Upload files using OSS SDKs - ApsaraVideo VOD - Alibaba Cloud Documentation Center

The upload SDK is built on OSS SDKs and simplifies the upload process. If the upload SDK does not meet your needs or you require more flexible control, you can use OSS SDKs to upload files directly.

OSS SDKs

OSS SDKs support programming languages such as Java, Python, Go, PHP, Node.js, and Ruby, and clients such as iOS, Android, and Harmony. For more information, see Overview of making requests using SDKs.

Workflow

Server-side upload scenario

When you use an OSS SDK for a language such as Java, Python, or PHP on your application server to upload local files to an OSS bucket, you can ensure the security of your AccessKey. In this scenario, you can call the ApsaraVideo VOD OpenAPI directly from your application server to obtain an upload URL and credential. Then, you can use the OSS SDK to upload the file.

Client-side upload scenario

If you use an OSS SDK on a client, such as a web page or a mobile app, to upload local files to an OSS bucket, you must first set up an authorization service on your application server. The client calls this service to obtain an upload URL and credential, and then uploads the file directly to OSS.

Note:

For the procedure and sample code for obtaining an upload URL and credential from the ApsaraVideo VOD service on an application server, see Obtain an upload URL and credential.
The response contains the Base64-encoded upload URL (UploadAddress), upload credential (UploadAuth), media ID, and other information. You must manually parse these parameters and use them as input parameters to initialize the OSS SDK.
Note
- The UploadAddress field contains information about the destination OSS bucket. The UploadAuth field contains authorization information, such as the Security Token Service (STS) token. Manually Base64-decode the upload URL and credential. Then, use the decoded fields to initialize the OSS SDK client. For more information, see Reference: Parse the upload URL and credential.
- When the ApsaraVideo VOD service provides the upload URL and credential, it also automatically creates a media asset and returns a media ID (MediaId). You must store this media ID securely. The media ID is used as an input parameter for media asset management, audio and video playback, and ApsaraVideo Media Processing.
  - The VideoId is returned when you obtain an upload URL and credential for a video.
  - The ImageId is returned when you obtain an upload URL and credential for an image.
  - The MediaId is returned when you obtain an upload URL and credential for an auxiliary media asset.

Download sample demos

ApsaraVideo VOD provides demo source code for developers.

Program integration

The following section uses Java as an example to describe the integration steps.

Prerequisites

ApsaraVideo VOD is activated. For more information, see Activate ApsaraVideo VOD.
The system settings required for the upload, including the storage path in the specified region and the callback settings, are configured. For more information, see Manage storage buckets and Configure callbacks.
A RAM user is created and used to access ApsaraVideo VOD. To prevent security risks caused by the leakage of the AccessKey pair of your Alibaba Cloud account, we recommend that you create a RAM user and grant the RAM user the permissions required to access ApsaraVideo VOD. Then, you can use the AccessKey pair of the RAM user to access ApsaraVideo VOD. For more information, see Create and grant permissions to a RAM user.
Configure the ALIBABA_CLOUD_ACCESS_KEY_ID and ALIBABA_CLOUD_ACCESS_KEY_SECRET environment variables. For more information, see Configure environment variables in Linux, macOS, and Windows.
Important
- The AccessKey pair of an Alibaba Cloud account has permissions on all API operations. We recommend that you use the AccessKey pair of a RAM user to call API operations or perform routine O&M.
- We recommend that you do not hard-code the AccessKey ID and AccessKey secret into your project code. Otherwise, the AccessKey pair may be leaked and the security of all resources in your account is compromised.
Optional. A role is created for the RAM user and the role is granted the permissions required to access ApsaraVideo VOD if you want to access ApsaraVideo VOD by using Security Token Service (STS). For more information, see Obtain an STS token.
Note
For more information about the scenarios in which STS can be used, see Comparison between credentials and STS.

Requirements

Important

Java 1.8 or later is required.
You can run the java -version command in the terminal to check the Java version.

