从Node.js中的AWS S3 getSignedUrl对URL执行获取请求时出现SignatureDoesNotMatch错误
[英]SignatureDoesNotMatch error when performing get request on URL from AWS S3 getSignedUrl in Node.js
问题描述
Im trying to access data I put using the getSignedUrl method from AWS.S3 API http://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#getSignedUrl-property . 
我正在尝试访问从AWS.S3 API http://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#getSignedUrl-property使用getSignedUrl方法放置的数据。 When I use the url returned by the method I get an error. 当我使用方法返回的网址时,出现错误。
Code for putting data in S3 bucket 将数据放入S3存储桶的代码
var params = {
Bucket: BUCKET_NAME,
Key: 'testing132',
Body: 'tasdfasfasdfs',
Expires: EXPIRATION_TIME,
ACL: 'public-read'
};
$log.info('test s3 dep', this);
s3.getSignedUrl('putObject', params, function (err, url) {
if (err) return cb(err);
return cb(null, url);
});
When performing GET request from POSTMAN on the returned URL I receive the following page with some info removed for security 当对返回的URL执行POSTMAN的GET请求时,我收到以下页面,其中某些信息已出于安全性考虑被删除
<?xml version="1.0" encoding="UTF-8"?>
<Error>
<Code>SignatureDoesNotMatch</Code>
<Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message>
<AWSAccessKeyId>ASIAJ.....</AWSAccessKeyId>
<StringToSign>GET
1467833494
x-amz-acl:public-read
x-amz-security-token:FQoDYXdzEKz//////////wEaDBW+iL+gqGBqn2qxcyKcA1etzJzOZV33H3ND2hxQcm5MsJuZiHuEz5EvODXvDD7IfnlsbgNmLs70WAJ.................=
/s3test_test/testing132</StringToSign>
<SignatureProvided>sNNramN6fDo+sf......=</SignatureProvided>
<StringToSignBytes>47 45 54 0a 0a 0a 31 34 36 37 38 33 33 34 39 34 0a 78 2d 61 6d 7a 2d 61 63 6c 3a 70 75 62 6c 69 63 2d 72 65 61 64 0a 78 2d 61 6d 7a 2d 73 65 63 75 72 69 74 ..............</StringToSignBytes>
<RequestId>2404FC0B........</RequestId>
<HostId>u5CapGu...............=</HostId>
</Error>
1 个解决方案
解决方案1
0 已采纳 2016-07-06 21:57:13
So there was some confusion, I didn't read the documentation carefully enough. 因此有些混乱,我没有足够仔细地阅读文档。 I assumed that the 'putObject' argument in getSignedUrl method mean that I was uploading an object to the specified key and then retrieving a url to that object. 我假设getSignedUrl方法中的'putObject'参数意味着我正在将一个对象上传到指定的键,然后检索该对象的url。 This assumption was wrong, basically the putObject parameter means that your specifying the characteristics of an object that the user is PUTTING to the generated url. 这个假设是错误的,基本上, putObject参数意味着您指定用户将用户放入生成的URL的对象的特征。 Using getObject solved the problem. 使用getObject解决了该问题。 From docs You can use this functionality [putObject] to generate pre-signed PUT operations that require a specific payload to be uploaded by the consumer of the URL. 来自docs, You can use this functionality [putObject] to generate pre-signed PUT operations that require a specific payload to be uploaded by the consumer of the URL.
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.