stackoom
  简体   繁体   中英

Getting Missing Key-Pair-Id query parameter or cookie value error from cloudfront

 原文  2019-11-24 21:05:38       node.js/ amazon-cloudfront/ amazon-signed-cookie

Question

Using cloudfront to serve private content from s3 bucket using signed cookies. I am able to generate cookies, but when i request a resource, i get Missing Key-Pair-Id query parameter or cookie value error, either from node.js or even any client/browser/postman

const cloudFront = new AWS.CloudFront.Signer(
  fs.readFileSync('./rsa-APKAIQSVJ2R3T6PYTOUQ.pem', 'utf8'),
  fs.readFileSync('./pk-APKAIQSVJ2R3T6PYTOUQ.pem', 'utf8')
);

const policy = JSON.stringify({
  Statement: [{
    Resource: 'http*://d2q89b5pewg0ry.cloudfront.net/images/',
    Condition: {
      DateLessThan: {
        'AWS:EpochTime': Math.floor(new Date().getTime() / 1000) + 60 * 60 * 3
      }
    },
  }]
});

const cookie = cloudFront.getSignedCookie({
  policy: policy
});

let cookieString = '';
for(var cookieKey in cookie)
{
  cookieString += cookieKey + '=' + cookie[cookieKey] + ";";
}
return axios.get('https://d2q89b5pewg0ry.cloudfront.net/images/hikup.jpg',{
  headers: {
    Cookie: cookieString
  }
}).then((response) => {
  return response;
}).catch((error) => {
  return error;
});

1 answers

solution1
 0  2019-11-25 04:40:33

You're not using the full constructor, check below:

CloudFront signed cookies node,js

The cookies should have 3 keys and their values: 

CloudFront-Expires
CloudFront-Signature
CloudFront-Key-Pair-Id

You also need to add cookie/key CloudFront-Key-Pair-Id= APKAIQSVJ2R3T6PYTOUQ when making the request.

The CloudFront-Key-Pair-Id is not the public key, it just the ID(like an access key ID) so CloudFront can see which public key it needs to decrypt the signature. You can have up to 2 keys active on CloudFront and you create the signature with private key and Public key is with CloudFront, when cloudfront receives the request, it checks the CloudFront-Key-Pair-Id to know which public it should use, so end of story, the CloudFront-Key-Pair-Id is the ID when you login to AWS console and go to Security Credentials and click CloudFront Keypairs, You'll see a Access Key ID, thats one you need to define. (which is same as the file name)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question CloudFront Debugging Missing Cookie Value How to create key value pair from an array? Why is Mongoose replacing key/value pair in an object with _id? Signed cookies in aws cloudfront without Key Pair (RSA private key) Getting Required parameter missing error in CCAvenue How to query an object with a specific key/value pair in an array with Mongodb? key value pair in javascript heroku error: Expected another key-value pair Get key value pair from API call with Express and Request module Get Value Key pair from Firebase with Node.js function
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM