I have a go services that generate a presigned url to upload a file:
sess, err := session.NewSession(&aws.Config{
Region: aws.String(os.Getenv(AwsRegionEnv))},
)
if err != nil {
return nil, err
}
svc := s3.New(sess)
req, _ := svc.PutObjectRequest(&s3.PutObjectInput{
Bucket: aws.String(os.Getenv(BucketNameEnv)),
Key: aws.String(getFileName(file, customer)),
})
minutesTimeout, err := strconv.Atoi(os.Getenv(TimeoutURL))
if err != nil {
return nil, err
}
str, err := req.Presign(time.Duration(minutesTimeout) * time.Minute)
if err != nil {
return nil, err
}
So, I can upload a file using this presigned url using curl:
curl -vT test.pdf '<<URL PRESIGNED>>'
But, when I add an ACL, this not work, the modification are:
req, _ := svc.PutObjectRequest(&s3.PutObjectInput{
Bucket: aws.String(os.Getenv(BucketNameEnv)),
Key: aws.String(getFileName(file, customer)),
ACL: aws.String(s3.ObjectCannedACLAuthenticatedRead),
})
When I tried upload a file using the presigned url with ACL, I got this error:
<?xml version="1.0" encoding="UTF-8"?>
<Error>
<Code>SignatureDoesNotMatch</Code>
<Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message>
<AWSAccessKeyId>ASIAS...</AWSAccessKeyId>
<StringToSign>AWS4-HMAC-SHA256
20210316T135400Z
20210316/us-east-2/s3/aws4_request
d7ab7d377b719636610b11793e3e68e104a3f41fb9f9f5608138a8c2b19ceaf3</StringToSign>
<SignatureProvided>bd59fbb080..</SignatureProvided>
<StringToSignBytes>41 57 53...</StringToSignBytes>
<CanonicalRequest>PUT
/35527810/sampleVpacheco3.pdf
X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=...%2Fus-east-2%2Fs3%2Faws4_request&X-Amz-Date=20210316T135400Z&X-Amz-Expires=300&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEN7%2F%2F...&X-Amz-SignedHeaders=host%3Bx-amz-acl
host:adl-digital-dev-document-manager.s3.us-east-2.amazonaws.com
x-amz-acl:
host;x-amz-acl
UNSIGNED-PAYLOAD</CanonicalRequest>
<CanonicalRequestBytes>50 55 54...</CanonicalRequestBytes>
<RequestId>0V6FWNNGK2QCDA1V</RequestId>
<HostId>rE4rkv...</HostId>
</Error>
Any idea how I can add ACL and can upload a file successfully?
Full URL is:
https://document-manager.s3.us-east-2.amazonaws.com/35527810/sampleVpacheco5.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIASN3IRSVR%2F20210316%2Fus-east-2%2Fs3%2Faws4_request&X-Amz-Date=20210316T143240Z&X-Amz-Expires=300&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEN7%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJGMEQCIGW4j1R7H3wIxUAN8FytKbDTRne4pJGJ9I4ofpXeh%2FcaAiBFTdRNVug9WODzLdCoMcFRVzFZ%2FtGeaweeteSSTY6yMSqtAwgXEAIaDDE2NzE4NjEwOTc5NSIMh1JvraENxW8E5aBqKooDLx39b6Lx1%2Fw6AtGMSzlYRILNIXdB2Ouviq0pUlfPVCSFlZnPzo%2F%2B6%2B8ZcIpHM8E%2FDjEn1NF1lvcz9QKsuXJI94XuVCSRGiBBRvpIdm%2Ff001q3C%2FmZW2I1aMsfV518LTtEQigJ%2Fv80TPVSv7ZozoR9Zae4W3C3efjm2sJ%2BkVkI%2FBm7z6Vd97Q%2BbpVztf8Lp4GImDp1G72wtOP7wq9wSDYzFEzUja91r7g97py1Wzin6%2BXUNX68yAH%2BRePqyW6by4Lht8086B7YQcj6h77kxwE89C1NMYhKPiNl1y%2Ff4NukwWxW%2FTefqSW3Qr26eDfTV%2FVyR7%2FeNCf7OOtpkGZEmOnFbd%2FyY6wVOARcTdixQkPKKu2GAkz%2B8xuNY10uTGoh2vul3gUWBZF4Yl13R7kIq%2FPBb1UVl%2BatCwN%2BDBMj22cM4Pn%2BOJPyqxCjcfyIXwRsiYDTmmtiSIWrTvSEQaWf1Dc95lQVToA2ZsAxB8LO88%2FEz0t3FUpPw0ncgbLbHedcRYqvV62RDRQK%2FI9zjCz78KCBjqnAfzDcfP25%2BIr6ia4elbxSDOWIIv%2FjZOLlRDedHdqLKCDjYbgXoWrTQTt%2BZCRlV7UtJxo%2ByVeJvsjmb3BdI4IjI8wd8XjkV5qMejJbFcmFIQV7df0cdGY7U6nOO8gxGK9fj7Fb1Y0DtZaCxaZU8D0d2iTfUn8kl%2FT0GwSPDZqz1I6oJuG58KLR%2BVKRhuZrhTq8%2Fm98cLg7diuwt%2Bt1RwL%2BK9oonqHqXcE&X-Amz-SignedHeaders=host%3Bx-amz-acl&X-Amz-Signature=27d1fae2f60187dce85b175980c4e91334fe2a0f192d220244aa4a27e798ec9f
I Tired this:
host%3Bx-amz-acl
by host;x-amc-acl
Thanks!
it worked for me after adding acl properties in query param
req, _ := svc.GetObjectRequest(&s3.GetObjectInput{
Bucket: aws.String(bucket),
Key: aws.String(key),
})
q := req.HTTPRequest.URL.Query()
q.Add("x-amz-acl", "public-read")
q.Add("Content-Type", contentType)
req.HTTPRequest.URL.RawQuery = q.Encode()
presigned, err := req.Presign(5 * time.Minute)
if err != nil {
fmt.Printf("Error presigning URL: %v\n", err)
}
fmt.Println(presigned)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.