|
@@ -1,21 +1,31 @@
|
|
|
package com.younike.common.utils.oss;
|
|
|
|
|
|
+import com.alibaba.fastjson.JSONObject;
|
|
|
import com.aliyun.oss.ClientException;
|
|
|
import com.aliyun.oss.OSSClient;
|
|
|
import com.aliyun.oss.OSSException;
|
|
|
-import com.aliyun.oss.model.CannedAccessControlList;
|
|
|
-import com.aliyun.oss.model.CreateBucketRequest;
|
|
|
-import com.aliyun.oss.model.PutObjectRequest;
|
|
|
-import com.aliyun.oss.model.PutObjectResult;
|
|
|
+import com.aliyun.oss.common.utils.BinaryUtil;
|
|
|
+import com.aliyun.oss.model.*;
|
|
|
import com.younike.common.bean.VideoUploadResult;
|
|
|
import com.younike.common.utils.string.StringUtils;
|
|
|
import lombok.extern.log4j.Log4j2;
|
|
|
+import org.apache.http.HttpResponse;
|
|
|
+import org.apache.http.client.methods.HttpGet;
|
|
|
+import org.apache.http.impl.client.DefaultHttpClient;
|
|
|
import org.springframework.beans.factory.InitializingBean;
|
|
|
import org.springframework.beans.factory.annotation.Value;
|
|
|
import org.springframework.stereotype.Component;
|
|
|
|
|
|
import javax.annotation.Resource;
|
|
|
-import java.io.File;
|
|
|
+import javax.servlet.http.HttpServletRequest;
|
|
|
+import java.io.*;
|
|
|
+import java.net.URI;
|
|
|
+import java.security.KeyFactory;
|
|
|
+import java.security.PublicKey;
|
|
|
+import java.security.spec.X509EncodedKeySpec;
|
|
|
+import java.util.Date;
|
|
|
+import java.util.LinkedHashMap;
|
|
|
+import java.util.Map;
|
|
|
|
|
|
/**
|
|
|
* @author chenpengfei
|
|
@@ -30,6 +40,15 @@ public class AliyunOSSUtil implements InitializingBean {
|
|
|
String bucketName;
|
|
|
@Value("${oss.filehost}")
|
|
|
private String getFileHost;
|
|
|
+
|
|
|
+ @Value("${oss.keyid}")
|
|
|
+ private String keyid;
|
|
|
+ @Value("${oss.endpoint}")
|
|
|
+ private String endpoint;
|
|
|
+ @Value("${oss.keysecret}")
|
|
|
+ private String keysecret;
|
|
|
+ @Value("${oss.filepath}")
|
|
|
+ private String filePath;
|
|
|
@Resource
|
|
|
private OSSClient client;
|
|
|
|
|
@@ -173,4 +192,189 @@ public class AliyunOSSUtil implements InitializingBean {
|
|
|
return urls;
|
|
|
}
|
|
|
|
|
|
+
|
|
|
+ /**
|
|
|
+ * 由前端调用成临时的签名
|
|
|
+ * @return
|
|
|
+ * @throws UnsupportedEncodingException
|
|
|
+ */
|
|
|
+ public Map<String, String> createSignature() throws UnsupportedEncodingException {
|
|
|
+ String host = getFileHost;
|
|
|
+ OSSClient client = new OSSClient(endpoint, keyid, keysecret);
|
|
|
+ long expireTime = 30;
|
|
|
+ long expireEndTime = System.currentTimeMillis() + expireTime * 1000;
|
|
|
