Last active
August 14, 2022 14:58
-
-
Save jon-dixon/57ca712d0c0dcc69953c23dc7c84a210 to your computer and use it in GitHub Desktop.
PL/SQL Block to generate an OCI Pre-Authenticated Request URL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
DECLARE | |
l_request_url VARCHAR2(1000); | |
l_request_json CLOB; | |
l_response_json CLOB; | |
l_response_obj JSON_OBJECT_T; | |
l_expires_ts_tz TIMESTAMP WITH TIME ZONE; | |
l_expires_str VARCHAR2(100); | |
l_par_name VARCHAR2(100); | |
l_access_type VARCHAR2(25); | |
l_object_name VARCHAR2(100); | |
lc_oci_endpoint_url CONSTANT VARCHAR2(100) := 'https://objectstorage.us-ashburn-1.oraclecloud.com'; | |
lc_oci_namespace CONSTANT VARCHAR2(100) := 'YOUR_OCI_NAMESPACE'; | |
lc_oci_bucket_name CONSTANT VARCHAR2(100) := 'APEX_OCI_BLOG_FILES'; | |
-- The below constant is for the APEX Web Credential for the OCI Service Account. | |
l_oci_apex_cred CONSTANT VARCHAR2(100) := 'APEX_OCI_BLOG_CREDENTIAL'; | |
BEGIN | |
-- Calculate the PAR Expiration as Current time Plus 1 Hour in UTC time zone. | |
l_expires_ts_tz := SYSTIMESTAMP AT TIME ZONE 'UTC' + NUMTODSINTERVAL(1, 'HOUR'); | |
-- Generate String version of expiration date and time. | |
l_expires_str := TO_CHAR(l_expires_ts_tz,'yyyy-mm-dd"T"hh24:mi:ss"Z"'); | |
-- Set the access type for the PAR | |
-- Allowed Values: [ObjectRead,ObjectWrite,ObjectReadWrite,AnyObjectWrite,AnyObjectRead,AnyObjectReadWrite] | |
l_access_type := 'AnyObjectWrite'; | |
-- Set the object path and name or prefix for the PAR. | |
-- If provided, this determines what specific object or set of objects the PAR has access to. | |
-- In this example PAR_TEST_FOLDER is the name of a folder in the bucket so the PAR will have access to that folder. | |
l_object_name := 'PAR_TEST_FOLDER'; | |
-- Build the name for the PAR. | |
l_par_name := 'BLOG_DEMO_' || l_access_type || '_' || l_expires_str; | |
-- Build up the URL to call the OCI web service which will generate the PAR. | |
-- Object Store Endpoint || Your OCI Namespace Name || Your Object Store Bucket Name | |
l_request_url := lc_oci_endpoint_url || | |
'/n/' || lc_oci_namespace || | |
'/b/' || lc_oci_bucket_name || | |
'/p/'; | |
-- Build the Request Body for the call to the generate the PAR web service. | |
l_request_json := '{' || | |
'"accessType":' || apex_json.stringify( l_access_type ) || ',' || | |
'"name":' || apex_json.stringify( l_par_name ) || ',' || | |
'"objectName":' || apex_json.stringify( l_object_name ) || ',' || | |
-- Below field determines if PAR is allowed to list objects in the bucket. | |
-- Values: [Deny,ListObjects] | |
'"bucketListingAction":' || apex_json.stringify( 'Deny' ) || ',' || | |
'"timeExpires":' || apex_json.stringify( l_expires_str ) || | |
'}'; | |
-- Call OCI PAR Web Service. | |
l_response_json := apex_web_service.make_rest_request | |
(p_url => l_request_url, | |
p_http_method => 'POST', | |
p_body => l_request_json, | |
p_credential_static_id => l_oci_apex_cred); | |
IF apex_web_service.g_status_code = 200 THEN | |
-- Parse the JSON Response. | |
l_response_obj := json_object_t.parse(l_response_json); | |
-- Return the PAR URL e.g. https://objectstorage.us-ashburn-1.oraclecloud.com/p/vDWqlx78OJgBIHyMFAZfzQSszzxcozXeQq3jNMuoMHsyrL2QR5TZCvlKC_UEtlDJ/n/nueva/b/nueva_apps/o/ | |
dbms_output.put_line ('URL: '||lc_oci_endpoint_url || l_response_obj.get_String('accessUri')); | |
ELSE | |
dbms_output.put_line ('Web Service Failed: '|| apex_web_service.g_status_code); | |
dbms_output.put_line ('Response : '|| l_response_json); | |
END IF; | |
END; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment