PhotoSharing Part I: Setting up the Photo Sharing Android Application
We are going to build a photo sharing Android application with real-time image uploading and downloading capabilities using Alibaba Cloud Object Storage Service (OSS). We will also use the additional capabilities of OSS like image processing like image rotate, resize, crop, and watermark.
This tutorial is fairly involved and is divided into 3 parts.
1 Setting up the photo sharing Android application
2 Understanding the real-time upload and download features of the Alibaba OSS.
3 Understanding the image processing capabilities and bootstrapping the whole application.
Unlike my previous tutorials, I will share some design perspective of the application in this tutorial. I will explain how I come about designing the application. Please raise a pull requests/issues in my GitHub repository if you have any ideas or feedback.
Let’s start by setting up the environment for the application.
In my previous tutorials I used the Actual AccessKey ID, Access Key Secret for accessing any service. Here I want to demonstrate this application using the Security Token Service (STS) server.
Setting & Accessing the Security Token Service (STS) Server
Keep in mind I still use the STS Server to create the user with all the administrator rights for the simplicity of the application.
1.Open the following link for downloading the STS Java SDK for AlibabaCloud. At the time of this writing the “Java SDK (2015–08–25) Version 2.1.6” is the latest version. It might happen the versions change but almost the code remains the same.
2.Unzip the downloaded file. You will find some contents like the below image
3.I used Eclipse to run the code. In your Eclipse, navigate to File > Import > Existing Maven Project.
4.After selecting the following option, you will see the immediate dialog asking for the directory of your code repo downloaded. Eclipse should automatically detect the code and show the pom.xml file. Select the checkbox and select finish.
5.After importing the code, you can see the below project structure.
6.Open “StsServiceSample.java”, this is where you need to make changes to get your STS related values.
7.There are three values we need to change in order to get new values.
8.Navigate to console to get the values.
Setting Up user and Accessing the Key values:
1.Login to Alibaba Cloud and Navigate to your console and check for “Resource access management”
2.If you are opening the resource access management for the first time you need to activate the service by clicking the “Activate Now” button. 2.
Creating User in RAM
1.Once the service is activated, you can see “Create User” to create the resource in your resource access management. Click to proceed.
2.Fill the corresponding “User Name”, “Display Name” and “Description” as required. Here the “User name” is mandatory and the “Display Name” and the “Description” are optional. Make sure you check the checkbox to generate an access key for the corresponding user.
3.When the access key is created, you will see a prompt stating “Access key successfully created”. Additionally, you can save the access key information with a click of a button. You are strongly recommended to do this as it is a one-time activity — you will not be able to download the access key later.
4.Once the access key is created name and the display name which you have provided along with the description on the dashboard. Click on “Manage” to see other details.
5.There are two more options other than “User Details”, which are “User Authorization policies” and “User group”. Click on “User Authorization policies” and verify if you have any other User related Authorization policies available.
6.Navigate to the “Resource Access Management” dashboard where you can see different options like Users, Groups, Policies, Roles and Settings. Click on Roles > Create new role.
Creating a Role
You can create a new role in 4 steps
1.Step 1: Select user role as we are assigning this role to a particular user
2.Step 2: Select “Current Alibaba cloud account” and leave the “Trusted Alibaba cloud account ID to the default value and click next. I have blurred my Alibaba Cloud ID for security purposes.
3.Step 3: You can create your own role name. I am giving the name of “Admin” as this particular role will have all the access privileges of the administrator. You can even provide description if required. Click on create once complete.
4.Step 4: Once the rule is created you will see the below prompt. Click on “Authorize”.
5.After clicking “Authorize”, select administrator access from “Available Authorisation Policy Names” and click on the right Arrow (>). If everything is correctly configured, you should see something similar to the image below.
6.Navigate to dashboard click on Roles, and you can see the new role name added. In my case, it is “Admin”. Click on manage to see the role details, where you will find arn. Take note of this value as we will be using it to generate the STS Token.
7.Record the access key ID and the access key secret from the csv file downloaded at the initial step while creating the user.
8.Now, for generating the STS token, replace Accesskey ID, Accesskey secret and Role ARN in the following variables of the StsServiceSample.Java
String accessKeyId = "Replace your Details Here";
String accessKeySecret = "Replace your Details Here";
String roleArn = "Replace your Details Here";
9.Right click on the Java file and choose “Run As” select Java application. You should see the output in the Console with all three values access key ID access key secret, and the STS token should be generated.
10.Finally, make sure you save your region information as we need to replace the region information in the JAVA file later either by replacing the variable or updating the variable.
public static final String REGION_CN_HANGZHOU = "cn-hangzhou";IClientProfile profile = DefaultProfile.getProfile(REGION_CN_HANGZHOU, accessKeyId, accessKeySecret);
Activating and Setting up OSS:
1.Navigate to Object Storage Service in the console. You may be required to activate the OSS service if you are opening it for the first time as we did it for the Resource Access Management service. Make sure the region you selected have the image processing capabilities.
2.Once the service is activated, click on Create Bucket to create a storage bucket for our application.
3.You can fill in the relevant information in the corresponding form. You can use the Standard Storage as the storage class because files inside the application will be frequently accessed by multiple parties. The ACL level can be just Public Read/Write for the sake of simplicity of the application. Make sure you keep a reference of the endpoint as you need to update it in the property files.
In this section of setting up the photo sharing application we saw how to create Security Token Service (STS) credentials using Resource Access Management (RAM). We can actually create a new user and assign multiple access permissions using RAM. In production scenarios, we typically want to use RAM to create users dynamically or create user groups that only have certain level of access to the application. We can even create multiple users to access our app with limited access levels. Once the user is created, you can see it in the dashboard. A separate link will be created to signing into the console for RAM users.
You can typically move the STS code into the application. Whenever the credentials expire, you can make the application call STS to generate new credentials. You can even make an HTTP call to the STS to fetch credentials, but I recommend to integrate the Java code because it is lot easier than making in HTTP/HTTPS call.
In following section, I will be discussing the basic synchronous and asynchronous functionalities of OSS & and image processing capabilities in Android.