diff --git a/README-zh-CN.md b/README-zh-CN.md index ad127c4..0d91639 100644 --- a/README-zh-CN.md +++ b/README-zh-CN.md @@ -1,7 +1,7 @@ [English](/README.md) | 简体中文 - # Alibaba Cloud Credentials for PHP + [![Latest Stable Version](https://poser.pugx.org/alibabacloud/credentials/v/stable)](https://packagist.org/packages/alibabacloud/credentials) [![composer.lock](https://poser.pugx.org/alibabacloud/credentials/composerlock)](https://packagist.org/packages/alibabacloud/credentials) [![Total Downloads](https://poser.pugx.org/alibabacloud/credentials/downloads)](https://packagist.org/packages/alibabacloud/credentials) @@ -10,28 +10,28 @@ [![Travis Build Status](https://travis-ci.org/aliyun/credentials-php.svg?branch=master)](https://travis-ci.org/aliyun/credentials-php) [![Appveyor Build Status](https://ci.appveyor.com/api/projects/status/6jxpwmhyfipagtge/branch/master?svg=true)](https://ci.appveyor.com/project/aliyun/credentials-php) - ![](https://aliyunsdk-pages.alicdn.com/icons/AlibabaCloud.svg) - Alibaba Cloud Credentials for PHP 是帮助 PHP 开发者管理凭据的工具。 - ## 先决条件 -您的系统需要满足[先决条件](/docs/zh-CN/0-Prerequisites.md),包括 PHP> = 5.6。 我们强烈建议使用cURL扩展,并使用TLS后端编译cURL 7.16.2+。 +您的系统需要满足[先决条件](/docs/zh-CN/0-Prerequisites.md),包括 PHP> = 5.6。 我们强烈建议使用cURL扩展,并使用TLS后端编译cURL 7.16.2+。 ## 安装依赖 + 如果已在系统上[全局安装 Composer](https://getcomposer.org/doc/00-intro.md#globally),请直接在项目目录中运行以下内容来安装 Alibaba Cloud Credentials for PHP 作为依赖项: -``` + +```sh composer require alibabacloud/credentials ``` + > 一些用户可能由于网络问题无法安装,可以使用[阿里云 Composer 全量镜像](https://developer.aliyun.com/composer)。 请看[安装](/docs/zh-CN/1-Installation.md)有关通过 Composer 和其他方式安装的详细信息。 - ## 快速使用 + 在您开始之前,您需要注册阿里云帐户并获取您的[凭证](https://usercenter.console.aliyun.com/#/manage/ak)。 ### 凭证类型 @@ -121,24 +121,6 @@ $ecsRamRole->getRoleName(); // Note: `role_name` is optional. It will be retrieved automatically if not set. It is highly recommended to set it up to reduce requests. ``` -#### RsaKeyPair - -通过指定公钥Id和私钥文件,让凭证自动申请维护 AccessKey。仅支持日本站。 - -```php - 'rsa_key_pair', - 'public_key_id' => '', - 'private_key_file' => '', -]); -$rsaKeyPair->getPublicKeyId(); -$rsaKeyPair->getPrivateKey(); -``` - #### Bearer Token 如呼叫中心(CCC)需用此凭证,请自行申请维护 Bearer Token。 @@ -157,12 +139,15 @@ $bearerToken->getSignature(); ``` ## 默认凭证提供程序链 + 默认凭证提供程序链查找可用的凭证,寻找顺序如下: ### 1. 环境凭证 + 程序首先会在环境变量里寻找环境凭证,如果定义了 `ALIBABA_CLOUD_ACCESS_KEY_ID` 和 `ALIBABA_CLOUD_ACCESS_KEY_SECRET` 环境变量且不为空,程序将使用他们创建默认凭证。 ### 2. 配置文件 +> > 如果用户主目录存在默认文件 `~/.alibabacloud/credentials` (Windows 为 `C:\Users\USER_NAME\.alibabacloud\credentials`),程序会自动创建指定类型和名称的凭证。默认文件可以不存在,但解析错误会抛出异常。 凭证名称不分大小写,若凭证同名,后者会覆盖前者。不同的项目、工具之间可以共用这个配置文件,因为超出项目之外,也不会被意外提交到版本控制。Windows 上可以使用环境变量引用到主目录 %UserProfile%。类 Unix 的系统可以使用环境变量 $HOME 或 ~ (tilde)。 可以通过定义 `ALIBABA_CLOUD_CREDENTIALS_FILE` 环境变量修改默认文件的路径。 ```ini @@ -181,18 +166,16 @@ access_key_id = foo access_key_secret = bar role_arn = role_arn role_session_name = session_name - -[project3] -type = rsa_key_pair # 认证方式为 rsa_key_pair -public_key_id = publicKeyId # Public Key ID -private_key_file = /your/pk.pem # Private Key 文件 ``` ### 3. 实例 RAM 角色 + 如果定义了环境变量 `ALIBABA_CLOUD_ECS_METADATA` 且不为空,程序会将该环境变量的值作为角色名称,请求 `http://100.100.100.200/latest/meta-data/ram/security-credentials/` 获取临时安全凭证作为默认凭证。 ### 自定义凭证提供程序链 + 可通过自定义程序链代替默认程序链的寻找顺序,也可以自行编写闭包传入提供者。 + ```php = 5.6. We strongly recommend using the cURL extension and compiling cURL 7.16.2+ using the TLS backend. +Your system needs to meet [Prerequisites](/docs/zh-CN/0-Prerequisites.md), including PHP> = 5.6. We strongly recommend using the cURL extension and compiling cURL 7.16.2+ using the TLS backend. ## Installation + If you have [Globally Install Composer](https://getcomposer.org/doc/00-intro.md#globally) on your system, install Alibaba Cloud Credentials for PHP as a dependency by running the following directly in the project directory: -``` + +```sh composer require alibabacloud/credentials ``` + > Some users may not be able to install due to network problems, you can switch to the [Alibaba Cloud Composer Mirror](https://developer.aliyun.com/composer). See [Installation](/docs/zh-CN/1-Installation.md) for details on installing through Composer and other means. - ## Quick Examples + Before you begin, you need to sign up for an Alibaba Cloud account and retrieve your [Credentials](https://usercenter.console.aliyun.com/#/manage/ak). ### Credential Type @@ -121,25 +121,6 @@ $ecsRamRole->getRoleName(); // Note: `role_name` is optional. It will be retrieved automatically if not set. It is highly recommended to set it up to reduce requests. ``` -#### RsaKeyPair - -By specifying the public key Id and the private key file, the credential will be able to automatically request maintenance of the AccessKey before sending the request. Only Japan station is supported. - - -```php - 'rsa_key_pair', - 'public_key_id' => '', - 'private_key_file' => '', -]); -$rsaKeyPair->getPublicKeyId(); -$rsaKeyPair->getPrivateKey(); -``` - #### Bearer Token If credential is required by the Cloud Call Centre (CCC), please apply for Bearer Token maintenance by yourself. @@ -158,12 +139,15 @@ $bearerToken->getSignature(); ``` ## Default credential provider chain + The default credential provider chain looks for available credentials, looking in the following order: ### 1. Environmental certificate + The program first looks for environment credentials in the environment variable. If the `ALIBABA_CLOUD_ACCESS_KEY_ID` and `ALIBABA_CLOUD_ACCESS_KEY_SECRET` environment variables are defined and not empty, the program will use them to create default credentials. ### 2. Configuration file +> > If the user's home directory has the default file `~/.alibabacloud/credentials` (Windows is `C:\Users\USER_NAME\.alibabacloud\credentials`), the program will automatically create credentials with the specified type and name. The default file may not exist, but parsing errors will throw an exception. The voucher name is not case sensitive. If the voucher has the same name, the latter will overwrite the former. This configuration file can be shared between different projects and tools, and it will not be accidentally submitted to version control because it is outside the project. Environment variables can be referenced to the home directory %UserProfile% on Windows. Unix-like systems can use the environment variable $HOME or ~ (tilde). The path to the default file can be modified by defining the `ALIBABA_CLOUD_CREDENTIALS_FILE` environment variable. ```ini @@ -182,18 +166,16 @@ access_key_id = foo access_key_secret = bar role_arn = role_arn role_session_name = session_name - -[project3] -type = rsa_key_pair # Authentication method is rsa_key_pair -public_key_id = publicKeyId # Public Key ID -private_key_file = /your/pk.pem # Private Key File ``` ### 3. Instance RAM role + If the environment variable `ALIBABA_CLOUD_ECS_METADATA` is defined and not empty, the program will take the value of the environment variable as the role name and request `http://100.100.100.200/latest/meta-data/ram/security-credentials/` to get the temporary Security credentials are used as default credentials. ### Custom credential provider chain + You can replace the default order of the program chain by customizing the program chain, or you can write the closure to the provider. + ```php