- Release Notes
- Product Introduction
- Purchase Guide
- Getting Started
- Console Guide
- Console Overview
- Bucket Management
- Bucket Overview
- Creating Buckets
- Deleting Buckets
- Querying Buckets
- Empty Buckets
- Setting Access Permission
- Setting Bucket Encryption
- Setting Hotlink Protection
- Setting Origin-Pull
- Setting Cross-Origin Access
- Setting Versioning
- Setting up a Static Website
- Setting Lifecycle
- Setting Logging Configuration
- Accessing Bucket List Using Sub-Account
- Adding Bucket Policies
- Setting INTELLIGENT TIERING
- Enabling Inventory
- Domain Name Management
- Setting Bucket Tags
- Setting Cross-Bucket Replication
- Enabling Global Acceleration
- Object Management
- Uploading Objects
- Downloading Objects
- Copying Objects
- Viewing Object Information
- Searching for Objects
- Sorting and Filtering Objects
- Direct Upload Archiving
- Modifying Storage Class
- Deleting File Fragments
- Setting Object Access Permission
- Setting Object Encryption
- Custom Headers
- Deleting an Object
- Restoring Archived Objects
- Folder Management
- Data Extraction
- Setting Object Tags
- Batch Operation
- Monitoring Reports
- Data Processing
- Application Integration
- User Tools
- GooseFS
- Best Practice
- Overview
- Access Control and Permission Management
- ACL Practices
- Cloud Access Management Practices
- Granting Sub-accounts Access to COS
- Cases of Permission Setting
- Working with COS API Access Policies
- Temporary Key Security Guide for Frontend Direct Upload to COS
- Generating and Using Temporary Keys
- Grant Sub-account Permissions to Pull Tag List
- Granting Sub-account Under One Root Account Permission to Manipulate Buckets Under Another Root Account
- Performance Optimization
- Data Migration
- Accessing COS Using the AWS S3 SDK
- Data Disaster Recovery and Backup
- Direct Data Upload
- Domain Name Management Practice
- Data Security
- Data Verification
- Big Data Practice
- Using COS in the Third-party Applications
- Introduction to COS Data Security Solution
- Developer Guide
- Creating Request
- Bucket
- Object
- Data Management
- Data Disaster Recovery
- Data Security
- Cloud Access Management (CAM)
- Batch Processing
- Monitoring and Alarms
- Global Acceleration
- Data Processing
- Troubleshooting
- API Documentation
- Introduction
- Common Request Headers
- Common Response Headers
- Error Codes
- Request Signature
- Operation List
- Service APIs
- Bucket APIs
- Basic Operations
- Access Control List (acl)
- Cross-Origin Resource Sharing (cors)
- Lifecycle
- Bucket Policy (policy)
- Hotlink Protection (referer)
- Tag (tagging)
- Static Website (website)
- Intelligent Tiering
- Bucket inventory(inventory)
- Versioning
- Cross-Bucket Replication(replication)
- Log Management(logging)
- Global Acceleration (Accelerate)
- Bucket Encryption (encryption)
- Custom Domain Name (Domain)
- Object APIs
- Batch Operation APIs
- Data Processing APIs
- Image Processing
- Basic Image Processing
- Scaling
- Cropping
- Rotation
- Format Conversion
- Quality Change
- Gaussian Blurring
- Adjusting Brightness
- Adjusting Contrast
- Sharpening
- Image Watermarking
- Text Watermarking
- Obtaining Basic Image Information
- Obtaining Image EXIF
- Obtaining Image’s Average Hue
- Removing Image Metadata
- Quick Thumbnail Template
- Pipeline Operator
- Image Advanced Compression
- Persistent Image Processing
- Basic Image Processing
- Image Processing
- SDK Documentation
- SDK Overview
- Preparations
- Android SDK
- Object Operations
- Uploading and Copying Objects
- Downloading Objects
- Listing Objects
- Deleting an Object
- Restoring an Archived Object
- Querying Object Metadata
- Generating a Pre-Signed URL
- Configuring Preflight Requests for Cross-origin Access
- Moving an Object
- Server-Side Encryption
- Single-Connection Bandwidth Limit
- Extracting Object Content
- Getting Started
- Quick Experience
- Bucket Operations
