PHP使用预签名URL下载

注意事项

• 本文示例代码以华东1（杭州）的地域IDcn-hangzhou为例，默认使用外网Endpoint，如果您希望通过与OSS同地域的其他阿里云产品访问OSS，请使用内网Endpoint。关于OSS支持的Region与Endpoint的对应关系，请参见OSS地域和访问域名。

• 预签名URL无需权限即可生成，但仅当您拥有oss:GetObject权限时，第三方才能通过该预签名URL成功下载文件。具体授权操作，请参见为RAM用户授权自定义的权限策略。

• 本文示例代码使用V4预签名URL，有效期最大为7天。更多信息，请参见签名版本4（推荐）。

使用过程

使用预签名URL下载文件的过程如下：

示例代码

1. 文件拥有者生成GET方法的预签名URL。

   <?php
   
   // 引入自动加载文件，确保依赖库能够正确加载
   require_once __DIR__ . '/../vendor/autoload.php';
   
   use AlibabaCloud\Oss\V2 as Oss;
   
   // 定义命令行参数的描述信息
   $optsdesc = [
       "region" => ['help' => 'The region in which the bucket is located.', 'required' => True], // Bucket所在的地域（必填）
       "endpoint" => ['help' => 'The domain names that other services can use to access OSS.', 'required' => False], // 访问域名（可选）
       "bucket" => ['help' => 'The name of the bucket', 'required' => True], // Bucket名称（必填）
       "key" => ['help' => 'The name of the object', 'required' => True], // 对象名称（必填）
   ];
   
   // 将参数描述转换为getopt所需的长选项格式
   // 每个参数后面加上":"表示该参数需要值
   $longopts = \array_map(function ($key) {
       return "$key:";
   }, array_keys($optsdesc));
   
   // 解析命令行参数
   $options = getopt("", $longopts);
   
   // 验证必填参数是否存在
   foreach ($optsdesc as $key => $value) {
       if ($value['required'] === True && empty($options[$key])) {
           $help = $value['help']; // 获取参数的帮助信息
           echo "Error: the following arguments are required: --$key, $help" . PHP_EOL;
           exit(1); // 如果必填参数缺失，则退出程序
       }
   }
   
   // 从解析的参数中提取值
   $region = $options["region"]; // Bucket所在的地域
   $bucket = $options["bucket"]; // Bucket名称
   $key = $options["key"];       // 对象名称
   
   // 加载环境变量中的凭证信息
   // 使用EnvironmentVariableCredentialsProvider从环境变量中读取Access Key ID和Access Key Secret
   $credentialsProvider = new Oss\Credentials\EnvironmentVariableCredentialsProvider();
   
   // 使用SDK的默认配置
   $cfg = Oss\Config::loadDefault();
   $cfg->setCredentialsProvider($credentialsProvider); // 设置凭证提供者
   $cfg->setRegion($region); // 设置Bucket所在的地域
   if (isset($options["endpoint"])) {
       $cfg->setEndpoint($options["endpoint"]); // 如果提供了访问域名，则设置endpoint
   }
   
   // 创建OSS客户端实例
   $client = new Oss\Client($cfg);
   
   // 创建GetObjectRequest对象，用于下载对象
   $request = new Oss\Models\GetObjectRequest(bucket:$bucket, key:$key);
   
   // 调用presign方法生成预签名URL
   $result = $client->presign($request);
   
   // 打印预签名结果
   // 输出预签名URL，用户可以直接使用该URL进行下载操作
   print(
       'get object presign result:' . var_export($result, true) . PHP_EOL . // 预签名结果的详细信息
       'get object url:' . $result->url . PHP_EOL                           // 预签名URL，用于直接下载对象
   );
   

2. 其他人使用GET方法的预签名URL下载文件。

   curl

   curl -SO "https://examplebucket.oss-cn-hangzhou.aliyuncs.com/exampleobject.txt?x-oss-date=20241112T092756Z&x-oss-expires=3599&x-oss-signature-version=OSS4-HMAC-SHA256&x-oss-credential=LTAI****************/20241112/cn-hangzhou/oss/aliyun_v4_request&x-oss-signature=ed5a******************************************************"

