oss 获取临时凭证 工具类

package com.chuanyi.ecard.utils;

import com.aliyuncs.DefaultAcsClient;
import com.aliyuncs.exceptions.ClientException;
import com.aliyuncs.http.MethodType;
import com.aliyuncs.profile.DefaultProfile;
import com.aliyuncs.profile.IClientProfile;
import com.aliyuncs.sts.model.v20150401.AssumeRoleRequest;
import com.aliyuncs.sts.model.v20150401.AssumeRoleResponse;
import com.chuanyi.ecard.exception.RequestFailException;
/**
 * oss 授权工具
 * @author Admin
 *
 */
public class OssStsUtils {
	
	private static String endpoint = "sts.aliyuncs.com";
	private static String accessKeyId = "***";
	private static String accessKeySecret =  "***";
	private static String roleArn = "***";
	
	 /**
	  * 获取 admin oss的 临时凭证
	  * @param roleSessionName 表示当前零时凭证给谁用，一般是用户名
	  * @return
	  */
    public static AssumeRoleResponse.Credentials getAdminOssCredentials(String roleSessionName) {
    	String policy = "{
" + 
    			"	"Statement": [{
" + 
    			"		"Action": "oss:*",
" + 
    			"		"Effect": "Allow",
" + 
    			"		"Resource": ["acs:oss:*:*:test-tfmm", "acs:oss:*:*:test-tfmm/*"]
" + 
    			"	}],
" + 
    			"	"Version": "1"
" + 
    			"}";
    	
    	long expired = 1800L;
    	
    	
    	return getOssRoleResponse(endpoint, accessKeyId, accessKeySecret, roleArn, roleSessionName, policy, expired).getCredentials();
    }
    
    
    private  static AssumeRoleResponse getOssRoleResponse(String endpoint,String accessKeyId,String accessKeySecret,String roleArn,String roleSessionName ,String policy,long expired ) {        
    	
        try {
        	 // 添加endpoint（直接使用STS endpoint，前两个参数留空，无需添加region ID）
            DefaultProfile.addEndpoint("", "", "Sts", endpoint);
            // 构造default profile（参数留空，无需添加region ID）
            IClientProfile profile = DefaultProfile.getProfile("", accessKeyId, accessKeySecret);
            // 用profile构造client
            DefaultAcsClient client = new DefaultAcsClient(profile);
            final AssumeRoleRequest request = new AssumeRoleRequest();
            request.setMethod(MethodType.POST);
            request.setRoleArn(roleArn);
            request.setRoleSessionName(roleSessionName);
            request.setPolicy(policy); // 若policy为空，则用户将获得该角色下所有权限
            request.setDurationSeconds( expired ); // 设置凭证有效时间
            final AssumeRoleResponse response = client.getAcsResponse(request);
            
            return response;
        } catch (ClientException e) {
        	throw new RequestFailException( e.getLocalizedMessage() );
        }
        
    }
    
    

}

 需要注意的 是  endpoint  不是 oss 的  endpoint  而是 sts 的  endpoint 。 如果是  用好了 oss 的 endpoint  或一直报错  buket not exits ；