如何在 .net 中为 google 云存储签名 url

Question

我想知道如何在 .net 中使用谷歌云存储类生成 signurl

我已经按照要求创建了字符串

GET


1388534400
/bucket/objectname

但我现在想用 p12 密钥对这个 url 进行签名，然后想让它对 url 友好

这个库没有显示它的特定功能 - > https://developers.google.com/resources/api-libraries/documentation/storage/v1/csharp/latest/annotated.html

所以，基本上我需要 .net 替代 Google_Signer_P12 类的 php

$signer = new Google_Signer_P12(file_get_contents(__DIR__.'/'."final.p12"), "notasecret");
$signature = $signer->sign($to_sign);

Answer 1

现在，预发布包Google.Cloud.Storage.V1中有一个UrlSigner可用于提供对现有对象的只读访问：

// Create a signed URL which can be used to get a specific object for one hour.
UrlSigner urlSigner = UrlSigner.FromServiceAccountCredential(credential);
string url = urlSigner.Sign(
    bucketName,
    objectName,
    TimeSpan.FromHours(1),
    HttpMethod.Get);

或只写访问将特定对象内容放入存储桶：

// Create a signed URL which allows the requester to PUT data with the text/plain content-type.
UrlSigner urlSigner = UrlSigner.FromServiceAccountCredential(credential);
var destination = "places/world.txt";
string url = urlSigner.Sign(
    bucketName,
    destination,
    TimeSpan.FromHours(1),
    HttpMethod.Put,
    contentHeaders: new Dictionary<string, IEnumerable<string>> {
        { "Content-Type", new[] { "text/plain" } }
    });

// Upload the content into the bucket using the signed URL.
string source = "world.txt";

ByteArrayContent content;
using (FileStream stream = File.OpenRead(source))
{
    byte[] data = new byte[stream.Length];
    stream.Read(data, 0, data.Length);
    content = new ByteArrayContent(data)
    {
        Headers = { ContentType = new MediaTypeHeaderValue("text/plain") }
    };
}

HttpResponseMessage response = await httpClient.PutAsync(url, content);

Answer 2

我知道问题是针对 P12 的，但是当我想为更新的首选 JSON 方法执行此操作时，Google 将我引导到这里。我将其与我发现的其他样本和网站拼凑在一起。希望这有助于节省一些时间。

    public string GetSignedURL()
    {
        var myObj = "theObject";
        var scopes = new string[] { "https://www.googleapis.com/auth/devstorage.read_write" };
        var myBucket = "theBucket";
        ServiceAccountCredential cred;

        using ( var stream = new FileStream(@"\path to\private-key.json", FileMode.Open, FileAccess.Read) )
        {
            cred = GoogleCredential.FromStream(stream)
                                   .CreateScoped(scopes)
                                   .UnderlyingCredential as ServiceAccountCredential;
        }

        var urlSigner = UrlSigner.FromServiceAccountCredential(cred);

        return urlSigner.Sign(myBucket, myObj, TimeSpan.FromHours(1), HttpMethod.Get);
    }

可以在此处找到范围列表