[英]Using aws javascript sdk putObject with a pre-signed URL
I have a working solution which allows users to upload files to s3 with a server-generated policy, signature & expiry, like so: 我有一个可行的解决方案,允许用户使用服务器生成的策略,签名和有效期将文件上传到s3,如下所示:
<form id="uploadForm" action=*myBucketUrl* method="post" enctype="multipart/form-data">
<input type="hidden" name="AWSAccessKeyId" >
<input type="hidden" name="key">
<input type="hidden" name="Content-Type" >
<input type="hidden" name="acl" value="private">
<input type="hidden" name="policy">
<input type="hidden" name="signature">
</form>
This works well, so CORS, S3, signing, etc are working fine. 这很好,所以CORS,S3,签名等都可以正常工作。
I'd like to try this same approach using the AWS SDK for Javascript . 我想使用适用于Java的AWS开发工具包尝试相同的方法。 I can't find a single mention of how to use my values for 'policy' and 'signature'.
我找不到任何提及如何将我的价值观用于“政策”和“签名”的信息。 Here is my code so far:
到目前为止,这是我的代码:
var bucket = new AWS.S3({
accessKeyId: $("#uploadForm input[name='AWSAccessKeyId']").val(),
params: {
Bucket: myBucket
}
});
var params = {
Key: $("#uploadForm input[name='key']").val(),
ContentType: $("#uploadForm input[name='Content-Type']").val(),
Body: blob,
};
bucket.upload(params, function(err, data) {
console.log(err ? 'ERROR!' + err : 'UPLOADED.');
});
Is it possible to use s3.putObject of the AWS JS SDK in conjunction with pre-signed requests? 是否可以将AWS JS SDK的s3.putObject与预签名请求结合使用?
We recently wanted to move from a custom implementation to the AWS JS SDK and had the same problem. 我们最近想从定制实现过渡到AWS JS SDK,并且遇到了同样的问题。 Unfortunately, as far as I know, there is no way to do this.
不幸的是,据我所知,这是没有办法的。 There is an alternative method however:
但是,还有另一种方法:
You can use Cognito for this. 您可以为此使用Cognito。 Each time a user upload is nessecary (or uploads), do a cognito call to get an unauthenticated user token.
每次用户上载是必要的(或上载)时,请执行认知调用以获取未经身份验证的用户令牌。 The IAM role associated with unauthenticated users can be given access to the bucket you want the user files to be put in. The Cognito credentials can then be used to sign the requests.
可以授予与未经身份验证的用户关联的IAM角色访问您要放入用户文件的存储桶的权限。然后,可以使用Cognito凭据对请求进行签名。 This is how we do it now and it works very nicely.
这就是我们现在的做法,并且效果很好。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.