   Java

   import java.io.BufferedInputStream;
   import java.io.FileOutputStream;
   import java.io.IOException;
   import java.io.InputStream;
   import java.net.HttpURLConnection;
   import java.net.URL;
   
   public class Demo {
       public static void main(String[] args) {
           // 替换为生成的GET方法的预签名URL。
           String fileURL = "https://examplebucket.oss-cn-hangzhou.aliyuncs.com/exampleobject.txt?x-oss-date=20241112T092756Z&x-oss-expires=3599&x-oss-signature-version=OSS4-HMAC-SHA256&x-oss-credential=LTAI****************/20241112/cn-hangzhou/oss/aliyun_v4_request&x-oss-signature=ed5a******************************************************";
           // 填写文件保存的目标路径，包括文件名和扩展名。
           String savePath = "C:/downloads/myfile.txt";
   
           try {
               downloadFile(fileURL, savePath);
               System.out.println("Download completed!");
           } catch (IOException e) {
               System.err.println("Error during download: " + e.getMessage());
           }
       }
   
       private static void downloadFile(String fileURL, String savePath) throws IOException {
           URL url = new URL(fileURL);
           HttpURLConnection httpConn = (HttpURLConnection) url.openConnection();
           httpConn.setRequestMethod("GET");
   
           // 检查响应代码
           int responseCode = httpConn.getResponseCode();
           if (responseCode == HttpURLConnection.HTTP_OK) {
               // 输入流
               InputStream inputStream = new BufferedInputStream(httpConn.getInputStream());
               // 输出流
               FileOutputStream outputStream = new FileOutputStream(savePath);
   
               byte[] buffer = new byte[4096]; // 缓冲区
               int bytesRead;
               while ((bytesRead = inputStream.read(buffer)) != -1) {
                   outputStream.write(buffer, 0, bytesRead);
               }
   
               outputStream.close();
               inputStream.close();
           } else {
               System.out.println("No file to download. Server replied HTTP code: " + responseCode);
           }
           httpConn.disconnect();
       }
   }

   Node.js

   const https = require('https');
   const fs = require('fs');
   
   const fileURL = "https://examplebucket.oss-cn-hangzhou.aliyuncs.com/exampleobject.txt?x-oss-date=20241112T092756Z&x-oss-expires=3599&x-oss-signature-version=OSS4-HMAC-SHA256&x-oss-credential=LTAI****************/20241112/cn-hangzhou/oss/aliyun_v4_request&x-oss-signature=ed5a******************************************************";
   const savePath = "C:/downloads/myfile.txt";
   
   https.get(fileURL, (response) => {
       if (response.statusCode === 200) {
           const fileStream = fs.createWriteStream(savePath);
           response.pipe(fileStream);
           
           fileStream.on('finish', () => {
               fileStream.close();
               console.log("Download completed!");
           });
       } else {
           console.error(`Download failed. Server responded with code: ${response.statusCode}`);
       }
   }).on('error', (err) => {
       console.error("Error during download:", err.message);
   });

   Python

   import requests
   
   file_url = "https://examplebucket.oss-cn-hangzhou.aliyuncs.com/exampleobject.txt?x-oss-date=20241112T092756Z&x-oss-expires=3599&x-oss-signature-version=OSS4-HMAC-SHA256&x-oss-credential=LTAI****************/20241112/cn-hangzhou/oss/aliyun_v4_request&x-oss-signature=ed5a******************************************************"
   save_path = "C:/downloads/myfile.txt"
   
   try:
       response = requests.get(file_url, stream=True)
       if response.status_code == 200:
           with open(save_path, 'wb') as f:
               for chunk in response.iter_content(4096):
                   f.write(chunk)
           print("Download completed!")
       else:
           print(f"No file to download. Server replied HTTP code: {response.status_code}")
   except Exception as e:
       print("Error during download:", e)

   Go

   package main
   
   import (
       "io"
       "net/http"
       "os"
   )
   
   func main() {
       fileURL := "https://examplebucket.oss-cn-hangzhou.aliyuncs.com/exampleobject.txt?x-oss-date=20241112T092756Z&x-oss-expires=3599&x-oss-signature-version=OSS4-HMAC-SHA256&x-oss-credential=LTAI****************/20241112/cn-hangzhou/oss/aliyun_v4_request&x-oss-signature=ed5a******************************************************"
       savePath := "C:/downloads/myfile.txt"
   
       response, err := http.Get(fileURL)
       if err != nil {
           panic(err)
       }
       defer response.Body.Close()
   
       if response.StatusCode == http.StatusOK {
           outFile, err := os.Create(savePath)
           if err != nil {
               panic(err)
           }
           defer outFile.Close()
   
           _, err = io.Copy(outFile, response.Body)
           if err != nil {
               panic(err)
           }
           println("Download completed!")
       } else {
           println("No file to download. Server replied HTTP code:", response.StatusCode)
       }
   }

