Brightcove AWS S3 上传在 Coldfusion 中返回 InvalidAccessKeyId

<Error>
<Code>InvalidAccessKeyId</Code>
<Message>The AWS Access Key Id you provided does not exist in our records.</Message>
<AWSAccessKeyId>ASIAJSDFW27523RELDJA</AWSAccessKeyId>
<RequestId>22F0A23F675424D0</RequestId>
<HostId>3ozDoKHMzf00wlsdfA0hsdfWDrzy21c0xqxwOwd1BJo8MqSouPZU</HostId>
</Error>

对于访问KeyID，我使用GET返回的值access_key_id https://ingest.api.brightcove.com/v1/accounts/{ACCOUNT_ID}/videos/{VIDEO_ID}/upload-urls/{SOURCE_NAME}

由于我想使用分段上传，因此我遵循了以下 URL 提供的指南。 http://blog.tcs.de/coldfusion-amazon-s3-upload-via-form-post-example/https://aws.amazon.com/items/1434?externalID=1434

使用 S3.cfc 来自 https://github.com/joedanz/cf-amazon-s3

对于策略：

{"expiration": {add 1 day to now}",
"conditions": [
{"bucket": bucket-name-from-brightcove},
["starts-with", "$key", "uploads/"],
{"acl": "authenticated-read"},
{"success_action_redirect": "my-server-redirect-url"},
["starts-with", "$Content-Type", "#mData.fileType#"],
["content-length-range", 0, #mData.fileSize#]
]
}

我的CF代码：

rStruct['policy'] = ToBase64(s3policy);
s3 = createObject("component", 's3').init('access_key_id-from-brightcove','secret_access_key-from-brightcove');
rStruct['signature'] = s3.createSignature(rStruct['policy']);
rStruct['auth'] = 'authenticated-read';
rStruct['s3URL'] = 'https://bucket-name-from-brightcove.s3.amazonaws.com/';   
rStruct['s3redirectURL'] = 'my-server-redirect-url';

我的表单如下：(我正在用jquery替换隐藏字段值(

<form name="dlgform" id="dlgform" method="post" enctype="multipart/form-data" action="" target="submitDialog_submitFrame">
<input type="hidden" name="key" id="key" value="uploads/${filename}">
<input type="hidden" name="AWSAccessKeyId" id="AWSAccessKeyId" value="access_key_id-from-brightcove">
<input type="hidden" name="acl" id="acl" value="authenticated-read">
<input type="hidden" name="success_action_redirect" id="success_action_redirect" value="">
<input type="hidden" name="policy" id="policy" value="rStruct['policy']">
<input type="hidden" name="signature" id="signature" value="rStruct['signature']">
<input type="hidden" name="Content-Type" id="Content-Type" value="file-content-type">
File: <input type="file" name="file" />
<input type="submit" name="submit" value="Upload to Amazon S3" />
</form>

以字符开头的访问密钥 IDASIA与 STS 中的临时凭证相关联，并且始终具有随附的X-Amz-Security-Token，必须嵌入到由这些凭证签名的任何请求中。

如果请求中未嵌入此令牌，AWS 终端节点甚至无法识别访问密钥 ID，并且预计会出现does not exist in our records错误。

http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html

此错误与签名版本 4 无关。它还会影响签名版本 2，这是问题中的代码正在使用的内容。

相关内容

最新更新

热门标签：