sts获取
参考https://help.aliyun.com/document_detail/28792.html?spm=a2c4g.11186623.6.786.6fb238dfI9iiqA
配置config.php
获取sts信息
<?php namespace common\components; include_once 'aliyun-php-sdk/aliyun-php-sdk-core/Config.php'; use DefaultProfile; use DefaultAcsClient; use ServerException; use ClientException; use Sts\Request\V20150401 as Sts; define("REGION_ID", "cn-shanghai"); define("ENDPOINT", "sts.cn-shanghai.aliyuncs.com"); class Aliyunsts { public static $accessKeyId = ""; public static $accessKeySecret = ""; public static $endpoint = "http://oss-cn-hangzhou.aliyuncs.com/"; private $client; public function __construct() { // 只允许RAM用户使用角色 DefaultProfile::addEndpoint(REGION_ID, REGION_ID, "Sts", ENDPOINT); $iClientProfile = DefaultProfile::getProfile(REGION_ID, self::$accessKeyId, self::$accessKeySecret); $this->client = new DefaultAcsClient($iClientProfile); } //获取客户端签名 public function getSts() { // 指定角色ARN $roleArn = "<role-arn>"; // 在扮演角色时,添加一个权限策略,进一步限制角色的权限 // 以下权限策略表示拥有可以读取所有OSS的只读权限 $policy = <<<POLICY { "Statement": [ { "Action": [ "oss:Get*", "oss:List*" ], "Effect": "Allow", "Resource": "*" } ], "Version": "1" } POLICY; $request = new Sts\AssumeRoleRequest(); // RoleSessionName即临时身份的会话名称,用于区分不同的临时身份 $request->setRoleSessionName("client_name"); $request->setRoleArn($roleArn); $request->setPolicy($policy); $request->setDurationSeconds(3600); try { $response = $this->client->getAcsResponse($request); return $response; } catch (ServerException $e) { return "Error: " . $e->getErrorCode() . " Message: " . $e->getMessage(); } catch (ClientException $e) { return "Error: " . $e->getErrorCode() . " Message: " . $e->getMessage(); } } }
browser直传
参考https://help.aliyun.com/document_detail/64041.html?spm=a2c4g.11186623.6.1271.2f3a677awgVmqB
其他参考