腾讯云cos 临时密钥 适用于前端直传等临时授权场景
composer添加
"qcloud_sts/qcloud-sts-sdk": "^3.0",
"tencentcloud/sts": "^3.0"
执行
composer require qcloud_sts/qcloud-sts-sdk
composer require tencentcloud/sts
然后就可以直接使用了
$params参数可以看官网去设置:对象存储-临时密钥生成及使用指引
try {
// 实例化一个认证对象,入参需要传入腾讯云账户 SecretId 和 SecretKey,此处还需注意密钥对的保密
// 代码泄露可能会导致 SecretId 和 SecretKey 泄露,并威胁账号下所有资源的安全性。以下代码示例仅供参考,建议采用更安全的方式来使用密钥,请参见:https://cloud.tencent.com/document/product/1278/85305
// 密钥可前往官网控制台 https://console.cloud.tencent.com/cam/capi 进行获取
$cred = new Credential(Env::get('COS_SECRET_ID'), Env::get('COS_SECRET_KEY'));
// 实例化一个http选项,可选的,没有特殊需求可以跳过
$httpProfile = new HttpProfile();
$httpProfile->setEndpoint("sts.tencentcloudapi.com");
// 实例化一个client选项,可选的,没有特殊需求可以跳过
$clientProfile = new ClientProfile();
$clientProfile->setHttpProfile($httpProfile);
// 实例化要请求产品的client对象,clientProfile是可选的
$client = new StsClient($cred, "ap-guangzhou", $clientProfile);
// 实例化一个请求对象,每个接口都会对应一个request对象
$req = new GetFederationTokenRequest();
$params = array(
"Name" => "test",
"Policy" => "{\"version\":\"2.0\",\"statement\":[{\"effect\":\"allow\",\"action\":[\"name/cos:PutObject\",\"name/cos:DeleteObject\",\"name/cos:InitiateMultipartUpload\",\"name/cos:ListMultipartUploads\",\"name/cos:ListParts\",\"name/cos:UploadPart\",\"name/cos:CompleteMultipartUpload\"],\"resource\":\"*\"}]}",
"DurationSeconds" => 1800
);
$req->fromJsonString(json_encode($params));
// 返回的resp是一个GetFederationTokenResponse的实例,与请求对象对应
$resp = $client->GetFederationToken($req);
$return = [];
$return['sts'] = $resp;
$return['bucket'] = Env::get('COS_BUCKET').'-'.Env::get('COS_APP_ID');
$return['start_time'] = strtotime(date('Y-m-d H:i:s'));
$return['region'] = Env::get('COS_REGION');
// 输出json格式的字符串回包
return success($return);
}
catch(TencentCloudSDKException $e) {
return failure(1, $e->getMessage());
}