+ Date expiration = new Date(expireEndTime);
|
|
|
+ PolicyConditions policyConds = new PolicyConditions();
|
|
|
+ policyConds.addConditionItem(PolicyConditions.COND_CONTENT_LENGTH_RANGE, 0, 1048576000);
|
|
|
+ policyConds.addConditionItem(MatchMode.StartWith, PolicyConditions.COND_KEY, filePath);
|
|
|
+ String postPolicy = client.generatePostPolicy(expiration, policyConds);
|
|
|
+ byte[] binaryData = postPolicy.getBytes("utf-8");
|
|
|
+ String encodedPolicy = BinaryUtil.toBase64String(binaryData);
|
|
|
+ String postSignature = client.calculatePostSignature(postPolicy);
|
|
|
+ Map<String, String> respMap = new LinkedHashMap<String, String>();
|
|
|
+ respMap.put("accessid", keyid);
|
|
|
+ respMap.put("policy", encodedPolicy);
|
|
|
+ respMap.put("signature", postSignature);
|
|
|
+ respMap.put("dir", filePath);
|
|
|
+ respMap.put("host", host);
|
|
|
+ respMap.put("expire", String.valueOf(expireEndTime / 1000));
|
|
|
+ JSONObject jasonCallback = new JSONObject();
|
|
|
+ jasonCallback.put("callbackUrl", "");
|
|
|
+ jasonCallback.put("callbackBody",
|
|
|
+ "filename=${object}&size=${size}&mimeType=${mimeType}&height=${imageInfo.height}&width=${imageInfo.width}");
|
|
|
+ jasonCallback.put("callbackBodyType", "application/x-www-form-urlencoded");
|
|
|
+ String base64CallbackBody = BinaryUtil.toBase64String(jasonCallback.toString().getBytes());
|
|
|
+ respMap.put("callback", base64CallbackBody);
|
|
|
+ return respMap;
|
|
|
+ }
|
|
|
+
|
|
|
+ /**
|
|
|
+ * 前端上传成功后
|
|
|
+ * OSS回调处理业务
|
|
|
+ * @param request
|
|
|
+ * @return
|
|
|
+ */
|
|
|
+ public boolean callbackService(HttpServletRequest request) throws IOException {
|
|
|
+ //读取参数
|
|
|
+ String ossCallbackBody = GetPostBody(request.getInputStream(),Integer.parseInt(request.getHeader("content-length")));
|
|
|
+ log.info("ossCallbackBody:"+ossCallbackBody);
|
|
|
+ //验证参数
|
|
|
+ boolean bool = VerifyOSSCallbackRequest(request, ossCallbackBody);
|
|
|
+ log.info("verify result : " + bool);
|
|
|
+ return bool;
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ /**
|
|
|
+ * 获取Post消息体
|
|
|
+ *
|
|
|
+ * @param is
|
|
|
+ * @param contentLen
|
|
|
+ * @return
|
|
|
+ */
|
|
|
+ private String GetPostBody(InputStream is, int contentLen) {
|
|
|
+ if (contentLen > 0) {
|
|
|
+ int readLen = 0;
|
|
|
+ int readLengthThisTime = 0;
|
|
|
+ byte[] message = new byte[contentLen];
|
|
|
+ try {
|
|
|
+ while (readLen != contentLen) {
|
|
|
+ readLengthThisTime = is.read(message, readLen, contentLen - readLen);
|
|
|
+ if (readLengthThisTime == -1) {// Should not happen.
|
|
|
+ break;
|
|
|
+ }
|
|
|
+ readLen += readLengthThisTime;
|
|
|
+ }
|
|
|
+ return new String(message);
|
|
|
+ } catch (IOException e) {
|
|
|
+ e.printStackTrace();
|
|
|
+ }
|
|
|
+ }
|
|
|
+ return "";
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ /**
|
|
|
+ * 验证上传回调的Request
|
|
|
+ *
|
|
|
+ * @param request
|
|
|
+ * @param ossCallbackBody
|
|
|
+ */
|
|
|
+ private boolean VerifyOSSCallbackRequest(HttpServletRequest request, String ossCallbackBody)
|
|
|
+ throws NumberFormatException, IOException {
|
|
|
+ boolean ret = false;
|
|
|
+ String autorizationInput = new String(request.getHeader("Authorization"));
|
|
|
+ log.info("autorizationInput:"+autorizationInput);
|
|
|
+ String pubKeyInput = request.getHeader("x-oss-pub-key-url");
|
|
|
+ log.info("pubKeyInput:"+pubKeyInput);
|
|
|
+ byte[] authorization = BinaryUtil.fromBase64String(autorizationInput);
|
|
|
+ byte[] pubKey = BinaryUtil.fromBase64String(pubKeyInput);
|
|
|
+ String pubKeyAddr = new String(pubKey);
|
|
|
+ if (!pubKeyAddr.startsWith("http://gosspublic.alicdn.com/")
|
|
|
+ && !pubKeyAddr.startsWith("https://gosspublic.alicdn.com/")) {
|
|
|
+ System.out.println("pub key addr must be oss addrss");
|
|
|
+ return false;
|
|
|
+ }
|
|
|
+ String retString = executeGet(pubKeyAddr);
|
|
|
+ retString = retString.replace("-----BEGIN PUBLIC KEY-----", "");
|
|
|
+ retString = retString.replace("-----END PUBLIC KEY-----", "");
|
|
|
+ String queryString = request.getQueryString();
|
|
|
+ String uri = request.getRequestURI();
|
|
|
+ String decodeUri = java.net.URLDecoder.decode(uri, "UTF-8");
|
|
|
+ String authStr = decodeUri;
|
|
|
+ if (queryString != null && !queryString.equals("")) {
|
|
|
+ authStr += "?" + queryString;
|
|
|
+ }
|
|
|
+ authStr += "\n" + ossCallbackBody;
|
|
|
+ ret = doCheck(authStr, authorization, retString);
|
|
|
+ return ret;
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ /**
|
|
|
+ * 获取public key
|
|
|
+ * @param url
|
|
|
+ * @return
|
|
|
+ */
|
|
|
+ private String executeGet(String url) {
|
|
|
+ BufferedReader in = null;
|
|
|
+
|
|
|
+ String content = null;
|
|
|
+ try {
|
|
|
+ // 定义HttpClient
|
|
|
+ @SuppressWarnings("resource")
|
|
|
+ DefaultHttpClient client = new DefaultHttpClient();
|
|
|
+ // 实例化HTTP方法
|
|
|
+ HttpGet request = new HttpGet();
|
|
|
+ request.setURI(new URI(url));
|
|
|
+ HttpResponse response = client.execute(request);
|
|
|
+
|
|
|
+ in = new BufferedReader(new InputStreamReader(response.getEntity().getContent()));
|
|
|
+ StringBuffer sb = new StringBuffer("");
|
|
|
+ String line = "";
|
|
|
+ String NL = System.getProperty("line.separator");
|
|
|
+ while ((line = in.readLine()) != null) {
|
|
|
+ sb.append(line + NL);
|
|
|
+ }
|
|
|
+ in.close();
|
|
|
+ content = sb.toString();
|
|
|
+ } catch (Exception e) {
|
|
|
+ } finally {
|
|
|
+ if (in != null) {
|
|
|
+ try {
|
|
|
+ in.close();// 最后要关闭BufferedReader
|
|
|
+ } catch (Exception e) {
|
|
|
+ e.printStackTrace();
|
|
|
+ }
|
|
|
+ }
|
|
|
+ return content;
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ /**
|
|
|
+ * 验证RSA
|
|
|
+ *
|
|
|
+ * @param content
|
|
|
+ * @param sign
|
|
|
+ * @param publicKey
|
|
|
+ * @return
|
|
|
+ */
|
|
|
+ private static boolean doCheck(String content, byte[] sign, String publicKey) {
|
|
|
+ try {
|
|
|
+ KeyFactory keyFactory = KeyFactory.getInstance("RSA");
|
|
|
+ byte[] encodedKey = BinaryUtil.fromBase64String(publicKey);
|
|
|
+ PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(encodedKey));
|
|
|
+ java.security.Signature signature = java.security.Signature.getInstance("MD5withRSA");
|
|
|
+ signature.initVerify(pubKey);
|
|
|
+ signature.update(content.getBytes());
|
|
|
+ boolean bverify = signature.verify(sign);
|
|
|
+ return bverify;
|
|
|
+
|
|
|
+ } catch (Exception e) {
|
|
|
+ e.printStackTrace();
|
|
|
+ }
|
|
|
+
|
|
|
+ return false;
|
|
|
+ }
|
|
|
}
|