1、開通oss,并獲取accessKeyId、accessKeySecret

<!DOCTYPE html>
<html lang="zh-CN">
<head><meta charset="UTF-8" /><meta name="viewport" content="width=device-width, initial-scale=1.0" /><title>服務端生成簽名上傳文件到OSS</title>
</head>
<body>
<div class="container"><form><div class="mb-3"><label for="file" class="form-label">選擇文件:</label><input type="file" class="form-control" id="file" name="file" required /></div><button type="submit" class="btn btn-primary">上傳</button></form>
</div><script type="text/javascript">document.addEventListener('DOMContentLoaded', function () {const form = document.querySelector("form");const fileInput = document.querySelector("#file");form.addEventListener("submit", (event) => {event.preventDefault();const file = fileInput.files[0];if (!file) {alert('請選擇一個文件再上傳。');return;}const filename = file.name;fetch("/index/demo/index/", { method: "GET" }).then((response) => {if (!response.ok) {throw new Error("獲取簽名失敗");}return response.json();}).then((data) => {let formData = new FormData();formData.append("success_action_status", "200");formData.append("policy", data.policy);formData.append("x-oss-signature", data.signature);formData.append("x-oss-signature-version", "OSS4-HMAC-SHA256");formData.append("x-oss-credential", data.x_oss_credential);formData.append("x-oss-date", data.x_oss_date);formData.append("key", data.dir + file.name); // 文件名formData.append("x-oss-security-token", data.security_token);formData.append("file", file); // file 必須為最后一個表單域return fetch(data.host, {method: "POST",body: formData});}).then((response) => {if (response.ok) {console.log("上傳成功");alert("文件已上傳");} else {console.log("上傳失敗", response);alert("上傳失敗，請稍后再試");}}).catch((error) => {console.error("發生錯誤:", error);});});});
</script>
</body>
</html>

2、后端php8.3\thinkphp8.1

composer require alibabacloud/oss-v2

use AlibabaCloud\Client\AlibabaCloud;
use AlibabaCloud\Sts\Sts;
use think\response\Json;class Demo
{private function hmacsha256($key, $data): string{return hash_hmac('sha256', $data, $key, true);}public function index(): Json{$bucket = 'mj-quwei'; // 替換為您的Bucket名稱$region_id = 'cn-shanghai'; // 替換為您的Bucket所在地域$host = 'https://mj-quwei.oss-cn-shanghai.aliyuncs.com'; // 替換為您的Bucket域名$expire_time = 3600; // 過期時間，單位為秒$upload_dir = 'demo'; // 上傳文件的前綴AlibabaCloud::accessKeyClient('你的accessKeyId','你的accessKeySecret')->regionId('cn-shanghai')->asDefaultClient();// 創建STS請求。$request = Sts::v20150401()->assumeRole();// 發起STS請求并獲取結果。// 將<YOUR_ROLE_SESSION_NAME>設置為自定義的會話名稱，例如oss-role-session。// 將<YOUR_ROLE_ARN>替換為擁有上傳文件到指定OSS Bucket權限的RAM角色的ARN。$result = $request->withRoleSessionName('oss-role-session')->withDurationSeconds(3600)->withRoleArn('acs:ram::1241287589505885:role/oss-web-upload')->request();// 獲取STS請求結果中的憑證信息。$tokenData = $result->get('Credentials');// 構建返回的JSON數據。$tempAccessKeyId = $tokenData['AccessKeyId'];$tempAccessKeySecret = $tokenData['AccessKeySecret'];$securityToken = $tokenData['SecurityToken'];$now = time();$dtObj = gmdate('Ymd\THis\Z', $now);$dtObj1 = gmdate('Ymd', $now);$dtObjPlus3h = gmdate('Y-m-d\TH:i:s.u\Z', strtotime('+3 hours', $now));// 構建Policy$policy = ["expiration" => $dtObjPlus3h,"conditions" => [["x-oss-signature-version" => "OSS4-HMAC-SHA256"],["x-oss-credential" => "{$tempAccessKeyId}/{$dtObj1}/cn-shanghai/oss/aliyun_v4_request"],["x-oss-security-token" => $securityToken],["x-oss-date" => $dtObj],]];$policyStr = json_encode($policy);// 構造待簽名字符串$stringToSign = base64_encode($policyStr);// 計算SigningKey$dateKey = $this->hmacsha256(('aliyun_v4' . $tempAccessKeySecret), $dtObj1);$dateRegionKey = $this->hmacsha256($dateKey, 'cn-shanghai');$dateRegionServiceKey = $this->hmacsha256($dateRegionKey, 'oss');$signingKey = $this->hmacsha256($dateRegionServiceKey, 'aliyun_v4_request');// 計算Signature$result = $this->hmacsha256($signingKey, $stringToSign);$signature = bin2hex($result);// 返回簽名數據$responseData = ['policy' => $stringToSign,'x_oss_signature_version' => "OSS4-HMAC-SHA256",'x_oss_credential' => "{$tempAccessKeyId}/{$dtObj1}/cn-shanghai/oss/aliyun_v4_request",'x_oss_date' => $dtObj,'signature' => $signature,'host' => $host,'dir' => $upload_dir,'security_token' => $securityToken];return json($responseData);}public function demo(){return view('/index');}
}