无法下载图像与s3 getSignedUrl（'getObject ..）和返回签名不匹配 [英] Could not download image with s3 getSignedUrl('getObject..) and returns Signature does not match

问题描述

我是AWS的新手。所有我想做的是将图像从我的应用程序上传到aws S3，并下载它，以查看应用程序中的另一个页面中的图像。上传成功，可以在S3中查看上传的图片。但无法下载，因为它会引发以下错误。

I'm relatively new to AWS. All I was trying to do is to upload image from my app to aws S3 and download it to view the image in another page in app. The upload was successful and was able to see the uploaded image in S3. But couldn't download it as it throws the following error.

     FileTransferError {body = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we
calculated does not match the signature you provided. Check your key and signing 
method.</Message><AWSAccessKeyId>AKXXXXXXXXXXXXXXXXXX</AWSAccessKeyId>
<StringToSign>GET\n\n\n1469897687\n/huntuploads/uploads/%25222a85a6675d15eeeca5c8b
da6eed4c52e%2522</StringToSign>
<SignatureProvided>cUBhtiA5AGJbj8vl%2FX6xi%2B9BBRY%3D</SignatureProvided>
<StringToSignBytes>47 45 54 0a 0a 0a 31 34 36 39 38 39 37 36 38 37 0a 2f 68 75 6e 
74 66 6f 6f 64 75 70 6c 6f 61 64 73 2f 75 70 6c 6f 61 64 73 2f 25 32 35 32 32 32 
61 38 35 61 36 36 37 35 64 31 35 65 65 65 63 61 35 63 38 62 64 61 36 65 65 64 34 
63 35 32 65 25 32 35 32 32</StringToSignBytes>
<RequestId>CCB513320456EB6B</RequestId>
<HostId>v4c7Ozf911tErWo5dCsL9RNLL78r3rUE6234Z801ZFXuELrji4juDehHmaxnK8t5qMBGcjz90a
I=</HostId></Error>";
        code = 3;
        "http_status" = 403;
        source = "https://huntuploads.s3-us-west-
2.amazonaws.com/uploads/%25222a85a6675d15eeeca5c8bda6eed4c52e%2522?
AWSAccessKeyId=AKXXXXXXXXXXXXXXXXXX&Expires=1469897687&Signature=cUBhtiA5AGJbj8vl%
252FX6xi%252B9BBRY%253D";
        target = "file:///var/mobile/Containers/Data/Application/1EB46B25-8BC5-
46C9-BE6B-BF1E120B7627/Documents/%222a85a6675d15eeeca5c8bda6eed4c52e%22";
}

以下代码用于上传在服务器端正常工作的图片

Here is the following code for uploading the image which works fine at the server side

 var AWS = require('aws-sdk');
    AWS.config.update({accessKeyId: 'AXXXXXXXXX......', secretAccessKey: 'XXXXX....'});
    AWS.config.update({region: 'us-west-2'});

var s3 = new AWS.S3( { params: {Bucket: 'huntfooduploads'}});

app.post('/FileUpload', function(req, res, next) {
var fileStream = fs.createReadStream(req.files.file.path);
          var params = {
              'Key': 'uploads/' + req.files.file.name,
              'Body': fileStream,
              'ContentEncoding': 'base64',
              'Content-Type ': 'image/jpeg'
          };

   s3.upload(params, function(err, data) {
      if (err) throw err;
      console.log('after s3 upload====', err, data);
       var imgFileInfo = req.files;
       var imgUploadData = data;
       ....
   }
}

以下代码用于从服务器端使用getSignedUrl for s3下载映像

Here is the following code used for downloading the image using getSignedUrl for s3 from server side

var urlParams = {Bucket: 'huntuploads', Key:'uploads/'+rows[0].MyHunt_FileName};

  // s3 getSigned Url
  s3.getSignedUrl('getObject', urlParams, function(err, url)  {
      if (err) throw callback(err);
       var fullUrl={awsUrl:url};
       res.send(fullUrl);
  })

一旦我发送fullUrl回到客户端这是应用程序，我尝试使用以下

Once I send the fullUrl back to client side which is app, I tried using the following

$cordovaFileTransfer.download(encodeURI(itemData[3].awsUrl), targetPath, options, trustHosts)
         .then(function(result) {
           console.log('Success! Download is successful');
            $scope.imgURI = targetPath;
         }, function(err) {
            console.log('Error!!! Download is not successful');
           // Error
         }, function (progress) {
             $timeout(function () {
             $scope.downloadProgress = (progress.loaded / progress.total) * 100;
           });
         });

从应用程序端，当我试图下载图像时，我得到上面提到的消息。我试图添加nx-amz-server-side-encryption-customer-algorithm：AES256作为头。我需要知道以下内容

From the app side when I tried to download the image i get the message mentioned above. I tried with adding nx-amz-server-side-encryption-customer-algorithm:AES256 as a header. I need to know the following

1. 这是将数据从服务器传递到客户端（app）的正确方法


2. 如果getSigned url的urlParams正确。

有人可能向我提出正确的建议。

Can someone advise me in right direction.

推荐答案

我已经解决了我的自我。但感谢您的帮助迈克尔和其他人。解决方案是在

Well I've resolved my self. But thanks for your help Michael and others. The solution is I added the following line as options in one of the

var options = {encodeURI：false}之一中添加以下行作为选项。
，然后
cordovaFileTransfer.download（encodeURI（itemData [3] .awsUrl），targetPath，options，trustHosts）{...}

var options = {encodeURI:false}; and then cordovaFileTransfer.download(encodeURI(itemData[3].awsUrl), targetPath, options, trustHosts){ ...}

这解决了问题。看来encodeUI被设置为true默认情况下更改了签名。

which fixed the issue. Looks like encodeUI is set to true by default which changed the signature.

这篇关于无法下载图像与s3 getSignedUrl（'getObject ..）和返回签名不匹配的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！