   JavaScript

   const fileURL = "https://examplebucket.oss-cn-hangzhou.aliyuncs.com/exampleobject.txt?x-oss-date=20241112T092756Z&x-oss-expires=3599&x-oss-signature-version=OSS4-HMAC-SHA256&x-oss-credential=LTAI****************/20241112/cn-hangzhou/oss/aliyun_v4_request&x-oss-signature=ed5a******************************************************";
   const savePath = "C:/downloads/myfile.txt"; // 文件将在下载时使用的文件名
   
   fetch(fileURL)
       .then(response => {
           if (!response.ok) {
               throw new Error(`Server replied HTTP code: ${response.status}`);
           }
           return response.blob(); // 将响应转换为 blob
       })
       .then(blob => {
           const link = document.createElement('a');
           link.href = window.URL.createObjectURL(blob);
           link.download = savePath; // 设置下载文件的名字
           document.body.appendChild(link); // 此步骤确保链接存在于文档中
           link.click(); // 模拟点击下载链接
           link.remove(); // 完成后移除链接
           console.log("Download completed!");
       })
       .catch(error => {
           console.error("Error during download:", error);
       });

   Android-Java

   import android.os.AsyncTask;
   import android.os.Environment;
   import java.io.BufferedInputStream;
   import java.io.FileOutputStream;
   import java.io.InputStream;
   import java.net.HttpURLConnection;
   import java.net.URL;
   
   public class DownloadTask extends AsyncTask<String, String, String> {
       @Override
       protected String doInBackground(String... params) {
           String fileURL = params[0];
           String savePath = Environment.getExternalStoragePublicDirectory(Environment.DIRECTORY_DOWNLOADS) + "/myfile.txt"; // 修改后的保存路径
           try {
               URL url = new URL(fileURL);
               HttpURLConnection httpConn = (HttpURLConnection) url.openConnection();
               httpConn.setRequestMethod("GET");
               int responseCode = httpConn.getResponseCode();
               if (responseCode == HttpURLConnection.HTTP_OK) {
                   InputStream inputStream = new BufferedInputStream(httpConn.getInputStream());
                   FileOutputStream outputStream = new FileOutputStream(savePath);
                   byte[] buffer = new byte[4096];
                   int bytesRead;
                   while ((bytesRead = inputStream.read(buffer)) != -1) {
                       outputStream.write(buffer, 0, bytesRead);
                   }
                   outputStream.close();
                   inputStream.close();
                   return "Download completed!";
               } else {
                   return "No file to download. Server replied HTTP code: " + responseCode;
               }
           } catch (Exception e) {
               return "Error during download: " + e.getMessage();
           }
       }
   }

   Objective-C

   #import <Foundation/Foundation.h>
   
   int main(int argc, const char * argv[]) {
       @autoreleasepool {
           // 定义文件 URL 和保存路径（修改为有效的路径）
           NSString *fileURL = @"https://examplebucket.oss-cn-hangzhou.aliyuncs.com/exampleobject.txt?x-oss-date=20241112T092756Z&x-oss-expires=3599&x-oss-signature-version=OSS4-HMAC-SHA256&x-oss-credential=LTAI****************/20241112/cn-hangzhou/oss/aliyun_v4_request&x-oss-signature=ed5a******************************************************";
           NSString *savePath = @"/Users/your_username/Desktop/myfile.txt"; // 请替换为您的用户名
           
           // 创建 URL 对象
           NSURL *url = [NSURL URLWithString:fileURL];
           
           // 创建下载任务
           NSURLSessionDataTask *task = [[NSURLSession sharedSession] dataTaskWithURL:url completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
               // 错误处理
               if (error) {
                   NSLog(@"Error during download: %@", error.localizedDescription);
                   return;
               }
               
               // 检查数据
               if (!data) {
                   NSLog(@"No data received.");
                   return;
               }
               
               // 保存文件
               NSError *writeError = nil;
               BOOL success = [data writeToURL:[NSURL fileURLWithPath:savePath] options:NSDataWritingAtomic error:&writeError];
               if (success) {
                   NSLog(@"Download completed!");
               } else {
                   NSLog(@"Error saving file: %@", writeError.localizedDescription);
               }
           }];
           
           // 启动任务
           [task resume];
           
           // 让主线程继续运行以便异步请求能够完成
           [[NSRunLoop currentRunLoop] run];
       }
       return 0;
   }

常见使用场景

<?php

// 引入自动加载文件，确保依赖库能够正确加载
require_once __DIR__ . '/../vendor/autoload.php';

use AlibabaCloud\Oss\V2 as Oss;

// 定义命令行参数的描述信息
$optsdesc = [
    "region" => ['help' => 'The region in which the bucket is located.', 'required' => True], // Bucket所在的地域（必填）
    "endpoint" => ['help' => 'The domain names that other services can use to access OSS.', 'required' => False], // 访问域名（可选）
    "bucket" => ['help' => 'The name of the bucket', 'required' => True], // Bucket名称（必填）
    "key" => ['help' => 'The name of the object', 'required' => True], // 对象名称（必填）
];

// 将参数描述转换为getopt所需的长选项格式
// 每个参数后面加上":"表示该参数需要值
$longopts = \array_map(function ($key) {
    return "$key:";
}, array_keys($optsdesc));

