堆栈内存溢出
  简体   繁体   English

从 cloudfront 获取缺少密钥对 ID 查询参数或 cookie 值错误

[英]Getting Missing Key-Pair-Id query parameter or cookie value error from cloudfront

 原文  2019-11-24 21:05:38       node.js/ amazon-cloudfront/ amazon-signed-cookie

问题描述

Using cloudfront to serve private content from s3 bucket using signed cookies.使用 cloudfront 使用签名 cookie 从 s3 存储桶提供私有内容。 I am able to generate cookies, but when i request a resource, i get Missing Key-Pair-Id query parameter or cookie value error, either from node.js or even any client/browser/postman我能够生成 cookie,但是当我请求资源时,我收到 Missing Key-Pair-Id 查询参数或 cookie 值错误,无论是来自 node.js 还是任何客户端/浏览器/邮递员

const cloudFront = new AWS.CloudFront.Signer(
  fs.readFileSync('./rsa-APKAIQSVJ2R3T6PYTOUQ.pem', 'utf8'),
  fs.readFileSync('./pk-APKAIQSVJ2R3T6PYTOUQ.pem', 'utf8')
);

const policy = JSON.stringify({
  Statement: [{
    Resource: 'http*://d2q89b5pewg0ry.cloudfront.net/images/',
    Condition: {
      DateLessThan: {
        'AWS:EpochTime': Math.floor(new Date().getTime() / 1000) + 60 * 60 * 3
      }
    },
  }]
});

const cookie = cloudFront.getSignedCookie({
  policy: policy
});

let cookieString = '';
for(var cookieKey in cookie)
{
  cookieString += cookieKey + '=' + cookie[cookieKey] + ";";
}
return axios.get('https://d2q89b5pewg0ry.cloudfront.net/images/hikup.jpg',{
  headers: {
    Cookie: cookieString
  }
}).then((response) => {
  return response;
}).catch((error) => {
  return error;
});

1 个解决方案

解决方案1
 0  2019-11-25 04:40:33

You're not using the full constructor, check below:您没有使用完整的构造函数,请检查以下内容:

CloudFront signed cookies node,js CloudFront 签名 cookie 节点,js

The cookies should have 3 keys and their values: cookie 应该有 3 个键和它们的值:

CloudFront-Expires
CloudFront-Signature
CloudFront-Key-Pair-Id

You also need to add cookie/key CloudFront-Key-Pair-Id= APKAIQSVJ2R3T6PYTOUQ when making the request.您还需要在发出请求时添加 cookie/key CloudFront-Key-Pair-Id= APKAIQSVJ2R3T6PYTOUQ。

The CloudFront-Key-Pair-Id is not the public key, it just the ID(like an access key ID) so CloudFront can see which public key it needs to decrypt the signature. CloudFront-Key-Pair-Id 不是公钥,它只是 ID(如访问密钥 ID),因此 CloudFront 可以看到它需要哪个公钥来解密签名。 You can have up to 2 keys active on CloudFront and you create the signature with private key and Public key is with CloudFront, when cloudfront receives the request, it checks the CloudFront-Key-Pair-Id to know which public it should use, so end of story, the CloudFront-Key-Pair-Id is the ID when you login to AWS console and go to Security Credentials and click CloudFront Keypairs, You'll see a Access Key ID, thats one you need to define.您最多可以在 CloudFront 上拥有 2 个活动密钥,并使用私钥创建签名,公钥使用 CloudFront,当 CloudFront 收到请求时,它会检查 CloudFront-Key-Pair-Id 以了解它应该使用哪个公共密钥,因此最后,CloudFront-Key-Pair-Id 是您登录 AWS 控制台并转到安全凭证并单击 CloudFront Keypairs 时的 ID,您将看到一个访问密钥 ID,这是您需要定义的 ID。 (which is same as the file name) (与文件名相同)

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 CloudFront调试缺少Cookie的值 - CloudFront Debugging Missing Cookie Value 如何从数组创建键值对? - How to create key value pair from an array? 为什么Mongoose用_id替换对象中的键/值对? - Why is Mongoose replacing key/value pair in an object with _id? 在AWS Cloudfront中没有密钥对签名的Cookie(RSA私钥) - Signed cookies in aws cloudfront without Key Pair (RSA private key) 在CCAvenue中获取必需参数缺失错误 - Getting Required parameter missing error in CCAvenue 如何使用 Mongodb 在数组中查询具有特定键/值对的对象? - How to query an object with a specific key/value pair in an array with Mongodb? JavaScript中的键值对 - key value pair in javascript heroku错误:期望另一个键值对 - heroku error: Expected another key-value pair 使用Express和Request模块从API调用获取键值对 - Get key value pair from API call with Express and Request module 使用Node.js函数从Firebase获取值密钥对 - Get Value Key pair from Firebase with Node.js function
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM