使用Javascript创建一个签名的S3 URL [英] Creating a signed S3 URL with Javascript
问题描述
我正在尝试使用Javascript&的NodeJS。我已经使用此
规范。
I am attempting to create a signed S3 URL using Javascript & NodeJS. I have used this specification.
var crypto = require('crypto'),
date = 1331290899,
resource = '/myfile.txt',
awskey = "XXXX",
awssecret = "XXXX";
var stringToSign ='GET\n\n\n' + date + '\n\n' + resource;
var sig = encodeURIComponent(crypto.createHmac('sha1', awssecret).update(stringToSign ).digest('base64'));
var url = "https://s3-eu-west-1.amazonaws.com/mybucket" +
resource + "?AWSAccessKeyId=" + awskey + "&Expires="+ date +
"&Signature="+ sig
这将创建一个类似的网址到:
This creates a url similar to this:
https://s3-eu-west-1.amazonaws.com/mybucket/test.txt?AWSAccessKeyId=XXXXXX&Expires=1331290899&Signature=EciGxdQ1uOqgFDCRon4vPqTiCLc%3D
但是,在访问时收到以下错误它:
However, I receive the following error when accessing it:
SignatureDoesNotMatch
The request signature we calculated does not match the signature you provided.
Check your key and signing method.
创建签名时我做错了什么?
What am I doing wrong when creating the signature?
编辑 - 尝试使用KNOX
我正在尝试使用诺克斯产生一个签名的URL。我需要添加标题与请求强制下载。我编辑了以下内容:
I am now attempting to use Knox to produce a signed URL. I need to add headers with the request to force download. I have edited the following:
向客户端添加了 amazonHeaders:'response-content-disposition:attachment',
signedUrl- http://jsfiddle.net/BpGNM/1/
Added amazonHeaders: 'response-content-disposition:attachment',
to client.signedUrl- http://jsfiddle.net/BpGNM/1/
将 options.amazonHeaders +'\\\
添加到
'+ auth.queryStringToSign
- < a href =http://jsfiddle.net/6b8Tm/ =noreferrer> http://jsfiddle.net/6b8Tm/
现在发送到 auth.hmacSha1
以创建sig的消息是:
The message that is now being sent to auth.hmacSha1
to create the the sig is:
'GET\n\n\n1321374212\nresponse-content-disposition:attachment\n/meshmesh-dev/test/Readme.md'
然后,我尝试使用 response-content-disposition = attachment
添加新的URL作为GET var。但是,我仍然收到与上述相同的错误。
I have then tried to access my new URL with the response-content-disposition=attachment
added as GET var. However, I am still receiving the same error stated above.
推荐答案
我会尝试使用Knox和Node.Js。它已经是一个很好的组合,并且本身也利用了Node.JS Crypto库,这是一种你想要做的 - 节省你的时间:)
I would try using Knox along with Node.Js . Its known to be a great combination and also itself utilizes the Node.JS Crypto library which is kind of what you're trying to do - saving you time:)
更多信息: https://github.com/LearnBoost/knox
比起来,你可以这样做:
Than, you could just do something like:
var knox = require('knox');
var s3Client = knox.createClient({
key: 'XXX',
secret: 'XXX',
bucket: 'XXX'
});
var expires = new Date();
expires.setMinutes(expires.getMinutes() + 30);
var url = s3Client.signedUrl(filename, expires);
编辑:
您还可以查看诺克斯检查signedUrl函数的作用并实现自己。你可以添加到 auth.signQuery
中调用一个额外的选项叫做$ code> amazonHeaders :
You could also look into Knox and just check what the signedUrl function does and implement that yourself.Than you could add to the auth.signQuery
call an extra option called amazonHeaders
:
Client.prototype.signedUrl = function(filename, expiration){
var epoch = Math.floor(expiration.getTime()/1000);
var signature = auth.signQuery({
amazonHeaders: 'response-content-disposition:attachment',
secret: this.secret,
date: epoch,
resource: '/' + this.bucket + url.parse(filename).pathname
});
return this.url(filename) +
'?Expires=' + epoch +
'&AWSAccessKeyId=' + this.key +
'&Signature=' + encodeURIComponent(signature);
};
Shai。
这篇关于使用Javascript创建一个签名的S3 URL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!