我们目前无法使用AWS PHP SDK v.3.36从S3下载对象。通过GetObject方法。
我们看到以下错误:
Error executing "GetObject" on "<object path>";
AWS HTTP error: Client error: `GET <object path>` resulted in a `403 Forbidden` response:
<?xml version="1.0" encoding="UTF-8"?>
<Error>
<Code>SignatureDoesNotMatch</Code>
<Message>The request signature we calcul (truncated...) SignatureDoesNotMatch (client): The request signature we calculated does not match the signature you
provided. Check your key and signing method.
- <?xml version="1.0" encoding="UTF-8"?>
<Error>
<Code>SignatureDoesNotMatch</Code>
<Message>The request signature we calculated does not match the signature you provided.
Check your key and signing method.
<remaining message redacted>
S3客户端设置:
public function __construct($key, $secret, $region='us-east-1') {
$this->key = $key;
$this->secret = $secret;
$this->handler = new S3Client([
'credentials' => [
'key' => $key,
'secret' => $secret
],
'region' =>$region,
'version' => '2006-03-01'
]);
}
调用GetObject方法:
public function getFile($bucket, $sourcefile, $saveToDestination = null) {
$getarray = array(
'Bucket' => $bucket,
'Key' => $sourcefile,
);
if ($saveToDestination) {
$getarray['SaveAs'] = $saveToDestination;
}
return $this->handler->getObject($getarray);
}
对于有问题的IAM用户,提供了对S3的完全访问权限,并且已经验证了上面使用的凭据。
IAM政策(AmazonS3FullAccess):
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": "*"
}
]
}
事实证明,在AWS PHP SDK的v3中,如果在提供的bucket和关键参数之间有额外的bucket子路径,则会出现此故障。
以下代码被添加到调用上述getFile方法的方法中:
protected function getS3File($s3_bucket, $s3_key){
/// if the bucket contains additional paths, S3 will choke
if (strpos($s3_bucket, '/')!==false){
$paths = explode('/', $s3_bucket);
$s3_bucket = array_shift($paths);
/// so prepend them to the key!
$s3_key=implode('/', $paths) .'/'.$s3_key;
}
return $this->makeTempFile($this->s3Handler->getFileContents($s3_bucket, $s3_key));
}
做了一些挖掘,发现了这个。两者之一:a) api密钥不正确或
b) 请求或中未提供Content-Length标头
c) 请求URI中的非UTF-8编码字符串值。
希望这能帮上忙。