All Products
Search
Document Center

Use STS

Last Updated: Jul 11, 2019

Overview

Background

The Client upload topic in the Developer Guide has described two authorization methods to upload media files from a client to ApsaraVideo for VOD:

This topic describes the process of using STS to upload media files to ApsaraVideo for VOD. However, we recommend that you use the upload URL and credential to upload media files. This method is more advantageous over STS. For more information, see Comparison between upload (playback) credentials and STS.

Introduction

STS provides a universal service for authenticating the access to Alibaba Cloud products. The SDKs for uploading media files through STS have encapsulated all the upload logic, including calling the API to obtain the upload URL and credential. You do not need to implement the logic separately. You only need to focus on the configurations for obtaining the STS credential, updating the STS credential when it expires, and setting the callback for upload completion. For more information, see STS introduction.

Process

Upload through STS

Precautions

  • In step 2 in the preceding flowchart, the AppServer sends a request to Alibaba Cloud RAM or STS to obtain an STS credential. To improve efficiency in this process and avoid the failure to obtain a credential due to throttling restrictions on requests by RAM or STS, you need to cache the STS credential on the AppServer.
  • For more information about how to grant access permissions on ApsaraVideo for VOD through STS, see STS authorization.
  • Before using STS to upload video files to ApsaraVideo for VOD, you must create a template ID in ApsaraVideo for VOD.

Implementation

  1. Log on to the RAM console and grant access permissions on ApsaraVideo for VOD through STS. For more information, see STS authorization.
  2. The AppServer obtains the STS credential from STS. For more information about the sample code, see STS authorization.
  3. The client obtains the STS credential from the AppServer.
  4. Add a local file on the client, set the STS credential, and start the upload.

Set the STS credential

Set the STS credential when you initialize the upload instance. The following section provides the sample code for instance initialization on iOS, Android, and web platforms.

Sample code for iOS

  1. [self.uploader
  2. init:`STS Key Id`
  3. accessKeySecret:`STS Key Secret`
  4. secretToken:STS Secret Token`
  5. expireTime:`STS Expire Time`
  6. listener:listener
  7. ];

Sample code for Android

  1. VODUploadClient uploader = new VODUploadClientImpl(getApplicationContext());
  2. uploader.init(accessKeyId,
  3. accessKeySecret,
  4. secretToken,
  5. expireTime,
  6. callback);

Sample code for HTML5 and JavaScript

  1. var uploader = new AliyunUpload.Vod({
  2. partSize: 1048576,// The size of each part in multipart upload. The default value is 1 MB. The value cannot be less than 100 KB.
  3. parallel: 5,// The maximum number of parts that can be uploaded in parallel. The default value is 5.
  4. retryCount: 3,// The maximum number of attempts to retry the upload upon a network exception. The default value is 3.
  5. retryDuration: 2,// The interval for retrying the upload upon a network exception, in seconds. The default value is 2.
  6. 'onUploadstarted': function (uploadInfo) {
  7. uploader.setSTSToken(uploadInfo, accessKeyId, accessKeySecret,secretToken);
  8. }
  9. …… // Sets other callbacks.
  10. });

Further reading

For more information about file list management and callbacks upon a successful upload and credential expiration, see the documentation of upload SDKs for different platforms: