亚马逊合规者我没有使用正确的算法来签署请求我是
amazon complians I am not using correct algorithm to sign requests I am
所以我可能需要添加字符串 "AWS4" 我正在使用 angular 和 python。
在 python 端我计算签名然后将其发送到前端,然后将文件发送到 aws。我将只显示签名和有效负载代码:
signature = base64.b64encode(hmac.new(aws_secret, policy, hashlib.sha256).digest())
data = {
"policy" : policy,
"signature": signature,
"key": AWS_UPLOAD_ACCESS_KEY_ID,
"file_bucket_path": upload_start_path,
"venuemenuobject" : serializesamplemenu.data,
"startpath" : upload_start_path,
"url": url
}
return Response(data)
然后使用文件创建表单并发送请求。
let fd = new FormData();
fd.append('acl', 'private');
fd.append('Content-Type', contenttype);
fd.append('AWSAccessKeyId',awspolicy.key);
fd.append('Policy', awspolicy.policy);
fd.append('key', awspolicy.startpath);
fd.append('filename', filename);
fd.append('Signature', awspolicy.signature);
fd.append('file', content);
console.log('the formdata object called');
this.awsservice.uploadtos3(awspolicy.url,fd)
.subscribe(
(req: any)=>{
console.log('the data was uploaded');
console.log(req);
}
);
和错误:
The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.
根据文档 https://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html
我们需要将 headers 添加到我们的请求中。
所以我做到了。然而还是不行。
samplemenucreateandpolicy(venuepk, payload){
const url = samplemenupolicyandcreate + '/' + String(venuepk);
return this.http.post(url, payload);
}
uploadtos3(url, payload, rawheader){
let headers = new HttpHeaders();
const authheader = 'AWS4-HMAC-SHA256 Credential=' + String(rawheader.key) + '/' + String(rawheader.date) + '/' + String(rawheader.region) +'/iam/aws4_request, SignedHeaders=content-type;x-amz-date, Signature=' + String(rawheader.signature);
headers.append('Authorization',authheader);
return this.http.post(url, payload, {headers: headers});
}
我该如何解决这个问题?
您肯定使用的是 Signature Version 2,而不是 V4。
signature = base64.b64encode(hmac.new(aws_secret, policy, hashlib.sha256).digest())
...这里...
fd.append('AWSAccessKeyId',awspolicy.key);
此参数为 X-Amz-Credential,包含附加信息以及 aws-access-key-id。
according to the docs ... we need to add the headers to our request.
您混淆了两个不同的界面。
你做的是一个表单 POST 上传,没有使用 Authorization header.
评论https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-post-example.html。
所以我可能需要添加字符串 "AWS4" 我正在使用 angular 和 python。
在 python 端我计算签名然后将其发送到前端,然后将文件发送到 aws。我将只显示签名和有效负载代码:
signature = base64.b64encode(hmac.new(aws_secret, policy, hashlib.sha256).digest())
data = {
"policy" : policy,
"signature": signature,
"key": AWS_UPLOAD_ACCESS_KEY_ID,
"file_bucket_path": upload_start_path,
"venuemenuobject" : serializesamplemenu.data,
"startpath" : upload_start_path,
"url": url
}
return Response(data)
然后使用文件创建表单并发送请求。
let fd = new FormData();
fd.append('acl', 'private');
fd.append('Content-Type', contenttype);
fd.append('AWSAccessKeyId',awspolicy.key);
fd.append('Policy', awspolicy.policy);
fd.append('key', awspolicy.startpath);
fd.append('filename', filename);
fd.append('Signature', awspolicy.signature);
fd.append('file', content);
console.log('the formdata object called');
this.awsservice.uploadtos3(awspolicy.url,fd)
.subscribe(
(req: any)=>{
console.log('the data was uploaded');
console.log(req);
}
);
和错误:
The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.
根据文档 https://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html 我们需要将 headers 添加到我们的请求中。
所以我做到了。然而还是不行。
samplemenucreateandpolicy(venuepk, payload){
const url = samplemenupolicyandcreate + '/' + String(venuepk);
return this.http.post(url, payload);
}
uploadtos3(url, payload, rawheader){
let headers = new HttpHeaders();
const authheader = 'AWS4-HMAC-SHA256 Credential=' + String(rawheader.key) + '/' + String(rawheader.date) + '/' + String(rawheader.region) +'/iam/aws4_request, SignedHeaders=content-type;x-amz-date, Signature=' + String(rawheader.signature);
headers.append('Authorization',authheader);
return this.http.post(url, payload, {headers: headers});
}
我该如何解决这个问题?
您肯定使用的是 Signature Version 2,而不是 V4。
signature = base64.b64encode(hmac.new(aws_secret, policy, hashlib.sha256).digest())
...这里...
fd.append('AWSAccessKeyId',awspolicy.key);
此参数为 X-Amz-Credential,包含附加信息以及 aws-access-key-id。
according to the docs ... we need to add the headers to our request.
您混淆了两个不同的界面。
你做的是一个表单 POST 上传,没有使用 Authorization header.
评论https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-post-example.html。