85 lines
2.3 KiB
Go
85 lines
2.3 KiB
Go
package main
|
|
|
|
import (
|
|
"fmt"
|
|
"strings"
|
|
|
|
"github.com/aliyun/aliyun-oss-go-sdk/oss"
|
|
"github.com/aliyun/credentials-go/credentials"
|
|
"github.com/joho/godotenv"
|
|
"github.com/topfans/backend/gateway/config"
|
|
)
|
|
|
|
func main() {
|
|
_ = godotenv.Load("../../.env", "../.env", ".env")
|
|
cfg := config.Load()
|
|
|
|
fmt.Println("=== OSS 分步诊断 ===")
|
|
fmt.Printf("Bucket: %s Region: %s\n", cfg.OSS.BucketName, cfg.OSS.Region)
|
|
fmt.Printf("AK: %s Role: %s\n", mask(cfg.OSS.AccessKeyID), cfg.OSS.RoleArn)
|
|
|
|
fmt.Println("\n[1] STS AssumeRole")
|
|
stsAK, stsSK, stsToken, stsErr := trySTS(cfg)
|
|
if stsErr != nil {
|
|
fmt.Printf(" FAIL: %v\n", stsErr)
|
|
} else {
|
|
fmt.Printf(" OK 临时 AK: %s\n", mask(stsAK))
|
|
fmt.Printf(" PutObject via STS: %s\n", tryPut(stsAK, stsSK, stsToken, cfg))
|
|
}
|
|
|
|
fmt.Println("\n[2] AK/SK 直连")
|
|
fmt.Printf(" PutObject via AK: %s\n", tryPut(cfg.OSS.AccessKeyID, cfg.OSS.AccessKeySecret, "", cfg))
|
|
}
|
|
|
|
func trySTS(cfg *config.Config) (string, string, string, error) {
|
|
credConfig := new(credentials.Config).
|
|
SetType("ram_role_arn").
|
|
SetAccessKeyId(cfg.OSS.AccessKeyID).
|
|
SetAccessKeySecret(cfg.OSS.AccessKeySecret).
|
|
SetRoleArn(cfg.OSS.RoleArn).
|
|
SetRoleSessionName("diag").
|
|
SetPolicy("").
|
|
SetRoleSessionExpiration(3600)
|
|
provider, err := credentials.NewCredential(credConfig)
|
|
if err != nil {
|
|
return "", "", "", err
|
|
}
|
|
cred, err := provider.GetCredential()
|
|
if err != nil {
|
|
return "", "", "", err
|
|
}
|
|
return *cred.AccessKeyId, *cred.AccessKeySecret, *cred.SecurityToken, nil
|
|
}
|
|
|
|
func tryPut(ak, sk, token string, cfg *config.Config) string {
|
|
endpoint := fmt.Sprintf("https://oss-%s.aliyuncs.com", cfg.OSS.Region)
|
|
var client *oss.Client
|
|
var err error
|
|
if token != "" {
|
|
client, err = oss.New(endpoint, ak, sk, oss.SecurityToken(token))
|
|
} else {
|
|
client, err = oss.New(endpoint, ak, sk)
|
|
}
|
|
if err != nil {
|
|
return "client FAIL: " + err.Error()
|
|
}
|
|
bucket, err := client.Bucket(cfg.OSS.BucketName)
|
|
if err != nil {
|
|
return "bucket FAIL: " + err.Error()
|
|
}
|
|
key := "laser-card-segment/tmp/0/0/diag_step.jpg"
|
|
err = bucket.PutObject(key, strings.NewReader("diag"), oss.ContentType("image/jpeg"))
|
|
if err != nil {
|
|
return "PutObject FAIL: " + err.Error()
|
|
}
|
|
return "OK"
|
|
}
|
|
|
|
func mask(s string) string {
|
|
s = strings.TrimSpace(s)
|
|
if len(s) <= 8 {
|
|
return "***"
|
|
}
|
|
return s[:4] + "****" + s[len(s)-4:]
|
|
}
|