
$appId = $this->getCredentials()['appId']; |
44
|
|
|
|
45
|
|
|
$region = $this->getConfig()->get('region'); |
46
|
|
|
$bucket = $this->getConfig()->get('bucket'); |
47
|
|
|
|
48
|
|
|
$policy = [ |
49
|
|
|
'version' => '2.0', |
50
|
|
|
'statement' => [ |
51
|
|
|
'action' => [ |
52
|
|
|
// 简单上传 |
53
|
|
|
'name/cos:PutObject', |
54
|
|
|
// 分片上传操作 |
55
|
|
|
'name/cos:InitiateMultipartUpload', |
56
|
|
|
'name/cos:ListMultipartUploads', |
57
|
|
|
'name/cos:ListParts', |
58
|
|
|
'name/cos:UploadPart', |
59
|
|
|
'name/cos:CompleteMultipartUpload', |
60
|
|
|
], |
61
|
|
|
'effect' => 'allow', |
62
|
|
|
'principal' => ['qcs' => ['*']], |
63
|
|
|
'resource' => [ |
64
|
|
|
"qcs::cos:$region:uid/$appId:prefix//$appId/$bucket/", |
65
|
|
|
"qcs::cos:$region:uid/$appId:prefix//$appId/$bucket/$path", |
66
|
|
|
], |
67
|
|
|
], |
68
|
|
|
]; |
69
|
|
|
|
70
|
|
|
return str_replace('\\/', '/', json_encode($policy)); |
71
|
|
|
} |
72
|
|
|
|
73
|
|
|
/** |
74
|
|
|
* @return \League\Flysystem\Config |
75
|
|
|
*/ |
76
|
|
|
protected function getConfig() |
77
|
|
|
{ |
78
|
|
|
return $this->filesystem->getConfig(); |
79
|
|
|
} |
80
|
|
|
|
81
|
|
|
/** |
82
|
|
|
* @return array |
83
|
|
|
*/ |
84
|
|
|
protected function getCredentials() |
85
|
|
|
{ |
86
|
|
|
return $this->getConfig()->get('credentials'); |
87
|
|
|
} |
88
|
|
|
|
89
|
|
|
/** |
90
|
|
|
* @param array $args |
91
|
|
|
* @param $action |
92
|
|
|
* |
93
|
|
|
* @return bool|array |
94
|
|
|
*/ |
95
|
|
|
protected function request(array $args, $action) |
96
|
|
|
{ |
97
|
|
|
$client = $this->getHttpClient(); |
98
|
|
|
|
99
|
|
|
$response = $client->post('/v2/index.php', [ |
100
|
|
|
'form_params' => $this->buildFormParams($args, $action), |
101
|
|
|
]); |
102
|
|
|
|
103
|
|
|
$contents = $response->getBody()->getContents(); |
104
|
|
|
|
105
|
|
|
return $this->normalize($contents); |
106
|
|
|
} |
107
|
|
|
|
108
|
|
|
/** |
109
|
|
|
* @return \GuzzleHttp\Client |
110
|
|
|
*/ |
111
|
|
|
protected function getHttpClient() |
112
|
|
|
{ |
113
|
|
|
return new \GuzzleHttp\Client([ |
114
|
|
|
'verify' => false, |
115
|
|
|
'base_uri' => 'https://sts.api.qcloud.com', |
116
|
|
|
]); |
117
|
|
|
} |
118
|
|
|
|
119
|
|
|
/** |
120
|
|
|
* @param array $params |
121
|
|
|
* @param string $action |
122
|
|
|
* |
123
|
|
|
* @return array |
124
|
|
|
*/ |
125
|
|
|
protected function buildFormParams(array $params, $action) |
126
|
|
|
{ |
127
|
|
|
$params = $this->addCommonParams($params, $action); |
128
|
|
|
|
129
|
|
|
return $this->addSignature($params); |
130
|
|
|
} |
131
|
|
|
|
132
|
|
|
/** |
133
|
|
|
* @param array $params |
134
|
|
|
* @param string $action |
135
|
|
|
* |
136
|
|
|
* @return array |
137
|
|
|
*/ |
138
|
|
|
protected function addCommonParams(array $params, $action) |
139
|
|
|
{ |
140
|
|
|
return array_merge([ |
141
|
|
|
'Region' => $this->getConfig()->get('region'), |
142
|
|
|
'Action' => $action, |
143
|
|
|
'SecretId' => $this->getCredentials()['secretId'], |
144
|
|
|
'Timestamp' => time(), |
145
|
|
|
'Nonce' => rand(1, 65535), |
146
|
|
|
], $params); |
147
|
|
|
} |
148
|
|
|
|
149
|
|
|
/** |
150
|
|
|
* @param array $params |
151
|
|
|
* |
152
|
|
|
* @return array |
153
|
|
|
*/ |
154
|
|
|
protected function addSignature(array $params) |
155
|
|
|
{ |
156
|
|
|
$params['Signature'] = $this->getSignature($params); |
157
|
|
|
|
158
|
|
|
return $params; |
159
|
|
|
} |
160
|
|
|
|
161
|
|
|
/** |
162
|
|
|
* @param array $params |
163
|
|
|
* |
164
|
|
|
* @return string |
165
|
|
|
*/ |
166
|
|
|
protected function getSignature(array $params) |
167
|
|
|
{ |
168
|
|
|
ksort($params); |
169
|
|
|
|
170
|
|
|
$srcStr = 'POSTsts.api.qcloud.com/v2/index.php?' . urldecode(http_build_query($params)); |
171
|
|
|
|
172
|
|
|
return base64_encode(hash_hmac('sha1', $srcStr, $this->getCredentials()['secretKey'], true)); |
173
|
|
|
} |
174
|
|
|
|
175
|
|
|
/** |
176
|
|
|
* @param string $contents |
177
|
|
|
* |
178
|
|
|
* @return bool|array |
179
|
|
|
*/ |
180
|
|
|
protected function normalize($contents) |
181
|
|
|
{ |
182
|
|
|
$data = json_decode($contents, true); |
183
|
|
|
|
184
|
|
|
if (json_last_error() !== JSON_ERROR_NONE || $data['code'] !== 0) { |
185
|
|
|
return false; |
186
|
|
|
} |
187
|
|
|
|
188
|
|
|
return $data['data']; |
189
|
|
|
} |
190
|
|
|
} |
191
|
|
|
|