我正在尝试使用预签名 url 将图像从我的 iPhone 应用程序上传到 S3。 AWS最终没有答案。
第 1 步:iPhone 向服务器发送请求以获取 S3 链接以上传图片
{
randomKey = "EJg=";
"signed_request" = "https://as-profile.s3.amazonaws.com/EJg%3Dios_1442061863.jpg?AWSAccessKeyId=AKIXXXXXSWPIXXXXXNXQ&Expires=1442062152&Signature=L%2BMq%2FLMXXXXXXXXzmvyGXXXXXzU%3D";
url = "https://as-profile.s3.amazonaws.com/EJg%3Dios_1442061863.jpg";
}
第 2 步:使用“signed_request”值我尝试使用“PUT”方法将图像上传到 S3
NSURL *url = [NSURL URLWithString:dict[@"signed_request"]];
// adding signed_request
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url];
[request setHTTPBody:imgData];
[request setValue:@"public-read" forHTTPHeaderField:@"x-amz-acl"];
[request setValue:@"image/jpeg" forHTTPHeaderField:@"Content-Type"];
[request setHTTPMethod:@"PUT"];
NSURLSessionDataTask *task1 = [self.session dataTaskWithRequest:request completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
NSError *err;
NSString *dataString = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
//
NSLog(@"data = %@", dataString);
}];
[task1 resume];
//服务器响应
{ status code: 403, headers { URL: https://as-profile.s3.amazonaws.com/EJg%3Dios_1442061863.jpg?AWSAccessKeyId=AKIXXXXXSWPIXXXXXNXQ&Expires=1442062152&Signature=L%2BMq%2FLMXXXXXXXXzmvyGXXXXXzU%3D } { status code: 403, headers {
Connection = close;
"Content-Type" = "application/xml";
Date = "Sat, 12 Sep 2015 12:44:30 GMT";
Server = AmazonS3;
"Transfer-Encoding" = Identity;
"x-amz-id-2" = "mmKNUnKaR5bA4AY/odP2iLY4JAdPkFX7kqdCEteU+Lju2py7BC909ME+Z7+QQMM0Tq64UWtlgCQ=";
"x-amz-request-id" = 3AE1557722FFB82F;
} }
//我收到的数据
<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><AWSAccessKeyId>AKIXXXXXSWPIXXXXXNXQ</AWSAccessKeyId><StringToSign>PUT
image/jpeg
1442062152
x-amz-acl:public-read
/as-profile/EJg%3Dios_1442061863.jpg</StringToSign><SignatureProvided>L+Mq/LM2LWlBA8TzmvyGt19AJzU=</SignatureProvided><StringToSignBytes>50 55 54 0a 0a 69 6d 61 67 65 2f 6a 70 65 67 0a 31 34 34 32 30 36 32 31 35 32 0a 78 2d 61 6d 7a 2d 61 63 6c 3a 70 75 62 6c 69 63 2d 72 65 61 64 0a 2f 61 73 2d 70 72 6f 66 69 6c 65 2f 45 4a 67 25 33 44 69 6f 73 5f 31 34 34 32 30 36 31 38 36 33 2e 6a 70 67</StringToSignBytes><RequestId>3AE1557722FFB82F</RequestId><HostId>mmKNUnKaR5bA4AY/odP2iLY4JAdPkFX7kqdCEteU+Lju2py7BC909ME+Z7+QQMM0Tq64UWtlgCQ=</HostId></Error>
最佳答案
我无法在您的代码中找到错误;但是,正如响应所述,您的 SignatureDoesNotMatch 是预期值。没有 secret 密码,无法进入 secret 俱乐部。从基础开始,然后缩小细节:
- 验证您使用的是正确的 ID、签名等 key 对
- 验证 key 集是否适用于正确的 AWS/S3 帐户(不跨越从 Dev 到 Prod 等的 channel )
- 验证连接到这些 key 的 AWS 账户有权访问您的目标 S3 容器
- 验证 AWS 账户位于正确的区域,并且请求将发送到该区域
- 确保您定位到 latest S3 API
- 尝试从另一个客户端平台(浏览器、控制台、REST 工具)复制请求以查看错误是否是特定于平台的
- Check the algorithm您正在使用生成签名以确保其正常工作
- 寻找 common coding mistakes组装您的请求以确保您的请求格式正确(例如 URL/空白编码、保留的 XML 字符)
- 关注 AWS Troubleshooting Guide
- 如果没有发现错误,不排除 it could be a bug on Amazon's side并考虑提交错误报告或打开支持案例。
关于ios - 使用预签名的 url 将图像上传到 s3 总是返回 403 错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/32539186/