问题

我正在尝试从Google Cloud获取一个已签名的URL，以便我们可以上传文档。

根据https://cloud.google.com/storage/docs/access-control/signing-urls-with-helpers#storage-signed-url-object-go，我使用私钥对请求进行签名，得到一个类似于以下的URL：

https://storage.googleapis.com/yyy-vv-upload-xxx/aa41dcaed3a24f65b8d5a9ac94b4c0a6?X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Credential=xxx-assets-gcs-yyy-devops%40yyy-devops.iam.gserviceaccount.com%2F20226667%2Fauto%2Fstorage%2Fgoog4_request&X-Goog-Date=20221227T183246Z&X-Goog-Expires=899&X-Goog-Signature=260b2e695999ccdea5d5d5e46f0f83d204609dbfc0efcdf1fa8381b9ec748eacad36b525e695c6fc2fb02277a56e3c10674a75de2ba83c668c2052a89192345ddbdd0fe841ea28dc7df01648f2ca420b43d6fa162540e1c34865847d34c832ded157f2ec58bd8d57c47eef32d632ff02dc1927dc94f7509795e78c357dc556e2c96ea8e86dfb5015c796627f327caf04f45560bad4d5cdb714c5bc97d442cbc87639f44b2a102ce9d9a3fc83e81bcaf9fde38ce56efd02decd3fe8a1cf5fc823e46c85b39d7ada41618993e80b5c2e61a0380d403d0d6763310350ab1cf22d539c80fdaafc2320cbdeb3f1e7c21b4c40e3dc8889b348f67573852d5e7986167e&X-Goog-SignedHeaders=host

但是，当我在浏览器中加载它时，我得到以下错误：

<Error>
<Code>SignatureDoesNotMatch</Code>
<Message>The request signature we calculated does not match the signature you provided. Check your Google secret key and signing method.</Message>
<StringToSign>GOOG4-RSA-SHA256 20221227T183246Z 20221227/auto/storage/goog4_request 78f5677e7572233dc56657f7b055601eee26e7913bb6426194c888367c521990</StringToSign>
<CanonicalRequest>GET /yyy-vv-upload-xxx/aa41dcaed3a24f65b8d5a9ac94b4c0a6 X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Credential=xxx-assets-gcs-yyy-devops%40yyy-devops.iam.gserviceaccount.com%2F20221227%2Fauto%2Fstorage%2Fgoog4_request&X-Goog-Date=20221227T183246Z&X-Goog-Expires=899&X-Goog-SignedHeaders=host host:storage.googleapis.com host UNSIGNED-PAYLOAD</CanonicalRequest>
</Error>

你有什么建议吗？

英文:

I am attempting to get a signed url from Google cloud where we can upload a document.

func GetSignedURL(bucketName string, objectName string) string {
	ctx := context.Background()
	// Get a connection to gcloud
	client, err := storage.NewClient(ctx, option.WithCredentialsFile(config.GetSettings().GoogleCloudKey))
	if err != nil {
		msg := err.Error() + &quot; @ &quot; + whereami.WhereAmI() + &quot; on &quot; + helpers.GetTimeInTimezone()
		panic(msg)
	}
	defer client.Close()

	opts := &amp;storage.SignedURLOptions{
		Scheme:     storage.SigningSchemeV4,
		Method:     &quot;PUT&quot;,
		PrivateKey: []byte(getPrivateKey()), //&lt;- a Google service account private key, obtainable from the Google Developers Console
		Expires:    time.Now().Add(15 * time.Minute),
		Insecure:   false,
	}
	//Use connection to get url
	url, err := client.Bucket(bucketName).SignedURL(objectName, opts)
	if err != nil {
		msg := err.Error() + &quot; @ &quot; + whereami.WhereAmI() + &quot; on &quot; + helpers.GetTimeInTimezone()
		panic(msg)
	}

	return url
}

Per https://cloud.google.com/storage/docs/access-control/signing-urls-with-helpers#storage-signed-url-object-go
I do sign the request with my Private key, I get a url similar to this:

