bjhedasx/extend/ali/oss/ServiceSign.php

<?php

namespace ali\oss;


use think\facade\Request;

class ServiceSign extends Base
{

    /**
     * 服务端签名直传并设置上传回调
     * @date 2021-03-01
     */
    public function getOssSignature()
    {
        //定义文件名称
        $file_name = date('Ymd') . '/' . md5(microtime(true));

        $callback_param = [
            'callbackUrl' => Request::domain() . '/index.php/base/oss/platform/Callback/fileDelete',  //callbackUrl为回调服务器地址，如http://oss-demo.aliyuncs.com:23450或http://127.0.0.1:9090
            'callbackBody' => 'bucket=${bucket}&object=${object}&show_url_domain=${show_url_domain}',
            'callbackBodyType' => "application/x-www-form-urlencoded"
        ];

        $callback_string = json_encode($callback_param);
        $base64_callback_body = base64_encode($callback_string);

        $now = time();
        $expire = 900;  //设置该policy超时时间是10s. 即这个policy过了这个有效时间，将不能访问。
        $end = $now + $expire;
        $expiration = $this->gmtIso8601($end);

        $conditions = [
            // 指定所允许上传的文件最大和最小范围，例如允许的文件大小为1~10字节，则可以写为["content-length-range", 1, 10] 1048576000字节 = 1000M
            [0 => 'content-length-range', 1 => 0, 2 => 1048576000],
            [0 => 'starts-with', 1 => '$key', 2 => $this->config['first_directory']]// 表示用户上传的数据，必须是以$dir开始，不然上传会失败，这一步不是必须项，只是为了安全起见，防止用户通过policy上传到别人的目录。
        ];
        $policy = array('expiration' => $expiration, 'conditions' => $conditions);
        $policy = json_encode($policy);
        $base64_policy = base64_encode($policy);

        $string_to_sign = $base64_policy;
        $signature = base64_encode(hash_hmac('sha1', $string_to_sign, $this->config['access_key_secret'], true));

        $response = [
            'accessid' => $this->config['access_key_id'],
            'host' => $this->config['bucket_default_url'],
            'policy' => $base64_policy,
            'signature' => $signature,
            'expire' => $end,
//            'callback' => $base64_callback_body,
            'dir' => $this->config['first_directory'] . '/uid' . $this->config['uid'] . '/api/',  // 这个参数是设置用户上传文件时指定的前缀。
            'show_host' => $this->config['show_url']
        ];

//        $response['showUrlDomain'] = $this->config['access_id'];

        return $response;
    }


    private function gmtIso8601($time)
    {
        $dtStr = date("c", $time);
        $pos = strpos($dtStr, '+');
        $expiration = substr($dtStr, 0, $pos);
        return $expiration . ".000Z";
    }
//
//    private function gmtIso8601($time) {
//        $dtStr = date("c", $time);
//        $mydatetime = new \DateTime($dtStr);
//        $expiration = $mydatetime->format(\DateTime::ISO8601);
//        $pos = strpos($expiration, '+');
//        $expiration = substr($expiration, 0, $pos);
//        return $expiration."Z";
//    }

}