AWS Java 开发工具包 2.0 为 S3 对象创建预签名 URL

java amazon-s3 amazon-web-services

2022-09-02 01:45:24

我知道使用SDK的1.x版本，它就像文档一样简单

java.util.Date expiration = new java.util.Date();
long msec = expiration.getTime();
msec += 1000 * 60 * 60; // Add 1 hour.
expiration.setTime(msec);

GeneratePresignedUrlRequest generatePresignedUrlRequest = new GeneratePresignedUrlRequest(bucketName, objectKey);
generatePresignedUrlRequest.setMethod(HttpMethod.PUT); 
generatePresignedUrlRequest.setExpiration(expiration);

URL s = s3client.generatePresignedUrl(generatePresignedUrlRequest);

但是，在查看2.0文档时，我找不到任何接近.GeneratePresignedUrlRequest

希望有另一个简单的模式？

答案 1

S3 的现在支持此功能。请参阅此处。GetObject

  // Create an S3Presigner using the default region and credentials.
      // This is usually done at application startup, because creating a presigner can be expensive.
      S3Presigner presigner = S3Presigner.create();

      // Create a GetObjectRequest to be pre-signed
      GetObjectRequest getObjectRequest =
              GetObjectRequest.builder()
                              .bucket("my-bucket")
                              .key("my-key")
                              .build();

      // Create a GetObjectPresignRequest to specify the signature duration
      GetObjectPresignRequest getObjectPresignRequest =
          GetObjectPresignRequest.builder()
                                 .signatureDuration(Duration.ofMinutes(10))
                                 .getObjectRequest(getObjectRequest)
                                 .build();

      // Generate the presigned request
      PresignedGetObjectRequest presignedGetObjectRequest =
          presigner.presignGetObject(getObjectPresignRequest);

      // Log the presigned URL, for example.
      System.out.println("Presigned URL: " + presignedGetObjectRequest.url());

      // It is recommended to close the S3Presigner when it is done being used, because some credential
      // providers (e.g. if your AWS profile is configured to assume an STS role) require system resources
      // that need to be freed. If you are using one S3Presigner per application (as recommended), this
      // usually is not needed.
      presigner.close();

S3 的现在也支持此功能。示例如下。PutObject

S3Presigner presigner = S3Presigner.create();
PresignedPutObjectRequest presignedRequest =
    presigner.presignPutObject(r -> r.signatureDuration(Duration.ofMinutes(5))
                                        .putObjectRequest(por -> por.bucket(testBucket).key(objectKey)));

System.out.println("Pre-signed URL to upload a file to: " + 
                   presignedRequest.url());
System.out.println("Which HTTP method needs to be used when uploading a file: " + 
                   presignedRequest.httpRequest().method());
System.out.println("Which headers need to be sent with the upload: " + 
                   presignedRequest.signedHeaders())

下面是使用预签名项目对象请求上传到 S3 的示例：

PresignedPutObjectRequest presignedRequest = ...;
SdkHttpClient httpClient = ApacheHttpClient.builder().build();

ContentStreamProvider contentToUpload = () -> new StringInputStream("Hello, World!");
HttpExecuteRequest uploadRequest = HttpExecuteRequest.builder()
                                                     .request(presignedRequest.httpRequest())
                                                     .contentStreamProvider(contentToUpload)
                                                     .build();

HttpExecuteResponse response = httpClient.prepareRequest(uploadRequest).call();
Validate.isTrue(response.httpResponse().isSuccessful());

答案 2

正如@Anurudhha在注释中提到的，SDK 2.0 尚不支持它。这是官方积压工作的链接

https://github.com/aws/aws-sdk-java-v2/projects/1

以下是功能请求中的解决方法，到目前为止可以为您提供帮助

https://gist.github.com/aaronanderson/f9e2806cc5e2c18fab4d7e60c589d160