Google云端存储从CDN NPM获得signedUrl [英] Google Cloud Storage get signedUrl from CDN npm
问题描述
我正在使用以下代码为我的内容创建一个签名的网址:
I am using a code as the following to create a signed Url for my content:
var storage = require('@google-cloud/storage')();
var myBucket = storage.bucket('my-bucket');
var file = myBucket.file('my-file');
//-
// Generate a URL that allows temporary access to download your file.
//-
var request = require('request');
var config = {
action: 'read',
expires: '03-17-2025'
};
file.getSignedUrl(config, function(err, url) {
if (err) {
console.error(err);
return;
}
// The file is now available to read from the URL.
});
这将创建一个以 https://storage.googleapis.com/my-bucket/
如果我将该URL放置在浏览器中,则该URL是可读的.
If I place that URL in the browser, it is readable.
但是,我想URL是对存储桶文件的直接访问,并且没有通过我配置的CDN.
However, i guess that URL is a direct access to the bucket file and is not passing through my configured CDN.
我在docs( https://cloud.google.com/nodejs/docs/reference/storage/1.6.x/File#getSignedUrl ),您可以传递cname选项,该选项会将url转换为替换 https://storage.googleapis.com/my-bucket/
到我的存储桶CDN.
I see that in the docs (https://cloud.google.com/nodejs/docs/reference/storage/1.6.x/File#getSignedUrl) you can pass a cname option, which transforms the url to replace https://storage.googleapis.com/my-bucket/
to my bucket CDN.
但是,当我复制生成的URL时,服务帐户或生成的url似乎无权访问该资源.
HOWEVER when I copy the resulting URL, the sevice account or resulting url doesn't seem to have access to the resource.
我已将Firebase管理员服务帐户添加到存储桶中,但仍然无法访问.
I have added the firebase admin service account to the bucket but still I get no access.
此外,从文档中看,CDN签名的URL与通过该API签名的URL似乎有很大的不同.是否可以从api创建CDN签名的URL,或者我应该按照以下说明手动创建它:
Also, from the docs, the CDN signed url seems a lot different from the one signed through that API. Is it possible to create from the api a CDN signed url, or should i manually create it as explained in: https://cloud.google.com/cdn/docs/using-signed-urls?hl=en_US&_ga=2.131493069.-352689337.1519430995#configuring_google_cloud_storage_permissions?
推荐答案
对于对该签名的节点代码感兴趣的任何人:
For anyone interested in the node code for that signing:
var url = 'URL of the endpoint served by Cloud CDN';
var key_name = 'Name of the signing key added to the Google Cloud Storage bucket or service';
var key = 'Signing key as urlsafe base64 encoded string';
var expiration = Math.round(new Date().getTime()/1000) + 600; //ten minutes after, in seconds
var crypto = require("crypto");
var URLSafeBase64 = require('urlsafe-base64');
// Decode the URL safe base64 encode key
var decoded_key = URLSafeBase64.decode(key);
// buILD URL
var urlToSign = url
+ (url.indexOf('?') > -1 ? "&" : "?")
+ "Expires=" + expiration
+ "&KeyName=" + key_name;
//Sign the url using the key and url safe base64 encode the signature
var hmac = crypto.createHmac('sha1', decoded_key);
var signature = hmac.update(urlToSign).digest();
var encoded_signature = URLSafeBase64.encode(signature);
//Concatenate the URL and encoded signature
urlToSign += "&Signature=" + encoded_signature;
这篇关于Google云端存储从CDN NPM获得signedUrl的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!