TosClient 在向服务端发起请求时,默认会在请求 header 里包含签名。SDK 也支持构造带签名的 URL,用户可直接用该 URL 发起 HTTP 请求,也可以将该 URL 共享给第三方实现访问授权。
以下代码用于预签名的 URL 向指定桶中上传对象。
package main import ( "net/http" "strings" "github.com/volcengine/ve-tos-golang-sdk/v2/tos" "github.com/volcengine/ve-tos-golang-sdk/v2/tos/enum" ) func checkErr(err error) { if err != nil { if serverErr, ok := err.(*tos.TosServerError); ok { fmt.Println("Error:", serverErr.Error()) fmt.Println("Request ID:", serverErr.RequestID) fmt.Println("Response Status Code:", serverErr.StatusCode) fmt.Println("Response Header:", serverErr.Header) fmt.Println("Response Err Code:", serverErr.Code) fmt.Println("Response Err Msg:", serverErr.Message) } else if clientErr, ok := err.(*tos.TosClientError); ok { fmt.Println("Error:", clientErr.Error()) fmt.Println("Client Cause Err:", clientErr.Cause.Error()) } else { fmt.Println("Error:", err) } panic(err) } } func main() { var ( accessKey = os.Getenv("TOS_ACCESS_KEY") secretKey = os.Getenv("TOS_SECRET_KEY") endpoint = "your endpoint" region = "your region" bucketName = "your bucket name" objectName = "your object name" httpClient = &http.Client{} ) client, err := tos.NewClientV2(endpoint, tos.WithRegion(region), tos.WithCredentials(tos.NewStaticCredentials(accessKey, secretKey))) checkErr(err) // 生成上传对象预签名 url, err := client.PreSignedURL(&tos.PreSignedURLInput{ HTTPMethod: enum.HttpMethodPut, Bucket: bucketName, Key: objectName, }) checkErr(err) // 上传对象 body := strings.NewReader("your body reader") req, _ := http.NewRequest(http.MethodPut, url.SignedUrl, body) res, err := httpClient.Do(req) checkErr(err) if res.StatusCode != http.StatusOK { panic("unexpected status code") } }
以下代码用于预签名的 URL 向指定桶中下载对象。
package main import ( "net/http" "github.com/volcengine/ve-tos-golang-sdk/v2/tos" "github.com/volcengine/ve-tos-golang-sdk/v2/tos/enum" ) func checkErr(err error) { if err != nil { panic(err) } } func main() { var ( accessKey = os.Getenv("TOS_ACCESS_KEY") secretKey = os.Getenv("TOS_SECRET_KEY") // Bucket 对应的 Endpoint,以华北2(北京)为例:https://tos-cn-beijing.volces.com endpoint = "https://tos-cn-beijing.volces.com" region = "cn-beijing" // 填写 BucketName bucketName = "*** Provide your bucket name ***" // 指定的 ObjectKey objectKey = "*** Provide your object key ***" httpClient = &http.Client{} ) client, err := tos.NewClientV2(endpoint, tos.WithRegion(region), tos.WithCredentials(tos.NewStaticCredentials(accessKey, secretKey))) checkErr(err) // 生成下载对象预签名 url, err := client.PreSignedURL(&tos.PreSignedURLInput{ HTTPMethod: enum.HttpMethodGet, Bucket: bucketName, Key: objectKey, }) checkErr(err) // 下载对象 req, _ := http.NewRequest(http.MethodGet, url.SignedUrl, nil) res, err := httpClient.Do(req) checkErr(err) if res.StatusCode != http.StatusOK { panic("unexpected status code") } }
以下代码用于预签名的 URL 在指定桶中删除对象。
package main import ( "net/http" "github.com/volcengine/ve-tos-golang-sdk/v2/tos" "github.com/volcengine/ve-tos-golang-sdk/v2/tos/enum" ) func checkErr(err error) { if err != nil { panic(err) } } func main() { var ( accessKey = os.Getenv("TOS_ACCESS_KEY") secretKey = os.Getenv("TOS_SECRET_KEY") // Bucket 对应的 Endpoint,以华北2(北京)为例:https://tos-cn-beijing.volces.com endpoint = "https://tos-cn-beijing.volces.com" region = "cn-beijing" // 填写 BucketName bucketName = "*** Provide your bucket name ***" // 指定的 ObjectKey objectKey = "*** Provide your object key ***" httpClient = &http.Client{} ) client, err := tos.NewClientV2(endpoint, tos.WithRegion(region), tos.WithCredentials(tos.NewStaticCredentials(accessKey, secretKey))) checkErr(err) // 生成删除对象预签名 url, err := client.PreSignedURL(&tos.PreSignedURLInput{ HTTPMethod: enum.HttpMethodDelete, Bucket: bucketName, Key: objectKey, }) checkErr(err) // 删除对象 req, _ := http.NewRequest(http.MethodDelete, url.SignedUrl, nil) res, err := httpClient.Do(req) checkErr(err) if res.StatusCode != http.StatusNoContent { panic("unexpected status code") } }
关于 URL 包含签名的详细信息,请参见 URL 中包含签名。