尝试获取已签名的URL以执行浏览器上载时,AWS S3:SignatureDoesNotMatch

时间:2017-09-20 16:41:34

标签: node.js amazon-web-services amazon-s3

我正在尝试将文件从我的浏览器上传到S3(Base64格式),但似乎我必须首先获得一个已签名的URL,但我从未得到正确的响应,试图获取此签名的URL。这是我做的:

...
const aws = require('aws-sdk')

MyController.get('/s3_sign', (req, res) => {

  let s3 = new aws.S3();
  aws.config.update({
    accessKeyId: "AKIAIWUTWWWBZM3IZNJAQ",
    secretAccessKey: "My_Secret_Key_Without_Any_Special_Characther"
  });

  let params = {
    Bucket: 'my-bucket-name',
    Key: 'file.jpg',
    Expires: 300
  };

  const url = s3.getSignedUrl('putObject', params, function(err, data){
    if (err) {
      console.log("Error uploading data: ", err);
      res.json({success: false})
    } else {
      console.log("URL: ", data);
      res.json({success: true, data: data})
    }
  });

})

我正在本地测试,当我点击此网址时,我收到了此回复:

<Error>
<Code>SignatureDoesNotMatch</Code>
<Message>
The request signature we calculated does not match the signature you provided. Check your key and signing method.
</Message>
<AWSAccessKeyId>AKIAIWUTWWWBZM3IZNJAQ</AWSAccessKeyId>
<StringToSign>
GET 1505923677 /my-bucket-name/button.png
</StringToSign>
<SignatureProvided>J41L/yY6SipfRcQa6yEjlrWahY8=</SignatureProvided>
<StringToSignBytes>
47 45 54 0a 0a 0a 31 35 30 35 39 32 33 36 37 37 0a 2f 63 6f 6e 70 61 73 73 2d 64 65 76 2f 63 6f 6e 70 61 73 73 2d 63 74 61 2d 62 6c 75 65 2d 31 78 2e 70 6e 67
</StringToSignBytes>
<RequestId>62398629E214AC9D</RequestId>
<HostId>
ZD9X7KkvhtKA5PBjfQXGo+IhHRSa0vVnWyEhdepB2O8h50OEP5iEsCHpV/UY27QqPFEgHf0kLu0=
</HostId>
</Error>

我已经检查过,我的凭据是正确的,没有任何空格,任何特殊字符。但我不知道为什么我从来没有让它发挥作用。

我不确定它是否相关,因为我甚至无法获得签名的URL(在上传之前),但我的CORS设置如下:

<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
    <AllowedOrigin>*</AllowedOrigin>
    <AllowedMethod>PUT</AllowedMethod>
    <MaxAgeSeconds>3000</MaxAgeSeconds>
    <AllowedHeader>Content-Type</AllowedHeader>
    <AllowedHeader>x-amz-acl</AllowedHeader>
    <AllowedHeader>origin</AllowedHeader>
</CORSRule>
</CORSConfiguration>

我期待着有关如何克服这个问题的一些想法。

1 个答案:

答案 0 :(得分:0)

您正尝试在PUT网址上执行GET操作。如果您想获得GET方法的签名网址,

var params = {Bucket: 'bucket', Key: 'key', Expires: 60};
var url = s3.getSignedUrl('getObject', params);
console.log('The URL is', url); // expires in 60 seconds

详细文档,

http://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#getSignedUrl-property