Merge branch 'develop'

app/Http/Controllers/OssController.php

@@ -0,0 +1,59 @@
+<?php
+
+namespace App\Http\Controllers;
+use AliCloud\Core\Profile\DefaultProfile;
+use AliCloud\Core\DefaultAcsClient;
+use AliCloud\Core\Exception\ServerException;
+use AliCloud\Core\Exception\ClientException;
+use AliCloud\STS\AssumeRoleRequest;
+
+class OssController extends Controller
+{
+    public function getSts()
+    {
+        $regionID = "cn-zhangjiakou";
+        $endpoint = "sts.cn-zhangjiakou.aliyuncs.com";
+        DefaultProfile::addEndpoint($regionID, $regionID, "Sts", $endpoint);
+        $iClientProfile = DefaultProfile::getProfile($regionID, 'LTAIG3B3vMgxdnGg', 'EJY6vwMje1npqZYmIwrmUWlVTiVW18');
+        $client = new DefaultAcsClient($iClientProfile);
+        // 指定角色ARN
+        $roleArn = "acs:ram::1211062998797452:role/ramoss-sts";
+        // 在扮演角色时，添加一个权限策略，进一步限制角色的权限
+        // 以下权限策略表示拥有可以读取所有OSS的只读权限
+$policy = <<<POLICY
+        {
+          "Statement": [
+            {
+              "Action": [
+                "oss:Get*",
+                "oss:List*",
+                "oss:Put*"
+              ],
+              "Effect": "Allow",
+              "Resource": "*"
+            }
+          ],
+          "Version": "1"
+        }
+POLICY;
+        $request = new AssumeRoleRequest();
+        // RoleSessionName即临时身份的会话名称，用于区分不同的临时身份
+        $request->setRoleSessionName("alice");
+        $request->setRoleArn($roleArn);
+        $request->setPolicy($policy);
+        $request->setDurationSeconds(3600);
+        try {
+            $response = $client->getAcsResponse($request);
+            $result['region'] = $regionID;
+            $result['accessKeyId'] = $response->Credentials->AccessKeyId;
+            $result['accessKeySecret'] = $response->Credentials->AccessKeySecret;
+            $result['stsToken'] = $response->Credentials->SecurityToken;
+            $result['bucket'] = 'uptoyo';
+            return $this->jsonSuccess($result);
+        } catch (ServerException $e) {
+            return jsonError($e->getMessage());
+        } catch (ClientException $e) {
+            return jsonError($e->getMessage());
+        }
+    }
+}

app/Http/Controllers/UploadController.php

@@ -6,6 +6,7 @@ use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Storage;
 use Intervention\Image\Facades\Image;
+use Symfony\Component\Debug\Exception\FatalThrowableError;
 
 class UploadController extends Controller
 {
@@ -38,6 +39,9 @@ class UploadController extends Controller
             }catch (\Exception $exception){
                 Log::error('upload-exception:'.$exception->getMessage());
                 return $this->jsonError('图片上传失败,请重试');
+            }catch (\Throwable $throwable){
+                Log::error('upload-error:'.$throwable->getMessage());
+                return $this->jsonError('图片上传失败,请重试');
             }
         } else {
             return $this->jsonError('仅支持图片上传,请重试');

composer.json

@@ -6,6 +6,7 @@
     "type": "project",
     "require": {
         "php": ">=7.1.3",
+        "jiajialu/aliyun-sdk-sts": "^3.0",
         "dingo/api": "^2.2",
         "doctrine/dbal": "^2.9",
         "guzzlehttp/guzzle": "^6.3",

routes/api.php

@@ -30,7 +30,10 @@ $api->version('v1', [
 
         //已隐藏规则消息
         $api->get('message/hide', 'MessageRuleController@hide');
+        //ali oss sts
+        $api->get('oss/sts', 'OssController@getSts');
     });
+
     //登录+验签
     $api->group(['middleware' => ['chxq_jwt_auth', 'chxq_sign']], function ($api) {
     });