guoxiangbin
/
bjhedasx
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '53c180105a'
${ noResults }
bjhedasx/extend/tencent/sts/credentials/Credentials.php

69 lines
2.4 KiB
Raw Blame History Escape

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

<?php
namespace tencent\sts\credentials;
use TencentCloud\Common\Credential;
use TencentCloud\Common\Profile\ClientProfile;
use TencentCloud\Common\Profile\HttpProfile;
use TencentCloud\Common\Exception\TencentCloudSDKException;
use TencentCloud\Sts\V20180813\StsClient;
use TencentCloud\Sts\V20180813\Models\GetFederationTokenRequest;
use tencent\sts\Base;
class Credentials extends Base
{
/**
* 获取联合身份临时访问凭证
* @param string $name 自定义调用方英文名称,由字母组成
* @param string $policy 授予该临时证书权限的CAM策略
* @date 2022-11-29
*/
public function getFederationToken($name, $policy)
{
try {
// 实例化一个认证对象入参需要传入腾讯云账户secretIdsecretKey,此处还需注意密钥对的保密
$cred = new Credential($this->config['secret_id'], $this->config['secret_key']);
// 实例化一个http选项可选的没有特殊需求可以跳过
$httpProfile = new HttpProfile();
$httpProfile->setEndpoint("sts.tencentcloudapi.com");
// 实例化一个client选项可选的没有特殊需求可以跳过
$clientProfile = new ClientProfile();
$clientProfile->setHttpProfile($httpProfile);
// 实例化要请求产品的client对象,clientProfile是可选的
$client = new StsClient($cred, $this->config['region'], $clientProfile);
// 实例化一个请求对象,每个接口都会对应一个request对象
$req = new GetFederationTokenRequest();
$params = [
"Name" => $name,
"Policy" => urlencode(json_encode($policy))
];
$req->fromJsonString(json_encode($params));
// 返回的resp是一个GetFederationTokenResponse的实例与请求对象对应
$resp = $client->GetFederationToken($req);
// 输出json格式的字符串回包
$resp = $resp->toJsonString();
$result = json_decode($resp, true);
// 记录日志
$uid = defined('UID') ? UID : '';
platformLog([
"Name" => $name,
"Policy" => $policy
], $result, 'tencent_sts_get_federation_token_uid_' . $uid);
return $result;
} catch (TencentCloudSDKException $e) {
echo $e;
}
}
}
Reference in new issue View Git Blame Copy Permalink