前言:我在2013年底使用我的fineuploader上传站点工作,S3作为存储。亚马逊随后在许多地方将授权机制升级到V4。所以我决定升级我的fineuploader。
我的问题是,当x-amz-credential为真时,它不会发送cors.sendCredentials。因此(新下载和调整的)PHP服务器端说undefined variable: credentialcondition。我们来看看配置和相关代码:
我将fineUploader配置为:
var s3Uploader = new qq.s3.FineUploader({
element: document.getElementById("fineuploader-s3"),
debug: true,
request: {
endpoint: "anonimized-bucket-name.s3.amazonaws.com",
accessKey: "AKIAANONIMIZEDG4AIYQ"
},
cors: {
expected: true,
sendCredentials: true
},
template: "qq-simple-thumbnails-template",
signature: {
endpoint: "index.php?mode=video&formId=3&hash=28120&v4=true"
},
uploadSuccess: {
endpoint: "index.php?mode=video&formId=3&hash=28120&v4=true&success=1"
},
iframeSupport: {
localBlankPagePath: "/include/blank.html"
},
chunking: {
enabled: true
},
resume: {
enabled: true
},
deleteFile: {
enabled: false,
method: "POST",
endpoint: "index.php?mode=video&formId=3&hash=28120&v4=true"
},
validation: {
itemLimit: 1000,
sizeLimit: 5000111000
},
thumbnails: {
placeholders: {
notAvailablePath: "fu/assets/not_available-generic.png",
waitingPath: "fu/assets/waiting-generic.png"
}
}
});
我的PHP服务器的POST请求包含这个主体(添加了换行符以便于阅读):
{"expiration":"2016-12-22T09:59:32.767Z","conditions":[{"acl":"private"},
{"bucket":"anonimized-bucket-name"},{"Content-Type":"application/pdf"},
{"success_action_status":"200"},{"key":"c7e7c9dc-c4d3-4bec-af52-d3ad34c202ad.pdf"},
{"x-amz-meta-qqfilename":"Adatbazisok_2.pdf"},["content-length-range","0","5000111000"]]}
相关的服务器端代码(与引用实现相比没有变化):
function signV4Policy($stringToSign, $policyObj) {
global $clientPrivateKey;
foreach ($policyObj["conditions"] as $condition) {
if (isset($condition["x-amz-credential"])) {
$credentialCondition = $condition["x-amz-credential"];
}
}
$pattern = "/.+\/(.+)\\/(.+)\/s3\/aws4_request/";
preg_match($pattern, $credentialCondition, $matches);
$dateKey = hash_hmac('sha256', $matches[1], 'AWS4' . $clientPrivateKey, true);
$dateRegionKey = hash_hmac('sha256', $matches[2], $dateKey, true);
$dateRegionServiceKey = hash_hmac('sha256', 's3', $dateRegionKey, true);
$signingKey = hash_hmac('sha256', 'aws4_request', $dateRegionServiceKey, true);
return hash_hmac('sha256', $stringToSign, $signingKey);
}
错误符合preg_match undefined variable: cretentialCondition。{/ p>
我收到的示例policyObj:
array(2) {
["expiration"]=>
string(24) "2016-12-22T09:59:32.767Z"
["conditions"]=>
array(7) {
[0]=>
array(1) {
["acl"]=>
string(7) "private"
}
[1]=>
array(1) {
["bucket"]=>
string(12) "anonimized-bucket-name"
}
[2]=>
array(1) {
["Content-Type"]=>
string(15) "application/pdf"
}
[3]=>
array(1) {
["success_action_status"]=>
string(3) "200"
}
[4]=>
array(1) {
["key"]=>
string(40) "c7e7c9dc-c4d3-4bec-af52-d3ad34c202ad.pdf"
}
[5]=>
array(1) {
["x-amz-meta-qqfilename"]=>
string(17) "Adatbazisok_2.pdf"
}
[6]=>
array(3) {
[0]=>
string(20) "content-length-range"
[1]=>
string(1) "0"
[2]=>
string(10) "5000111000"
}
}
}
版本:php 7,fineuploader 5.11.0(最新),浏览器:Win 7 Firefox 50.1.0(最新)
答案 0 :(得分:1)
好。我是一个白痴。关键错误:
objectProperties.region必须设置为S3存储桶的主区域signature.version必须设置为4 4为4,而不是"4"。cors.sendCredentials设为true。这是我未能找到的手册,但没有准确地遵循:https://blog.fineuploader.com/2015/11/16/fine-uploader-5-4-aws-s3-version-4-signature-support/