https://storage.googleapis.com/yyy-vv-upload-xxx/aa41dcaed3a24f65b8d5a9ac94b4c0a6?X-Goog-Algorithm=GOOG4-RSA-SHA256&amp;X-Goog-Credential=xxx-assets-gcs-yyy-devops%40yyy-devops.iam.gserviceaccount.com%2F20226667%2Fauto%2Fstorage%2Fgoog4_request&amp;X-Goog-Date=20221227T183246Z&amp;X-Goog-Expires=899&amp;X-Goog-Signature=260b2e695999ccdea5d5d5e46f0f83d204609dbfc0efcdf1fa8381b9ec748eacad36b525e695c6fc2fb02277a56e3c10674a75de2ba83c668c2052a89192345ddbdd0fe841ea28dc7df01648f2ca420b43d6fa162540e1c34865847d34c832ded157f2ec58bd8d57c47eef32d632ff02dc1927dc94f7509795e78c357dc556e2c96ea8e86dfb5015c796627f327caf04f45560bad4d5cdb714c5bc97d442cbc87639f44b2a102ce9d9a3fc83e81bcaf9fde38ce56efd02decd3fe8a1cf5fc823e46c85b39d7ada41618993e80b5c2e61a0380d403d0d6763310350ab1cf22d539c80fdaafc2320cbdeb3f1e7c21b4c40e3dc8889b348f67573852d5e7986167e&amp;X-Goog-SignedHeaders=host

When I load it in a browser I get the following:

&lt;Error&gt;
&lt;Code&gt;SignatureDoesNotMatch&lt;/Code&gt;
&lt;Message&gt;The request signature we calculated does not match the signature you provided. Check your Google secret key and signing method.&lt;/Message&gt;
&lt;StringToSign&gt;GOOG4-RSA-SHA256 20221227T183246Z 20221227/auto/storage/goog4_request 78f5677e7572233dc56657f7b055601eee26e7913bb6426194c888367c521990&lt;/StringToSign&gt;
&lt;CanonicalRequest&gt;GET /yyy-vv-upload-xxx/aa41dcaed3a24f65b8d5a9ac94b4c0a6 X-Goog-Algorithm=GOOG4-RSA-SHA256&amp;X-Goog-Credential=xxx-assets-gcs-yyy-devops%40yyy-devops.iam.gserviceaccount.com%2F20221227%2Fauto%2Fstorage%2Fgoog4_request&amp;X-Goog-Date=20221227T183246Z&amp;X-Goog-Expires=899&amp;X-Goog-SignedHeaders=host host:storage.googleapis.com host UNSIGNED-PAYLOAD&lt;/CanonicalRequest&gt;
&lt;/Error&gt;

Any advice?

答案1

得分: 1

错误信息完全误导人，它应该抱怨HTTP方法。一旦我将生成的URL放入Postman并进行PUT请求，它就可以工作了。我可以上传一张金鱼的图片。上面的错误是由GET请求生成的。

英文:

The error is completely misleading, it should have complained about the http method. Once I put the generated url in Postman and made a PUT request it worked. I could upload an image of a goldfish. The error above is generated for a GET request.

通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库，让每个人都能够通过互相帮助和分享经验来进步。

GCloud 签名不匹配

问题

答案1

你可以通过检查stdout是否有输出来判断是否已经写入。

等同于Go中的curl –data的HTTP请求负载。

如何检测接收到的 JSON 是否有未知字段

为什么Go函数不能返回具有约束类型参数的类型？

What's the correct way to type hint an empty list as a literal in python?

如何在Highcharts Gantt中更改本地化的星期名称

如何在同一个流中使用多个过滤器和映射函数？

如何使用Map/Set来将代码优化到O(n)？

.NET MAUI Android在GitHub Actions上构建失败，错误代码为1。

如何在Playwright视觉比较中屏蔽多个定位器？

在C++中，可以使用可变模板参数来检索类型的内部类型。

selenium.common.exceptions.StaleElementReferenceException: Message: stale element reference: stale element not found

Creating and opening a URL to log in to Website via Basic Auth with Robot Framework/Selenium (Python)

AG Grid 在上下文菜单中以大文本形式打开

发表评论