使用授权标头验证S3请求

时间:2016-09-28 10:51:46

标签: bash rest amazon-web-services authentication amazon-s3

我想使用此method验证我的S3请求。为此,我调整了脚本here。这是它的样子:

#!/bin/sh
file="$2"
bucket="$1"
resource="/${bucket}/${file}"
contentType="$3"
dateValue="`date +'%a, %d %b %Y %H:%M:%S %z'`"
stringToSign="GET\n\n${contentType}\n${dateValue}\n${resource}"
s3Key="$AWS_ACCESS_KEY"
s3Secret="$AWS_SECRET_ACCESS_KEY"
signature=`/bin/echo -en "$stringToSign" | openssl sha1 -hmac ${s3Secret} -binary | base64`
curl -v -H "Host: ${bucket}.s3.amazonaws.com" -H "Date: ${dateValue}" -H "Content-Type: ${contentType}" -H "Authorization: AWS ${s3Key}:${signature}" https://${bucket}.s3.amazonaws.com/${file} 

我的文件权限是这样的:

enter image description here

和文件内容类型为:

enter image description here

以下是如何调用我的脚本:

./getfile1.sh tmp666 7b5879dd9b894f7fc5a14b895f01abd1.png image/png

不幸的是,虽然AWS返回的SignatureDoesNotMatch与我的匹配,但我收到StringToSign错误:

<StringToSign>GET

image/png
Wed, 28 Sep 2016 12:46:14 +0200
/tmp666/7b5879dd9b894f7fc5a14b895f01abd1.png</StringToSign>

我的IAM用户拥有管理员权限。我究竟做错了什么?我花了一半时间试图解决它并感到无能为力。

0 个答案:

没有答案