Sample code

SDK V1.0

Step 1. Install dependencies

<dependency>
  <groupId>com.aliyun</groupId>
  <artifactId>aliyun-java-sdk-core</artifactId>
  <version>4.6.1</version>
</dependency>
<dependency>
  <groupId>com.aliyun</groupId>
  <artifactId>aliyun-java-sdk-vod</artifactId>
  <version>2.16.32</version>
</dependency>
<dependency>
    <groupId>com.aliyun.oss</groupId>
    <artifactId>aliyun-sdk-oss</artifactId>
    <version>3.17.4</version>
</dependency>

Step 2. Upload the file (Java sample code)

import com.alibaba.fastjson.JSONObject;
import com.aliyun.oss.OSSClient;
import com.aliyuncs.DefaultAcsClient;
import com.aliyuncs.exceptions.ClientException;
import com.aliyuncs.profile.DefaultProfile;
import com.aliyuncs.vod.model.v20170321.CreateUploadVideoRequest;
import com.aliyuncs.vod.model.v20170321.CreateUploadVideoResponse;
import org.apache.commons.codec.binary.Base64;

import java.io.File;

/**
 * description
 */
public class UploadDemo {

    public static DefaultAcsClient initVodClient(String accessKeyId, String accessKeySecret) throws ClientException {
        // Specify the region where the ApsaraVideo VOD service is activated. For example, if the service is activated in the China (Shanghai) region, set the value to cn-shanghai. For more information about other regions, see Overview of media upload.
        String regionId = "cn-shanghai";
        DefaultProfile profile = DefaultProfile.getProfile(regionId, accessKeyId, accessKeySecret);
        DefaultAcsClient client = new DefaultAcsClient(profile);
        return client;
    }

    public static CreateUploadVideoResponse createUploadVideo(DefaultAcsClient vodClient) throws ClientException {
        CreateUploadVideoRequest request = new CreateUploadVideoRequest();
        request.setFileName("vod_test.mp4");
        request.setTitle("this is title");
        //request.setDescription("this is desc");
        //request.setTags("tag1,tag2");
        // Example of CoverURL: http://example.aliyundoc.com/test_cover_****.jpg
        //request.setCoverURL("<your CoverURL>");
        //request.setCateId(-1L);
        //request.setTemplateGroupId("");
        //request.setWorkflowId("");
        //request.setStorageLocation("");
        //request.setAppId("app-1000000");
        // Set the request timeout period.
        request.setSysReadTimeout(1000);
        request.setSysConnectTimeout(1000);
        return vodClient.getAcsResponse(request);
    }

    public static OSSClient initOssClient(JSONObject uploadAuth, JSONObject uploadAddress) {
        String endpoint = uploadAddress.getString("Endpoint");
        String accessKeyId = uploadAuth.getString("AccessKeyId");
        String accessKeySecret = uploadAuth.getString("AccessKeySecret");
        String securityToken = uploadAuth.getString("SecurityToken");
        return new OSSClient(endpoint, accessKeyId, accessKeySecret, securityToken);
    }

    public static void uploadLocalFile(OSSClient ossClient, JSONObject uploadAddress, String localFile) {
        String bucketName = uploadAddress.getString("Bucket");
        String objectName = uploadAddress.getString("FileName");
        File file = new File(localFile);
        ossClient.putObject(bucketName, objectName, file);
    }

    public static void main(String[] argv) {
        // The AccessKey of an Alibaba Cloud account has permissions on all APIs. We recommend that you use the AccessKey of a RAM user for API access or routine O&M.
        // Do not hard-code the AccessKey ID and AccessKey secret in your project code. Otherwise, the AccessKey pair may be leaked and threaten the security of all resources in your account.
        // This example shows how to use an AccessKey that is obtained from environment variables to implement identity verification for API access. Before you run the sample code, configure the ALIBABA_CLOUD_ACCESS_KEY_ID and ALIBABA_CLOUD_ACCESS_KEY_SECRET environment variables.
        // Your AccessKey ID.
        String accessKeyId = System.getenv("ALIBABA_CLOUD_ACCESS_KEY_ID");
        // Your AccessKey secret.
        String accessKeySecret = System.getenv("ALIBABA_CLOUD_ACCESS_KEY_SECRET");
        // The full path of the local video file that you want to upload to ApsaraVideo VOD. The path must include the file name extension.
        String localFile = "/Users/yours/Video/testVideo.flv";
        try {
            // Initialize the ApsaraVideo VOD client and obtain the upload URL and credential.
            DefaultAcsClient vodClient = initVodClient(accessKeyId, accessKeySecret);
            CreateUploadVideoResponse createUploadVideoResponse = createUploadVideo(vodClient);
            // If the operation is successful, the VideoId, UploadAddress, and UploadAuth are returned.
            String videoId = createUploadVideoResponse.getVideoId();

            JSONObject uploadAuth = JSONObject.parseObject(decodeBase64(createUploadVideoResponse.getUploadAuth()));
            JSONObject uploadAddress = JSONObject.parseObject(decodeBase64(createUploadVideoResponse.getUploadAddress()));

            // Use UploadAuth and UploadAddress to initialize the OSS client.
            OSSClient ossClient = initOssClient(uploadAuth, uploadAddress);
            // Upload the file. Note that the upload is synchronous and blocks the thread. The time consumed depends on the file size and the upstream bandwidth.
            uploadLocalFile(ossClient, uploadAddress, localFile);
            System.out.println("Put local file succeed, VideoId : " + videoId);
        } catch (Exception e) {
            System.out.println("Put local file fail, ErrorMessage : " + e.getLocalizedMessage());
        }
    }

    private static String decodeBase64(String data) {
        return new String(Base64.decodeBase64(data));
    }
}

SDK V2.0

Step 1. Install dependencies

    <dependency>
      <groupId>com.aliyun</groupId>
      <artifactId>vod20170321</artifactId>
      <version>3.6.4</version>
    </dependency>
    <dependency>
      <groupId>com.aliyun</groupId>
      <artifactId>tea-openapi</artifactId>
      <version>0.3.8</version>
    </dependency>
    <dependency>
      <groupId>com.aliyun</groupId>
      <artifactId>tea-console</artifactId>
      <version>0.0.1</version>
    </dependency>
    <dependency>
      <groupId>com.aliyun</groupId>
      <artifactId>tea-util</artifactId>
      <version>0.2.23</version>
    </dependency>
    <dependency>
      <groupId>com.aliyun</groupId>
      <artifactId>credentials-java</artifactId>
      <version>1.0.1</version>
    </dependency>
    <dependency>
      <groupId>com.aliyun.oss</groupId>
      <artifactId>aliyun-sdk-oss</artifactId>
      <version>3.17.4</version>
    </dependency>
    <dependency>
      <groupId>com.alibaba</groupId>
      <artifactId>fastjson</artifactId>
      <version>1.2.83</version>
    </dependency>

Step 2. Upload the file (Java sample code)

Note

We recommend that you use a more secure method that does not require an AccessKey in your project code. For information about how to configure credentials, see Manage access credentials.

package com.aliyun.sample;
import com.aliyun.oss.ClientBuilderConfiguration;
import com.aliyun.oss.OSS;
import com.aliyun.oss.OSSClientBuilder;
import com.aliyun.oss.common.auth.CredentialsProviderFactory;
import com.aliyun.oss.common.auth.DefaultCredentialProvider;
import com.aliyun.oss.common.comm.SignVersion;
import com.aliyun.oss.model.PutObjectResult;
import com.aliyun.tea.*;
import com.alibaba.fastjson.JSONObject;
import java.io.File;
import org.apache.commons.codec.binary.Base64;

public class Sample {

    /**
     * description

Reference: Parse the upload URL and credential

You must Base64-decode the upload URL (UploadAddress) and upload credential (UploadAuth) to obtain the OSS upload URL and authorization information. You can then use the decoded URL and information to initialize the OSS client. The following sample code provides an example:

  import org.apache.commons.codec.binary.Base64;
  
  
  public static String decodeBase64(String s) {
      byte[] b = null;
      String result = null;
      if (s != null) {
          Base64 decoder = new Base64();
          try {
              b = decoder.decode(s);
              result = new String(b, "utf-8");
          } catch (Exception e) {
          }
      }
      return result;
  }

Table 1. Decoded UploadAddress fields

Field	Description
Bucket	The storage address in ApsaraVideo VOD.
Endpoint	The ID of the storage region in ApsaraVideo VOD.
FileName	The file name assigned to the uploaded file by the ApsaraVideo VOD system.
ObjectPrefix	This parameter is returned only when the uploaded file is an M3U8 file.

Table 2. Decoded UploadAuth fields

Field	Description
AccessKeyId	The AccessKey ID of the user who uploads the file.
AccessKeySecret	The AccessKey secret of the user who uploads the file.
SecurityToken	The security token for upload authorization.
ExpireUTCTime	The expiration time of the upload URL and credential. The time is in UTC and follows the yyyy-MM-ddTHH:mm:ssZ format.
Expiration	The expiration time of the upload authorization. For videos, the value is 3,000 seconds. After the credential expires, you must refresh it.
Region	The ID of the upload region.