Using a Temporary URL for Authorized Access
If you have any questions during development, post them on the Issues page of GitHub. For details about parameters and usage of each API, see the API Reference.
ObsClient allows you to create a URL whose Query parameters are carried with authentication information by specifying the AK and SK, HTTP method, and request parameters. You can provide other users with this URL for temporary access. When generating a URL, you need to specify the validity period of the URL to restrict the access duration of visitors.
If you want to grant other users the permission to perform other operations on buckets or objects (for example, upload or download objects), generate a URL with the corresponding request (for example, to upload an object using the URL that generates the PUT request) and provide the URL for other users.
The following table lists operations can be performed through a signed URL.
|
Operation |
HTTP Method |
Special Operator (Sub-resource) |
Bucket Name Required |
Object Name Required |
|---|---|---|---|---|
|
GET Objects |
GET |
N/A |
Yes |
No |
|
GET Object versions |
GET |
versions |
Yes |
No |
|
List Multipart uploads |
GET |
uploads |
Yes |
No |
|
Obtain Bucket Metadata |
HEAD |
N/A |
Yes |
No |
|
GET Bucket location |
GET |
location |
Yes |
No |
|
GET Bucket storageinfo |
GET |
storageinfo |
Yes |
No |
|
PUT Bucket quota |
PUT |
quota |
Yes |
No |
|
GET Bucket quota |
GET |
quota |
Yes |
No |
|
Set Bucket storagePolicy |
PUT |
storagePolicy |
Yes |
No |
|
GET Bucket storagePolicy |
GET |
storagePolicy |
Yes |
No |
|
PUT Bucket acl |
PUT |
acl |
Yes |
No |
|
GET Bucket acl |
GET |
acl |
Yes |
No |
|
PUT Bucket logging |
PUT |
logging |
Yes |
No |
|
GET Bucket logging |
GET |
logging |
Yes |
No |
|
PUT Bucket policy |
PUT |
policy |
Yes |
No |
|
GET Bucket policy |
GET |
policy |
Yes |
No |
|
DELETE Bucket policy |
DELETE |
policy |
Yes |
No |
|
PUT Bucket lifecycle |
PUT |
lifecycle |
Yes |
No |
|
GET Bucket lifecycle |
GET |
lifecycle |
Yes |
No |
|
DELETE Bucket lifecycle |
DELETE |
lifecycle |
Yes |
No |
|
PUT Bucket website |
PUT |
website |
Yes |
No |
|
GET Bucket website |
GET |
website |
Yes |
No |
|
DELETE Bucket website |
DELETE |
website |
Yes |
No |
|
PUT Bucket versioning |
PUT |
versioning |
Yes |
No |
|
GET Bucket versioning |
GET |
versioning |
Yes |
No |
|
GET Bucket cors |
GET |
cors |
Yes |
No |
|
DELETE Bucket cors |
DELETE |
cors |
Yes |
No |
|
PUT Bucket notification |
PUT |
notification |
Yes |
No |
|
GET Bucket notification |
GET |
notification |
Yes |
No |
|
PUT Bucket tagging |
PUT |
tagging |
Yes |
No |
|
GET Bucket tagging |
GET |
tagging |
Yes |
No |
|
DELETE Bucket tagging |
DELETE |
tagging |
Yes |
No |
|
PUT Object |
PUT |
N/A |
Yes |
Yes |
|
Append Object |
POST |
append |
Yes |
Yes |
|
GET Object |
GET |
N/A |
Yes |
Yes |
|
PUT Object - Copy |
PUT |
N/A |
Yes |
Yes |
|
DELETE Object |
DELETE |
N/A |
Yes |
Yes |
|
DELETE Objects |
POST |
delete |
Yes |
Yes |
|
Obtain Object Metadata |
HEAD |
N/A |
Yes |
Yes |
|
PUT Object acl |
PUT |
acl |
Yes |
Yes |
|
GET Object acl |
GET |
acl |
Yes |
Yes |
|
Initiate Multipart Upload |
POST |
uploads |
Yes |
Yes |
|
PUT Part |
PUT |
N/A |
Yes |
Yes |
|
PUT Part - Copy |
PUT |
N/A |
Yes |
Yes |
|
List Parts |
GET |
N/A |
Yes |
Yes |
|
Complete Multipart Upload |
POST |
N/A |
Yes |
Yes |
|
DELETE Multipart upload |
DELETE |
N/A |
Yes |
Yes |
|
POST Object restore |
POST |
restore |
Yes |
Yes |
To access OBS using a temporary URL generated by the OBS BrowserJS SDK, perform the following steps:
- Call ObsClient.createSignedUrlSync to generate a signed URL.
- Use any HTTP library to make an HTTP/HTTPS request to OBS.
The following content provides examples of accessing OBS using a temporary URL, including object upload, download, listing, and deletion.
Uploading an Object
// Create an instance of ObsClient.
var obsClient = new ObsClient({
access_key_id: '*** Provide your Access Key ***',
secret_access_key: '*** Provide your Secret Key ***',
server : 'http://your-endpoint'
});
//Make a PUT request to upload an object.
var bucketName = 'bucketname';
var objectKey = 'objectname';
var method = 'PUT';
var headers = {
'Content-Type' : 'text/plain'
}
var res = obsClient.createSignedUrlSync({
Method : method,
Bucket : bucketName,
Key : objectKey,
Expires : 3600,
Headers : headers
});
var content = 'Hello OBS';
var reopt = {
method : method,
url : res.SignedUrl,
withCredentials: false,
headers : res.ActualSignedRequestHeaders || {},
validateStatus: function(status){
return status >= 200;
},
maxRedirects : 0,
responseType : 'text',
data : content,
};
axios.request(reopt).then(function (response) {
if(response.status < 300){
console.log('Creating object using temporary signature succeed.');
}else{
console.log('Creating object using temporary signature failed!');
console.log('status:' + response.status);
console.log('\n');
}
console.log(response.data);
console.log('\n');
}).catch(function (err) {
console.log('Creating object using temporary signature failed!');
console.log(err);
console.log('\n');
});
Downloading an Object
// Create an instance of ObsClient.
var obsClient = new ObsClient({
access_key_id: '*** Provide your Access Key ***',
secret_access_key: '*** Provide your Secret Key ***',
server : 'http://your-endpoint'
});
//Make a GET request to download an object.
var bucketName = 'bucketname';
var objectKey = 'objectname';
var method = 'GET';
var res = obsClient.createSignedUrlSync({
Method : method,
Bucket : bucketName,
Key : objectKey,
Expires : 3600,
});
var reopt = {
method : method,
url : res.SignedUrl,
withCredentials: false,
headers : res.ActualSignedRequestHeaders || {},
validateStatus: function(status){
return status >= 200;
},
maxRedirects : 0,
responseType : 'text',
};
axios.request(reopt).then(function (response) {
if(response.status < 300){
console.log('Getting object using temporary signature succeed.');
}else{
console.log('Getting object using temporary signature failed!');
console.log('status:' + response.status);
console.log('\n');
}
console.log(response.data);
console.log('\n');
}).catch(function (err) {
console.log('Getting object using temporary signature failed!');
console.log(err);
console.log('\n');
});
Listing Objects
// Create an instance of ObsClient.
var obsClient = new ObsClient({
access_key_id: '*** Provide your Access Key ***',
secret_access_key: '*** Provide your Secret Key ***',
server : 'http://your-endpoint'
});
// Make a GET request to obtain the object list.
var bucketName = 'bucketname';
var method = 'GET';
var res = obsClient.createSignedUrlSync({
Method : method,
Bucket : bucketName,
Expires : 3600,
});
var reopt = {
method : method,
url : res.SignedUrl,
withCredentials: false,
headers : res.ActualSignedRequestHeaders || {},
validateStatus: function(status){
return status >= 200;
},
maxRedirects : 0,
responseType : 'text',
};
axios.request(reopt).then(function (response) {
if(response.status < 300){
console.log('Listing object using temporary signature succeed.');
}else{
console.log('Listing object using temporary signature failed!');
console.log('status:' + response.status);
console.log('\n');
}
console.log(response.data);
console.log('\n');
}).catch(function (err) {
console.log('Listing object using temporary signature failed!');
console.log(err);
console.log('\n');
});
Deleting an Object
// Create an instance of ObsClient.
var obsClient = new ObsClient({
access_key_id: '*** Provide your Access Key ***',
secret_access_key: '*** Provide your Secret Key ***',
server : 'http://your-endpoint'
});
// Make a DELETE request to delete the object.
var bucketName = 'bucketname';
var objectKey = 'objectname';
var method = 'DELETE';
var res = obsClient.createSignedUrlSync({
Method : method,
Bucket : bucketName,
Key : objectKey,
Expires : 3600,
});
var reopt = {
method : method,
url : res.SignedUrl,
withCredentials: false,
headers : res.ActualSignedRequestHeaders || {},
validateStatus: function(status){
return status >= 200;
},
maxRedirects : 0,
responseType : 'text',
};
axios.request(reopt).then(function (response) {
if(response.status < 300){
console.log('Deleting object using temporary signature succeed.');
}else{
console.log('Deleting object using temporary signature failed!');
console.log('status:' + response.status);
console.log('\n');
}
console.log(response.data);
console.log('\n');
}).catch(function (err) {
console.log('Deleting object using temporary signature failed!');
console.log(err);
console.log('\n');
});
Use the Method parameter to specify the HTTP request method, the Expires parameter to specify the validity period of the URL, the Headers parameter to specify the request headers, the SpecialParam parameter to specify the special operator, and the QueryParams parameter to specify the request parameters.
Last Article: Temporarily Authorized Access
Next Article: Versioning Management
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.