public class AccKeyUtilController extends BaseController {
public static String REGION_ID = "cn-beijing";
public static String ACCESSKEY_ID = "《你的AccessKey——id》";
public static String SECRET = "《账号secret》";
public static String ROLE_ARN = "《账号的 arn》";
private final static String ISO8601_DATE_FORMAT = "yyyy-MM-dd‘T‘HH:mm:ss‘Z‘";
private final static String KEY = "《鉴权key》";
@RequestMapping(value="/getSign", method= RequestMethod.POST)
public Map<String, String> getSignature(HttpServletRequest request, HttpServletResponse resp) {
/*resp.addHeader("Content-type", "application/json;charset=UTF-8");
resp.addHeader("Access-Control-Allow-Origin", "*");*/
/*resp.setHeader("Content-type", "application/json;charset=UTF-8");
resp.setHeader("Access-Control-Allow-Origin", "*");*/
String mediaId = null;
try {
JSONObject params = this.getJSONObject(request.getInputStream());
mediaId = (String)params.get("mediaId");
} catch (IOException e) {
e.printStackTrace();
}
IClientProfile profile = DefaultProfile.getProfile(REGION_ID, ACCESSKEY_ID, SECRET);
DefaultAcsClient client = new DefaultAcsClient(profile);
Map<String, String> resultMap = new HashMap<>();
AssumeRoleResponse response = null;
AssumeRoleResponse.Credentials credentials;
try {
response = assumeRole(client, ROLE_ARN);
credentials = response.getCredentials();
System.out.println(credentials.getAccessKeyId() + "\n---akid" + "\n" +
credentials.getAccessKeySecret() + "\n---aks" + "\n" +
credentials.getSecurityToken() + "\n---st" + "\n" +
credentials.getExpiration());
String expiretime = nowTime();
try {
//时间 进行转码
String encode = AcsURLEncoder.encode(expiretime);
System.out.println(expiretime + "---时间");
//拼装字符串
String data = "ExpireTime=" + encode + "&MediaId=" + mediaId;
System.out.println(data);
//开始生成 签名
SecretKeySpec signKey = new SecretKeySpec(KEY.getBytes(), "HmacSHA1");
System.out.println(signKey);
Mac mac = null;
try {
mac = Mac.getInstance("HmacSHA1");
mac.init(signKey);
//对生成的签名进行 BASE64转码
byte[] bytes = mac.doFinal(data.getBytes());
String encode2 = new BASE64Encoder().encode(bytes);
System.out.println(encode2);
//把需要的数据 放入MAP中 返回到前台 s
resultMap.put("accessKeyId",credentials.getAccessKeyId());
resultMap.put("securityToken",credentials.getSecurityToken());
resultMap.put("accessKeySecret",credentials.getAccessKeySecret());
resultMap.put("ExpireTime",expiretime);
resultMap.put("Signature",encode2);
resultMap.put("domainRegion",REGION_ID);
return resultMap;
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
}
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
} catch (ClientException e) {
e.printStackTrace();
}
return null;
}
private static AssumeRoleResponse assumeRole(DefaultAcsClient client, String roleArn) throws ClientException {
final AssumeRoleRequest request = new AssumeRoleRequest();
request.setVersion("2015-04-01");
request.setMethod(MethodType.POST);
request.setProtocol(ProtocolType.HTTPS);
request.setDurationSeconds(1200L);
request.setRoleArn(roleArn);
request.setRoleSessionName("test-token");
return client.getAcsResponse(request);
}
public static String nowTime() {
TimeZone.setDefault(TimeZone.getTimeZone("GMT+10"));
SimpleDateFormat df = new SimpleDateFormat(ISO8601_DATE_FORMAT);
Date date = new Date();
return df.format(date);
}
}
//前台播放器
var player = new Aliplayer({
id: ‘J_prismPlayer‘,
width: ‘80%‘,
autoplay: false,
//播放方式三:仅MTS用户使用
vid: ‘<视频ID>‘,
accId: ‘<验证签名后--返回的accID>‘,
format:‘m3u8‘,
accSecret: ‘<验证签名后--返回的>‘,
stsToken: ‘<签证签名后--返回的>‘,
domainRegion: ‘cn-beijing‘,
useFlashPrism:true,
authInfo: ‘{"ExpireTime": "<过期时间-GMT格式>", "MediaId": "<视频Id>","Signature": "<验证签名--生成的签名>"}‘
}, function (player) {
console.log(‘播放器创建好了。‘)
});