- Remote Disaster Recovery
- Data Management
- Cloud Access Management
- Setting Custom Headers
- Setting Access Domain Names
- Image Processing
- Troubleshooting
- Object Operations
- C SDK
- C++ SDK
- .NET(C#) SDK
- Getting Started
- Bucket Operations
- Object Operations
- Uploading and Copying Objects
- Moving an Object
- Downloading Objects
- Listing Objects
- Deleting Objects
- Restoring Archived Objects
- Querying Object Metadata
- Generating a Pre-Signed URL
- Configuring Preflight Requests for Cross-Origin Access
- Server-Side Encryption
- Single-Connection Bandwidth Limit
- Extracting Object Content
- Cross-Region Disaster Recovery
- Data Management
- Cloud Access Management
- Image Processing
- Setting Custom Headers
- Setting Access Endpoints
- Troubleshooting
- Go SDK
- iOS SDK
- Java SDK
- JavaScript SDK
- Node.js SDK
- PHP SDK
- Python SDK
- Mini Program SDK
- Error Codes
- FAQs
- Service Level Agreement
- Glossary
- Release Notes
- Product Introduction
- Purchase Guide
- Getting Started
- Console Guide
- Console Overview
- Bucket Management
- Bucket Overview
- Creating Buckets
- Deleting Buckets
- Querying Buckets
- Empty Buckets
- Setting Access Permission
- Setting Bucket Encryption
- Setting Hotlink Protection
- Setting Origin-Pull
- Setting Cross-Origin Access
- Setting Versioning
- Setting up a Static Website
- Setting Lifecycle
- Setting Logging Configuration
- Accessing Bucket List Using Sub-Account
- Adding Bucket Policies
- Setting INTELLIGENT TIERING
- Enabling Inventory
- Domain Name Management
- Setting Bucket Tags
- Setting Cross-Bucket Replication
- Enabling Global Acceleration
- Object Management
- Uploading Objects
- Downloading Objects
- Copying Objects
- Viewing Object Information
- Searching for Objects
- Sorting and Filtering Objects
- Direct Upload Archiving
- Modifying Storage Class
- Deleting File Fragments
- Setting Object Access Permission
- Setting Object Encryption
- Custom Headers
- Deleting an Object
- Restoring Archived Objects
- Folder Management
- Data Extraction
- Setting Object Tags
- Batch Operation
- Monitoring Reports
- Data Processing
- Application Integration
- User Tools
- GooseFS
- Best Practice
- Overview
- Access Control and Permission Management
- ACL Practices
- Cloud Access Management Practices
- Granting Sub-accounts Access to COS
- Cases of Permission Setting
- Working with COS API Access Policies
- Temporary Key Security Guide for Frontend Direct Upload to COS
- Generating and Using Temporary Keys
- Grant Sub-account Permissions to Pull Tag List
- Granting Sub-account Under One Root Account Permission to Manipulate Buckets Under Another Root Account
- Performance Optimization
- Data Migration
- Accessing COS Using the AWS S3 SDK
- Data Disaster Recovery and Backup
- Direct Data Upload
- Domain Name Management Practice
- Data Security
- Data Verification
- Big Data Practice
- Using COS in the Third-party Applications
- Introduction to COS Data Security Solution
- Developer Guide
- Creating Request
- Bucket
- Object
- Data Management
- Data Disaster Recovery
- Data Security
- Cloud Access Management (CAM)
- Batch Processing
- Monitoring and Alarms
- Global Acceleration
- Data Processing
- Troubleshooting
- API Documentation
- Introduction
- Common Request Headers
- Common Response Headers
- Error Codes
- Request Signature
- Operation List
- Service APIs
- Bucket APIs
- Basic Operations
- Access Control List (acl)
- Cross-Origin Resource Sharing (cors)
- Lifecycle
- Bucket Policy (policy)
- Hotlink Protection (referer)
- Tag (tagging)
- Static Website (website)
- Intelligent Tiering
- Bucket inventory(inventory)
- Versioning
- Cross-Bucket Replication(replication)
- Log Management(logging)
- Global Acceleration (Accelerate)
- Bucket Encryption (encryption)
- Custom Domain Name (Domain)
- Object APIs
- Batch Operation APIs
- Data Processing APIs
- Image Processing
- Basic Image Processing
- Scaling
- Cropping
- Rotation
- Format Conversion
- Quality Change
- Gaussian Blurring
- Adjusting Brightness
- Adjusting Contrast
- Sharpening
- Image Watermarking
- Text Watermarking
- Obtaining Basic Image Information
- Obtaining Image EXIF
- Obtaining Image’s Average Hue
- Removing Image Metadata
- Quick Thumbnail Template
- Pipeline Operator
- Image Advanced Compression
- Persistent Image Processing
- Basic Image Processing
- Image Processing
- SDK Documentation
- SDK Overview
- Preparations
- Android SDK
- Object Operations
- Uploading and Copying Objects
- Downloading Objects
- Listing Objects
- Deleting an Object
- Restoring an Archived Object
- Querying Object Metadata
- Generating a Pre-Signed URL
- Configuring Preflight Requests for Cross-origin Access
- Moving an Object
- Server-Side Encryption
- Single-Connection Bandwidth Limit
- Extracting Object Content
- Getting Started
- Quick Experience
- Bucket Operations
- Remote Disaster Recovery
- Data Management
- Cloud Access Management
- Setting Custom Headers
- Setting Access Domain Names
- Image Processing
- Troubleshooting
- Object Operations
- C SDK
- C++ SDK
- .NET(C#) SDK
- Getting Started
- Bucket Operations
- Object Operations
- Uploading and Copying Objects
- Moving an Object
- Downloading Objects
- Listing Objects
- Deleting Objects
- Restoring Archived Objects
- Querying Object Metadata
- Generating a Pre-Signed URL
- Configuring Preflight Requests for Cross-Origin Access
- Server-Side Encryption
- Single-Connection Bandwidth Limit
- Extracting Object Content
- Cross-Region Disaster Recovery
- Data Management
- Cloud Access Management
- Image Processing
- Setting Custom Headers
- Setting Access Endpoints
- Troubleshooting
- Go SDK
- iOS SDK
- Java SDK
- JavaScript SDK
- Node.js SDK
- PHP SDK
- Python SDK
- Mini Program SDK
- Error Codes
- FAQs
- Service Level Agreement
- Glossary
Overview
Node.js SDK provides APIs for getting object URLs and pre-signed request URLs. For details, see the descriptions and samples below.
Signature Calculation
In all COS XML API requests, the authentication credential Authorization is required for all operations on private resources for COS to determine whether a request is valid.
There are two ways to use the authentication credential:
- Put it in the header parameter; field name: authorization.
- Put it in the URL parameter; field name: sign.
The COS.getAuthorization method is used to calculate the authentication credential (Authorization), which is the signing information used to verify the request validity.
Note:It is recommended that this method is only used for frontend debugging but not in actual projects, as it may disclose keys.
Use case
Obtaining the authentication credential for file download:
// Log in to the [CAM console](https://console.cloud.tencent.com/cam/capi) to check and manage the `SecretId` and `SecretKey` of your project.
var COS = require('cos-nodejs-sdk-v5');
var Authorization = COS.getAuthorization({
SecretId: 'SECRETID',
SecretKey: 'SECRETKEY',
Method: 'get',
Key: 'a.jpg',
Expires: 60,
Query: {},
Headers: {}
});
Parameter description
| Parameter | Description | Type | Required |
|---|---|---|---|
| SecretId | User's SecretId |
String | No |
| SecretKey | User's SecretKey |
String | Yes |
| Method | HTTP request method such as GET, POST, DELETE, or HEAD |
String | Yes |
| Key | Object key (object name), a unique ID of an object in a bucket. If the request operation is to be performed on a file, this parameter is required and should be a filename. If the operation is on a bucket, this parameter should be left empty | String | No |
| Query | query parameter object of the request |
Object | No |
| Headers | header parameter object of the request |
Object | No |
| Expires | Signature expiration time in seconds. Default value: 900 seconds | Number | No |
Returned value
The returned value is the calculated authentication credential string authorization.
Getting a Pre-signed Request URL
Samples for download requests
Sample 1. Get an unsigned object URL
var url = cos.getObjectUrl({
Bucket: 'examplebucket-1250000000',
Region: 'COS_REGION',
Key: '1.jpg',
Sign: false
});
Sample 2. Get a signed object URL
var url = cos.getObjectUrl({
Bucket: 'examplebucket-1250000000',
Region: 'COS_REGION',
Key: '1.jpg'
});
Sample 3. If the signing process is asynchronous, you need to get the signed URL through a callback
cos.getObjectUrl({
Bucket: 'examplebucket-1250000000',
Region: 'COS_REGION',
Key: '1.jpg',
Sign: false
}, function (err, data) {
console.log(err || data.Url);
});
Sample 4. Specify the validity period of a link
cos.getObjectUrl({
Bucket: 'examplebucket-1250000000',
Region: 'COS_REGION',
Key: '1.jpg',
Sign: true,
Expires: 3600, // Unit: second
}, function (err, data) {
console.log(err || data.Url);
});
Sample 5. Get the file URL and download the file
var request = require('request');
var fs = require('fs');
cos.getObjectUrl({
Bucket: 'examplebucket-1250000000',
Region: 'COS_REGION',
Key: '1.jpg',
Sign: true
}, function (err, data) {
if (err) return console.log(err);
console.log(data.Url);
var req = request(data.Url, function (err, response, body) {
console.log(err || body);
});
var writeStream = fs.createWriteStream(__dirname + '/1.jpg');
req.pipe(writeStream);
});
Samples for upload requests
Sample 1. Get a pre-signed URL for Put Object upload
var request = require('request');
var fs = require('fs');
cos.getObjectUrl({
Bucket: 'examplebucket-1250000000',
Region: 'COS_REGION',
Method: 'PUT',
Key: '1.jpg',
Sign: true
}, function (err, data) {
if (err) return console.log(err);
console.log(data.Url);
var readStream = fs.createReadStream(__dirname + '/1.jpg');
var req = request({
method: 'PUT',
url: data.Url,
}, function (err, response, body) {
console.log(err || body);
});
readStream.pipe(req);
});
Parameter description
| Parameter | Description | Type | Required |
|---|---|---|---|
| Bucket | Bucket name in the format of BucketName-APPID. |
String | Yes |
| Region | Bucket region. For the enumerated values, please see Regions and Access Endpoints. | String | Yes |
| Key | Object key (object name) is the unique ID of an object in a bucket. If the request operation is to be performed on a file, this parameter is required and should be a filename. If the operation is on a bucket, this parameter should be left empty | String | Yes |
| Sign | Whether to return a signed URL. Default value: true |
Boolean | No |
| Protocol | It can be http: (default) or https: |
String | No |
| Domain | Bucket access domain. Default value: {BucketName-APPID}.cos.{Region}.myqcloud.com |
String | No |
| Method | HTTP request method such as GET, POST, DELETE, or HEAD. Default value: GET |
String | No |
| Query | query parameter object used in signature calculation |
Object | No |
| Headers | header parameter object used in signature calculation |
Object | No |
| Expires | Signature expiration time in seconds. Default value: 900 seconds | Number | No |
Returned value description
A string is returned in one of the two ways:
- If the signature can be calculated synchronously (for example, the SecretId and SecretKey have been passed in during instantiation), the signed URL will be returned by default.
- Otherwise, an unsigned URL will be returned.
Callback function description
function(err, data) { ... }
| Parameter | Description | Type |
|---|---|---|
| err | Object returned when an error (network error or service error) occurs. If the request is successful, this parameter is left empty. For more information, please see Error Codes. | Object |
| data | Object returned when the request is successful. If the request fails, this parameter is left empty | Object |
| - Url | Calculated URL | String |
Yes
No
Was this page helpful?