|
问题
使用S3的V4版本签名,预签名URL有效期最高只有7天,如果要设置超过7天的有效期,则需要修改签名版本,具体设置方法如下
S3 Java SDK
只需要在构建client的时候,调用config.setSignerOverride("S3SignerType")方法设置签名版本,完整代码如下:
import java.net.URL;
import java.util.Date;
import com.amazonaws.ClientConfiguration;
import com.amazonaws.HttpMethod;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.auth.AWSCredentialsProvider;
import com.amazonaws.auth.AWSStaticCredentialsProvider;
import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.client.builder.AwsClientBuilder;
import com.amazonaws.services.s3.AmazonS3;
import com.amazonaws.services.s3.AmazonS3Client;
import com.amazonaws.services.s3.model.GeneratePresignedUrlRequest;
public class PresignUrl {
AmazonS3 s3;
PresignUrl(String accessKey, String secretKey, String endpoint, String region) {
ClientConfiguration config = new ClientConfiguration();
// S3SignerType: 使用v2版本签名,url有效期支持2年
// AWSS3V4SignerType: 使用v4版本签名,url有效期最大支持7天
config.setSignerOverride("S3SignerType");
AwsClientBuilder.EndpointConfiguration endpointConfig = new AwsClientBuilder.EndpointConfiguration(endpoint, region);
AWSCredentials awsCredentials = new BasicAWSCredentials(accessKey, secretKey);
AWSCredentialsProvider awsCredentialsProvider = new AWSStaticCredentialsProvider(awsCredentials);
this.s3 = AmazonS3Client.builder()
.withEndpointConfiguration(endpointConfig)
.withClientConfiguration(config)
.withCredentials(awsCredentialsProvider)
.disableChunkedEncoding()
.withPathStyleAccessEnabled(true)
.build();
}
public URL generatePresignUrl(String bucketName, String keyName, HttpMethod method, Date expiration) {
GeneratePresignedUrlRequest request = new GeneratePresignedUrlRequest(bucketName, keyName)
.withMethod(method)
.withExpiration(expiration);
return this.s3.generatePresignedUrl(request);
}
static public void main(String [ ]str) {
final String accessKey = "";
final String secretKey = "";
final String endpoint = "http://s3.cn-north-1.jdcloud-oss.com";
final String region = "cn-north-1";
final String bucketName = "BUCKET";
final String keyName = "Object";
final HttpMethod method = HttpMethod.GET; //此处设置您的PresignUrl允许的HTTP方法
final Integer expireInSeconds = 704800; //此处设置您的PresignUrl有效的时间段,以秒为单位
final Date expiration = new Date(System.currentTimeMillis() + expireInSeconds * 1000);
URL url = new PresignUrl(accessKey, secretKey, endpoint, region).generatePresignUrl(bucketName, keyName, method, expiration);
System.out.println("Pre-Signed URL: " + url);
}
}
S3 Python SDK
import boto3
from botocore.client import Config
# 账号ak/sk
ACCESS_KEY = ''
SECRET_KEY = ''
endpoint = 'https://s3.cn-north-1.jdcloud-oss.com'
s3 = boto3.client(
's3',
aws_access_key_id=ACCESS_KEY,
aws_secret_access_key=SECRET_KEY,
# signature_version:s3: 使用v2版本签名
# signature_version:s3v4:使用v4版本签名
config=Config(signature_version='s3',s3={'addressing_style': 'path'}),
endpoint_url=endpoint
)
print(s3.generate_presigned_url(ClientMethod='get_object', Params={'Bucket': 'BUCKET', 'Key': 'Object'},ExpiresIn=704800))
|