// 解析命令行参数
$options = getopt("", $longopts);

// 验证必填参数是否存在
foreach ($optsdesc as $key => $value) {
    if ($value['required'] === True && empty($options[$key])) {
        $help = $value['help']; // 获取参数的帮助信息
        echo "Error: the following arguments are required: --$key, $help" . PHP_EOL;
        exit(1); // 如果必填参数缺失，则退出程序
    }
}

// 从解析的参数中提取值
$region = $options["region"]; // Bucket所在的地域
$bucket = $options["bucket"]; // Bucket名称
$key = $options["key"];       // 对象名称

// 加载环境变量中的凭证信息
// 使用EnvironmentVariableCredentialsProvider从环境变量中读取Access Key ID和Access Key Secret
$credentialsProvider = new Oss\Credentials\EnvironmentVariableCredentialsProvider();

// 使用SDK的默认配置
$cfg = Oss\Config::loadDefault();
$cfg->setCredentialsProvider($credentialsProvider); // 设置凭证提供者
$cfg->setRegion($region); // 设置Bucket所在的地域
if (isset($options["endpoint"])) {
    $cfg->setEndpoint($options["endpoint"]); // 如果提供了访问域名，则设置endpoint
}

// 创建OSS客户端实例
$client = new Oss\Client($cfg);

$versionId = "yourVersionId"; // 版本号，此处仅为示例值，实际使用时请替换为真实的版本ID

// 创建GetObjectRequest对象，用于下载对象
$request = new Oss\Models\GetObjectRequest(bucket:$bucket, key:$key, versionId: $versionId);

// 调用presign方法生成预签名URL
$result = $client->presign($request);

// 打印预签名结果
// 输出预签名URL，用户可以直接使用该URL进行下载操作
print(
    'get object presign result:' . var_export($result, true) . PHP_EOL . // 预签名结果的详细信息
    'get object url:' . $result->url . PHP_EOL                           // 预签名URL，用于直接下载对象
);

<?php

// 引入自动加载文件，确保依赖库能够正确加载
require_once __DIR__ . '/../vendor/autoload.php';

use AlibabaCloud\Oss\V2 as Oss;

// 定义命令行参数的描述信息
$optsdesc = [
    "region" => ['help' => 'The region in which the bucket is located.', 'required' => True], // Bucket所在的地域（必填）
    "endpoint" => ['help' => 'The domain names that other services can use to access OSS.', 'required' => False], // 访问域名（可选）
    "bucket" => ['help' => 'The name of the bucket', 'required' => True], // Bucket名称（必填）
    "key" => ['help' => 'The name of the object', 'required' => True], // 对象名称（必填）
];

// 将参数描述转换为getopt所需的长选项格式
// 每个参数后面加上":"表示该参数需要值
$longopts = \array_map(function ($key) {
    return "$key:";
}, array_keys($optsdesc));

// 解析命令行参数
$options = getopt("", $longopts);

// 验证必填参数是否存在
foreach ($optsdesc as $key => $value) {
    if ($value['required'] === True && empty($options[$key])) {
        $help = $value['help']; // 获取参数的帮助信息
        echo "Error: the following arguments are required: --$key, $help" . PHP_EOL;
        exit(1); // 如果必填参数缺失，则退出程序
    }
}

// 从解析的参数中提取值
$region = $options["region"]; // Bucket所在的地域
$bucket = $options["bucket"]; // Bucket名称
$key = $options["key"];       // 对象名称

// 加载环境变量中的凭证信息
// 使用EnvironmentVariableCredentialsProvider从环境变量中读取Access Key ID和Access Key Secret
$credentialsProvider = new Oss\Credentials\EnvironmentVariableCredentialsProvider();

// 使用SDK的默认配置
$cfg = Oss\Config::loadDefault();
$cfg->setCredentialsProvider($credentialsProvider); // 设置凭证提供者
$cfg->setRegion($region); // 设置Bucket所在的地域
$cfg->setEndpoint(endpoint: "http://static.example.com"); // 请设置为您的自定义endpoint
$cfg->setUseCname(true); // 设置为使用CNAME

// 创建OSS客户端实例
$client = new Oss\Client($cfg);


// 创建GetObjectRequest对象，用于下载对象
$request = new Oss\Models\GetObjectRequest(bucket:$bucket, key:$key);

// 调用presign方法生成预签名URL
$result = $client->presign($request);

// 打印预签名结果
// 输出预签名URL，用户可以直接使用该URL进行下载操作
print(
    'get object presign result:' . var_export($result, true) . PHP_EOL . // 预签名结果的详细信息
    'get object url:' . $result->url . PHP_EOL                           // 预签名URL，用于直接下载对象
);

相关文档

• 关于预签名URL的完整示例代码，请参见GitHub示例。

• 关于预签名URL的API接口，请参见Presign。