Acasă Explorează Ajutor
Înregistrare Autentificare
locky
/
ASJServer
1
0
Bifurcare 0
Fisiere Probleme 0 Trageți solicitările 0 Wiki
Arbore: 2b08120d8b
Ramuri Etichete
ASJServer
/
Ansjer
/
test
/
oss_sts.py

oss_sts.py 3.5 KB
Istoric Crud

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596 
  1. #!/usr/bin/env python3  
    2. 

  2. # -*- coding: utf-8 -*-  
    3. 

  3. """
    4. 

  4. @Copyright (C) ansjer cop Video Technology Co.,Ltd.All rights reserved.
    5. 

  5. @AUTHOR: ASJRD018
    6. 

  6. @NAME: AnsjerFormal
    7. 

  7. @software: PyCharm
    8. 

  8. @DATE: 2018/11/8 9:23
    9. 

  9. @Version: python3.6
    10. 

  10. @MODIFY DECORD:ansjer dev
    11. 

  11. @file: oss_sts.py
    12. 

  12. @Contact: chanjunkai@163.com
    13. 

  13. """
    14. 

  14. # -*- coding: utf-8 -*-
    15. 

  15. '''
    16. 

  16. 生成sts上传授权
    17. 

  17. '''
    18. 

  18. from aliyunsdkcore import client
    19. 

  19. from aliyunsdksts.request.v20150401 import AssumeRoleRequest
    20. 

  20. import json
    21. 

  21. import oss2
    22. 

  22. 

  23. 

  24. 

  25. '''
    26. 

  26. host = ""  # just for example
    27. 

  27. accessid = ""
    28. 

  28. accesskey = ""
    29. 

  29. bucket_name = ""
    30. 

  30. channel_name = "test-channel"
    31. 

  31. auth = Auth(accessid, accesskey)
    32. 

  32. bucket = Bucket(auth, host, bucket_name)
    33. 

  33. '''
    34. 

  34. # Endpoint以杭州为例,其它Region请按实际情况填写。
    35. 

  35. endpoint = 'oss-cn-shenzhen.aliyuncs.com'
    36. 

  36. # 阿里云主账号AccessKey拥有所有API的访问权限,风险很高。强烈建议您创建并使用RAM账号进行API访问或日常运维,请登录 https://ram.console.aliyun.com 创建RAM账号。
    37. 

  37. # access_key_id = 'LTAIXSozepSx81xe'
    38. 

  38. # access_key_secret = '19BlxRiAHDPLx4mhz6vQZRuhK0eKed'
    39. 

  39. access_key_id = 'LTAIKF7ohvwF5ugH'
    40. 

  40. access_key_secret = 'AfBIeMdrvMN3m0EsQYuRkmNyA7uWoz'
    41. 

  41. bucket_name = 'testrtmp'
    42. 

  42. # role_arn是角色的资源名称。
    43. 

  43. role_arn = 'acs:ram::1024237323330331:role/maxadmin'
    44. 

  44. 

  45. clt = client.AcsClient(access_key_id, access_key_secret, 'cn-shenzhen')
    46. 

  46. req = AssumeRoleRequest.AssumeRoleRequest()
    47. 

  47. 

  48. # 设置返回值格式为JSON。
    49. 

  49. req.set_accept_format('json')
    50. 

  50. req.set_RoleArn(role_arn)
    51. 

  51. req.set_RoleSessionName('chanjunkai')
    52. 

  52. req.set_DurationSeconds(3600)
    53. 

  53. policys={
    54. 

  54.     "Version": "1",
    55. 

  55.     "Statement": [
    56. 

  56.         {
    57. 

  57.             "Action": [
    58. 

  58.                 "oss:PutObject",
    59. 

  59.                 "oss:DeleteObject",
    60. 

  60.             ],
    61. 

  61.             "Resource": ["acs:oss:*:*:testrtmp/*"],
    62. 

  62.             "Effect": "Allow",
    63. 

  63.             "Condition": {
    64. 

  64.                 "IpAddress": {
    65. 

  65.                     "acs:SourceIp": "120.237.157.184"
    66. 

  66.                 }
    67. 

  67.             }
    68. 

  68.         }
    69. 

  69.     ]
    70. 

  70. }
    71. 

  71. req.set_Policy(Policy=json.dumps(policys))
    72. 

  72. body = clt.do_action(req)
    73. 

  73. # body = clt.do_action_with_exception(req)
    74. 

  74. # 使用RAM账号的AccessKeyId和AccessKeySecret向STS申请临时token。
    75. 

  75. token = json.loads(body)
    76. 

  76. print(token)
    77. 

  77. exit()
    78. 

  78. tokens = {
    79. 

  79.     "Credentials":{
    80. 

  80.     'AccessKeySecret': 'eDwALgKkfZp6eXD2jz8ckktfduneNCjEz8NgHxcZsVe',
    81. 

  81.     'AccessKeyId': 'STS.NJNUa1UjHgo5idVKqY9wBLB3e',
    82. 

  82.     'Expiration': '2018-11-15T09:06:30Z',
    83. 

  83.     'SecurityToken': 'CAISwgJ1q6Ft5B2yfSjIr4n7HtuFuLVp0K3ea0Lnr3EMNfhuo4eYhzz2IHxLf3RuAe8dvvw+nGBV7vsdlqN4S5ZDR1HCbsJxtkXiZd84J9ivgde8yJBZom/MewHKeeKSvqL7Z+H+U6mSGJOEYEzFkSle2KbzcS7YMXWuLZyOj+wADLEQRRLqVSdaI91UKwB+0pN4U0HcLvGwKBXnr3PNBU5zwGpGhHh49L60z7/siGTXh0aozfQO9cajYMq4YtJwJot6S5D3pqgUF4vZ+SJc8RVR790ShadfqwzAo8uWDnhJkWzkVLOOqps1d1A/P/VlXfcU8NqEzKUi5raIyN+tkE0WZboOCh6yHt7wnJH2f8qyLcs8eLrBPHDA78uCLJGdsXl/PS1AaV0SJIFxci4oWUF0F27ASqqu6FnGZwalW1srcmfDSBocGoABBPrYt/W5rkesL4dOVkQTaYz14WpwbEQfMBi+8/T5xLEqUP4tuwsiiBbsQhfAm3QLKzGODGJB9bCcfxpQPSnZuAyCI4uSUZiuCFUzdKX/eaiurRDLMnACYx3aEzfmDCvQ6dYbbHxIdk+0UNMWk51eWKXfWnoH+udI6rkks2AWjTM='
    84. 

  84.   }
    85. 

  85. }
    86. 

  86. # 使用临时token中的认证信息初始化StsAuth实例。
    87. 

  87. auth = oss2.StsAuth(token['Credentials']['AccessKeyId'],
    88. 

  88.                     token['Credentials']['AccessKeySecret'],
    89. 

  89.                     token['Credentials']['SecurityToken'])
    90. 

  90. print(auth)
    91. 

  91. # 使用StsAuth实例初始化存储空间。
    92. 

  92. bucket = oss2.Bucket(auth, endpoint, bucket_name)
    93. 

  93. # 上传一个字符串。
    94. 

  94. # res = bucket.put_object('oss_media_hls.ts', b'hello world')
    95. 

  95. res = bucket.put_object('object-name.txt', b'hello world')
    96. 

  96. print(res)
    97.