阿里网盘与相册服务PDS地址:JWT如何获得PDS授权访问凭证_网盘与相册服务(PDS)-阿里云帮助中心
官网只提供了node示例如下
const JWT = require('jsonwebtoken');function signAssertion({ domain_id, client_id, user_id, privateKeyPEM }) {var now_sec = parseInt(Date.now() / 1000);var opt = {iss: client_id,sub: user_id,sub_type: "user",aud: domain_id,jti: Math.random().toString(36).substring(2),exp: now_sec + 60,// iat: now_sec,// nbf: '',auto_create: false,};return JWT.sign(opt, privateKeyPEM, {algorithm: "RS256",});
}下面用java代码实现上面功能:
import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.wisplm.aliyun.constants.PdsConstants;import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;public class JWTUtil {/*** @Author: lixy* @CreateTime: 2024-07-29 17:27* @return* @throws Exception* 获取RS256加密信息* 本文档主要描述基于 JWT 应用如何获得网盘与相册服务PDS授权访问凭证access_token。* https://help.aliyun.com/zh/pds/drive-and-photo-service-dev/user-guide/access-process-for-jwt-applications?spm=a2c4g.11186623.0.0.370c8c73POdDKM**/public static String signAssertion(String domainId, String clientId, String sub) throws Exception {long nowSec = System.currentTimeMillis() / 1000;Map<String, Object> header = new HashMap<>();header.put("alg", PdsConstants.ALG);Map<String, Object> payload = new HashMap<>();payload.put(PdsConstants.KEY_ISS, clientId);payload.put(PdsConstants.KEY_SUB, sub);payload.put(PdsConstants.KEY_SUB_TYPE , PdsConstants.SUB_TYPE);payload.put(PdsConstants.KEY_AUD, domainId);payload.put(PdsConstants.KEY_JTI, Long.toHexString(System.currentTimeMillis()));payload.put(PdsConstants.KEY_EXP, nowSec + 60);payload.put(PdsConstants.KEY_AUTO_CREATE, false);// 初始化密钥对生成器KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");// 设置密钥大小,例如2048位keyPairGenerator.initialize(2048);return JWT.create().withHeader(header).withPayload(payload).sign(Algorithm.RSA256(null, (RSAPrivateKey) getPrivateKeyFromString(PdsConstants.SECRET)));}/*** 根据privateKeyPem生成PrivateKey* @param privateKeyPem* @return* @throws Exception*/public static PrivateKey getPrivateKeyFromString(String privateKeyPem) throws Exception {String temp = privateKeyPem.replace(PdsConstants.BEGIN_MARKER, "").replace(PdsConstants.END_MARKER, "");byte[] decoded = Base64.getDecoder().decode(temp);PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(decoded);KeyFactory kf = KeyFactory.getInstance("RSA");return kf.generatePrivate(keySpec);}
}
package com.wisplm.aliyun.constants;public class PdsConstants {/** 阿里网盘获取 */public static final String API_ENDPOINT = "https://hz*****.api.aliyunpds.com/v2/oauth/token";public static final String SECRET = "-----BEGIN public KEY----- ********************************************************************************************************************************* -----END public KEY-----";public static final String APP_ID = "FYSRuMY*********";public static final String ALG = "RS256";public static final String DOMAIN_ID = "hz******";public static final String SUB_TYPE = "service";public static final String GRANT_TYPE = "urn:ietf:params:oauth:grant-type:jwt-bearer";/** 阿里网盘获取token属性 */public static final String KEY_GRANT_TYPE = "grant_type";public static final String KEY_CLIENT_ID = "client_id";public static final String KEY_ASSERTION = "assertion";/** 阿里网盘加密属性 */public static final String KEY_ISS = "iss";public static final String KEY_SUB = "sub";public static final String KEY_SUB_TYPE = "sub_type";public static final String KEY_AUD = "aud";public static final String KEY_JTI = "jti";public static final String KEY_EXP= "exp";public static final String KEY_AUTO_CREATE= "auto_create";public static final String BEGIN_MARKER = "-----BEGIN public KEY----- ";public static final String END_MARKER = " -----END public KEY-----";}