AWS4 - FineUploader S3 上传简单文件 - 请求签名不匹配错误 - 指南 - AWS4 - FineUploader S3 uploading simple file - Request signature not matching error

我正在使用fineUploader 5.16.2，并尝试将文件从浏览器简单地上传到S3，该文件正在服务器上签名。

我在上传时收到">我们计算的请求签名与您提供的签名不匹配"错误。

我已经运行了服务器策略签名代码，并根据此处的预期值对其进行了测试： https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-post-example.html，它会产生正确的结果，所以我认为签名本身是可以的。

此外，我已经检查了IAM策略/存储桶策略，并使它们对测试非常不受限制，因此我认为不是这样。我创建了新密钥/用户。

我不确定我的下一步是什么来确定问题所在 - 以前经历过这个问题的人的任何见解都会很棒，我已经陷入了死胡同，不确定如何继续解决问题。

以下是请求：

上传请求：

Request URL: https://s3.amazonaws.com/bucket_xyz
Request Method: POST
Status Code: 403 Forbidden
Remote Address: 52.216.165.93:443
Referrer Policy: no-referrer-when-downgrade
--------------------
Request 
------------------
Content-Type: multipart/form-data; boundary=---- 
WebKitFormBoundary0GCEvRBzhQOryykT
Origin: http://localhost:49797
Referer: http://localhost:49797/?section=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 
(KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36
FormData:
key: 87d384ae-9038-4e26-aff4-70846b1decb9.jpg
Content-Type: image/jpeg
success_action_status: 200
acl: private
x-amz-meta-qqfilename: mel5.jpg
x-amz-algorithm: AWS4-HMAC-SHA256
x-amz-credential: ACCESSKEY/20181003/us-east-1/s3/aws4_request
x-amz-date: 20181003T163015Z

policy:eyJleHBpcmF0aW9uIjoiMjAxOC0xMC0wM1QxNjozNToxNS4yMzVaIiwiY29uZGl0aW9ucyI6W3siYWNsIjoicHJpdmF0ZSJ9LHsiYnVja2V0Ijoic2R2YXVsdHMtdGVzdCJ9LHsiQ29udGVudC1UeXBlIjoiaW1hZ2UvanBlZyJ9LHsic3VjY2Vzc19hY3Rpb25fc3RhdHVzIjoiMjAwIn0seyJ4LWFtei1hbGdvcml0aG0iOiJBV1M0LUhNQUMtU0hBMjU2In0seyJrZXkiOiI4N2QzODRhZS05MDM4LTRlMjYtYWZmNC03MDg0NmIxZGVjYjkuanBnIn0seyJ4LWFtei1jcmVkZW50aWFsIjoiQUtJQUlNUFpWMktISUozM0JFUkEvMjAxODEwMDMvdXMtZWFzdC0xL3MzL2F3czRfcmVxdWVzdCJ9LHsieC1hbXotZGF0ZSI6IjIwMTgxMDAzVDE2MzAxNVoifSx7IngtYW16LW1ldGEtcXFmaWxlbmFtZSI6Im1lbDUuanBnIn1dfQ==

x-amz-signature: AA16D553ADD17986087A7418525BC4985F05E4BFD392DA30D0B39F1C933C2041

file: (binary)

响应：

Access-Control-Allow-Methods: POST, PUT, DELETE
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Access-Control-Max-Age: 3000
Connection: close
Content-Type: application/xml
Date: Wed, 03 Oct 2018 16:30:15 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-id-2:jws69+sNEZTky7EsMEpUHCdp62x1HurB2schStsp+inwMoBBxL7OPImi2xUmMiZLj2g+FsbAiiE=
x-amz-request-id: 3B58255BDCCA8F5F

错误正文

<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we 
calculated does not match the signature you provided. Check your key and 
signing method.</Message> 
<AWSAccessKeyId>AKIAIMPZV2KHIJ33BERA</AWSAccessKeyId>

<StringToSign>eyJleHBpcmF0aW9uIjoiMjAxOC0xMC0wM1QxNjozNToxNS4yMzVaIiwiY29uZGl0aW9ucyI6W3siYWNsIjoicHJpdmF0ZSJ9LHsiYnVja2V0Ijoic2R2YXVsdHMtdGVzdCJ9LHsiQ29udGVudC1UeXBlIjoiaW1hZ2UvanBlZyJ9LHsic3VjY2Vzc19hY3Rpb25fc3RhdHVzIjoiMjAwIn0seyJ4LWFtei1hbGdvcml0aG0iOiJBV1M0LUhNQUMtU0hBMjU2In0seyJrZXkiOiI4N2QzODRhZS05MDM4LTRlMjYtYWZmNC03MDg0NmIxZGVjYjkuanBnIn0seyJ4LWFtei1jcmVkZW50aWFsIjoiQUtJQUlNUFpWMktISUozM0JFUkEvMjAxODEwMDMvdXMtZWFzdC0xL3MzL2F3czRfcmVxdWVzdCJ9LHsieC1hbXotZGF0ZSI6IjIwMTgxMDAzVDE2MzAxNVoifSx7IngtYW16LW1ldGEtcXFmaWxlbmFtZSI6Im1lbDUuanBnIn1dfQ==</StringToSign><SignatureProvided>AA16D553ADD17986087A7418525BC4985F05E4BFD392DA30D0B39F1C933C2041</SignatureProvided><StringToSignBytes>65 79 4a 6c 65 48 42 70 63 6d 46 30 61 57 39 75 49 6a 6f 69 4d 6a 41 78 4f 43 30 78 4d 43 30 77 4d 31 51 78 4e 6a 6f 7a 4e 54 6f 78 4e 53 34 79 4d 7a 56 61 49 69 77 69 59 32 39 75 5a 47 6c 30 61 57 39 75 63 79 49 36 57 33 73 69 59 57 4e 73 49 6a 6f 69 63 48 4a 70 64 6d 46 30 5a 53 4a 39 4c 48 73 69 59 6e 56 6a 61 32 56 30 49 6a 6f 69 63 32 52 32 59 58 56 73 64 48 4d 74 64 47 56 7a 64 43 4a 39 4c 48 73 69 51 32 39 75 64 47 56 75 64 43 31 55 65 58 42 6c 49 6a 6f 69 61 57 31 68 5a 32 55 76 61 6e 42 6c 5a 79 4a 39 4c 48 73 69 63 33 56 6a 59 32 56 7a 63 31 39 68 59 33 52 70 62 32 35 66 63 33 52 68 64 48 56 7a 49 6a 6f 69 4d 6a 41 77 49 6e 30 73 65 79 4a 34 4c 57 46 74 65 69 31 68 62 47 64 76 63 6d 6c 30 61 47 30 69 4f 69 4a 42 56 31 4d 30 4c 55 68 4e 51 55 4d 74 55 30 68 42 4d 6a 55 32 49 6e 30 73 65 79 4a 72 5a 58 6b 69 4f 69 49 34 4e 32 51 7a 4f 44 52 68 5a 53 30 35 4d 44 4d 34 4c 54 52 6c 4d 6a 59 74 59 57 5a 6d 4e 43 30 33 4d 44 67 30 4e 6d 49 78 5a 47 56 6a 59 6a 6b 75 61 6e 42 6e 49 6e 30 73 65 79 4a 34 4c 57 46 74 65 69 31 6a 63 6d 56 6b 5a 57 35 30 61 57 46 73 49 6a 6f 69 51 55 74 4a 51 55 6c 4e 55 46 70 57 4d 6b 74 49 53 55 6f 7a 4d 30 4a 46 55 6b 45 76 4d 6a 41 78 4f 44 45 77 4d 44 4d 76 64 58 4d 74 5a 57 46 7a 64 43 30 78 4c 33 4d 7a 4c 32 46 33 63 7a 52 66 63 6d 56 78 64 57 56 7a 64 43 4a 39 4c 48 73 69 65 43 31 68 62 58 6f 74 5a 47 46 30 5a 53 49 36 49 6a 49 77 4d 54 67 78 4d 44 41 7a 56 44 45 32 4d 7a 41 78 4e 56 6f 69 66 53 78 37 49 6e 67 74 59 57 31 36 4c 57 31 6c 64 47 45 74 63 58 46 6d 61 57 78 6c 62 6d 46 74 5a 53 49 36 49 6d 31 6c 62 44 55 75 61 6e 42 6e 49 6e 31 64 66 51 3d 3d</StringToSignBytes><RequestId>3B58255BDCCA8F5F</RequestId><HostId>jws69+sNEZTky7EsMEpUHCdp62x1HurB2schStsp+inwMoBBxL7OPImi2xUmMiZLj2g+FsbAiiE=</HostId></Error>

更多信息：

在发布到 S3 之前，下面是对服务器终端节点的请求/响应以获取签名。

POST handler.ashx?op=getSignature&v4=true

请求

Pragma  : no-cache
Origin  : http://localhost:49797
Accept-Encoding ; gzip, deflate, br
Host; localhost:49797
Accept-Language:    en-US,en;q=0.9
User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 
(KHTML, like Gecko) Chrome/69.0.3497.100
Safari/537.36
Content-Type : application/json; charset=UTF-8
Accept:  application/json
Cache-Control : no-cache
X-Requested-With : XMLHttpRequest
Cookie  :
Connection : keep-alive
Referer  : http://localhost:12455/?section=3
Content-Length  : 403
{"expiration":"2018-10-03T16:35:15.235Z","conditions":[{"acl":"private"}, 
{"bucket":"xyz"},
{"Content-Type":"image/jpeg"},{"success_action_status":"200"},{"x-amz-algorithm":"AWS4-HMAC-SHA256"},{"key":"87d384ae-9038-4e26-aff4-70846b1decb9.jpg"},{"x-amz-credential":"ACCESSKEY/20181003/us-east-1/s3/aws4_request"},{"x-amz-date":"20181003T163015Z"},{"x-amz-meta-qqfilename":"mel5.jpg"}]

}

响应

{"policy":"eyJleHBpcmF0aW9uIjoiMjAxOC0xMC0wM1QxNjozNToxNS4yMzVaIiwiY29uZGl0aW9ucyI6W3siYWNsIjoicHJpd mF0ZSJ9LHsiYnVja2V0Ijoic2R2YXVsdHMtdGVzdCJ9LHsiQ29udGVudC1UeXBlIjoiaW1hZ2UvanBlZyJ9LHsic3VjY2Vzc19hY 3Rpb25fc3RhdHVzIjoiMjAwIn0seyJ4LWFtei1hbGdvcml0aG0iOiJBV1M0LUhNQUMtU0hBMjU2In0seyJrZXkiOiI4N2QzODRhZ S05MDM4LTRlMjYtYWZmNC03MDg0NmIxZGVjYjkuanBnIn0seyJ4LWFtei1jcmVkZW50aWFsIjoiQUtJQUlNUFpWMktISUozM0JFU kEvMjAxODEwMDMvdXMtZWFzdC0xL3MzL2F3czRfcmVxdWVzdCJ9LHsieC1hbXotZGF0ZSI6IjIwMTgxMDAzVDE2MzAxNVoifSx7IngtYW16LW1ldGEtcXFmaWxlbmFtZSI6Im1lbDUuanBnIn1dfQ ==","signature": "AA16D553ADD17986087A7418525BC4985F05E4BFD392DA30D0B39F1C933C2041"}

Javascript：

uploader = (<any>$(container)).fineUploaderS3({
button: null,
debug: true, 
retry: {
enableAuto: false 
},
signature: {
endpoint: signatureEndPoint,
version: 4
},
uploadSuccess: {
endpoint: successEndPoint,
params: {
}
},
chunking: {
enabled: false
},
resume: {
enabled: false
},
deleteFile: {
enabled: false
endpoint: deleteFileEndPoint
},
autoUpload: false,
maxConnections: 1,
text: {
cancelButton: 'Remove file from the Queue'
},
request: {
endpoint: https://s3.amazonaws.com/"+bucket,
accessKey: accessKey
},
dragAndDrop: {
disableDefaultDropzone: true,
hideDropzones: false
},
editFilename: {
enabled: true
},
objectProperties: {
key: "uuid"
}
}).on('validateBatch', function () {
}).on('submitted', function () {

}).on('progress', function () {
}).on('cancel', function () {
});

如果这对其他人有帮助 - 我发现我的代码存在问题 - AWS4 需要小写签名字符串 - 一旦将生成的十六进制字符串转换为小写，问题就解决了。

AWS4 - FineUploader S3 上传简单文件 - 请求签名不匹配错误 - 指南

相关内容

最新更新

热门标签：