I am trying to perform a HTTP PUT to create and update objects while specifying a custom meta-data header. I am having difficulty generating the correct signature while I have no issue generating signatures for other requested operations. Here is my basic bash / CURL example. Let me emphasize, I must see and use Bash and Curl, not leverage s3curl, or other libraries or CLIs in my specific situation:
我正在尝试执行HTTP PUT来创建和更新对象,同时指定自定义元数据头。我无法生成正确的签名,而我没有问题为其他请求的操作生成签名。这是我的基本bash / CURL示例。让我强调一下,我必须看到并使用Bash和Curl,而不是在我的特定情况下利用s3curl或其他库或CLI:
#!/bin/bash
file="$1"
key_id="raanan"
key_secret="my-secret"
url="my-s3-endpoint"
bucket="testbucket"
path="$file"
content_type="application/octet-stream"
date="$(LC_ALL=C date -u +"%a, %d %b %Y %X %z")"
md5="$(openssl md5 -binary < "$file" | base64)"
daheader="x-amz-meta-user:qatester\n"
sig="$(printf "PUT\n$md5\n$content_type\n$date\n$daheader$bucket/$path" |
openssl sha1 -binary -hmac "$key_secret" | base64)"
curl -k -w "@curl-format.txt" -T $file http://my-s3-endpoint/$bucket$path -vv \
-H "Date: $date" \
-H "Authorization: AWS $key_id:$sig" \
-H "Content-Type: $content_type" \
-H "Content-MD5: $md5" \
-H "x-amz-meta-user: qatester"
>>>>HTTP/1.1 403 Forbidden
>>>>?xml version="1.0" encoding="UTF-8" standalone="yes"?><Error>
<Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated
does not match the signature you provided. Check your secret access key and signing method.</Message><Resource></Resource><RequestId></RequestId> </Error>
Am I missing something here?
我在这里错过了什么吗?
Thanks
谢谢
1 个解决方案
#1
1
You appear to be missing the / before the bucket name.
您似乎缺少存储桶名称前面的/。
date\n$daheader$bucket/$path # incorrect
date\n$daheader/$bucket/$path # correct
You are also missing a / after the bucket name in the actual URL you're handing to curl.
您还丢失了要递送到卷曲的实际URL中的存储桶名称后面的/。
curl -k -w "@curl-format.txt" -T $file http://my-s3-endpoint/$bucket$path -vv \ # incorrect
curl -k -w "@curl-format.txt" -T $file http://my-s3-endpoint/$bucket/$path -vv \ # correct
With these two changes, the script works for me.
通过这两个更改,脚本适合我。
Note, also, this is not Signature V4. This is Signature V2.
另请注意,这不是Signature V4。这是Signature V2。
#1
1
You appear to be missing the / before the bucket name.
您似乎缺少存储桶名称前面的/。
date\n$daheader$bucket/$path # incorrect
date\n$daheader/$bucket/$path # correct
You are also missing a / after the bucket name in the actual URL you're handing to curl.
您还丢失了要递送到卷曲的实际URL中的存储桶名称后面的/。
curl -k -w "@curl-format.txt" -T $file http://my-s3-endpoint/$bucket$path -vv \ # incorrect
curl -k -w "@curl-format.txt" -T $file http://my-s3-endpoint/$bucket/$path -vv \ # correct
With these two changes, the script works for me.
通过这两个更改,脚本适合我。
Note, also, this is not Signature V4. This is Signature V2.
另请注意,这不是Signature V4。这是Signature V2。