英文:
GCloud SignatureDoesNotMatch
问题
我正在尝试从Google Cloud获取一个已签名的URL,以便我们可以上传文档。
根据https://cloud.google.com/storage/docs/access-control/signing-urls-with-helpers#storage-signed-url-object-go,我使用私钥对请求进行签名,得到一个类似于以下的URL:
但是,当我在浏览器中加载它时,我得到以下错误:
<Error>
<Code>SignatureDoesNotMatch</Code>
<Message>The request signature we calculated does not match the signature you provided. Check your Google secret key and signing method.</Message>
<StringToSign>GOOG4-RSA-SHA256 20221227T183246Z 20221227/auto/storage/goog4_request 78f5677e7572233dc56657f7b055601eee26e7913bb6426194c888367c521990</StringToSign>
<CanonicalRequest>GET /yyy-vv-upload-xxx/aa41dcaed3a24f65b8d5a9ac94b4c0a6 X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Credential=xxx-assets-gcs-yyy-devops%40yyy-devops.iam.gserviceaccount.com%2F20221227%2Fauto%2Fstorage%2Fgoog4_request&X-Goog-Date=20221227T183246Z&X-Goog-Expires=899&X-Goog-SignedHeaders=host host:storage.googleapis.com host UNSIGNED-PAYLOAD</CanonicalRequest>
</Error>
你有什么建议吗?
英文:
I am attempting to get a signed url from Google cloud where we can upload a document.
func GetSignedURL(bucketName string, objectName string) string {
ctx := context.Background()
// Get a connection to gcloud
client, err := storage.NewClient(ctx, option.WithCredentialsFile(config.GetSettings().GoogleCloudKey))
if err != nil {
msg := err.Error() + " @ " + whereami.WhereAmI() + " on " + helpers.GetTimeInTimezone()
panic(msg)
}
defer client.Close()
opts := &storage.SignedURLOptions{
Scheme: storage.SigningSchemeV4,
Method: "PUT",
PrivateKey: []byte(getPrivateKey()), //<- a Google service account private key, obtainable from the Google Developers Console
Expires: time.Now().Add(15 * time.Minute),
Insecure: false,
}
//Use connection to get url
url, err := client.Bucket(bucketName).SignedURL(objectName, opts)
if err != nil {
msg := err.Error() + " @ " + whereami.WhereAmI() + " on " + helpers.GetTimeInTimezone()
panic(msg)
}
return url
}
Per https://cloud.google.com/storage/docs/access-control/signing-urls-with-helpers#storage-signed-url-object-go
I do sign the request with my Private key, I get a url similar to this:
https://storage.googleapis.com/yyy-vv-upload-xxx/aa41dcaed3a24f65b8d5a9ac94b4c0a6?X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Credential=xxx-assets-gcs-yyy-devops%40yyy-devops.iam.gserviceaccount.com%2F20226667%2Fauto%2Fstorage%2Fgoog4_request&X-Goog-Date=20221227T183246Z&X-Goog-Expires=899&X-Goog-Signature=260b2e695999ccdea5d5d5e46f0f83d204609dbfc0efcdf1fa8381b9ec748eacad36b525e695c6fc2fb02277a56e3c10674a75de2ba83c668c2052a89192345ddbdd0fe841ea28dc7df01648f2ca420b43d6fa162540e1c34865847d34c832ded157f2ec58bd8d57c47eef32d632ff02dc1927dc94f7509795e78c357dc556e2c96ea8e86dfb5015c796627f327caf04f45560bad4d5cdb714c5bc97d442cbc87639f44b2a102ce9d9a3fc83e81bcaf9fde38ce56efd02decd3fe8a1cf5fc823e46c85b39d7ada41618993e80b5c2e61a0380d403d0d6763310350ab1cf22d539c80fdaafc2320cbdeb3f1e7c21b4c40e3dc8889b348f67573852d5e7986167e&X-Goog-SignedHeaders=host
When I load it in a browser I get the following:
<Error>
<Code>SignatureDoesNotMatch</Code>
<Message>The request signature we calculated does not match the signature you provided. Check your Google secret key and signing method.</Message>
<StringToSign>GOOG4-RSA-SHA256 20221227T183246Z 20221227/auto/storage/goog4_request 78f5677e7572233dc56657f7b055601eee26e7913bb6426194c888367c521990</StringToSign>
<CanonicalRequest>GET /yyy-vv-upload-xxx/aa41dcaed3a24f65b8d5a9ac94b4c0a6 X-Goog-Algorithm=GOOG4-RSA-SHA256&X-Goog-Credential=xxx-assets-gcs-yyy-devops%40yyy-devops.iam.gserviceaccount.com%2F20221227%2Fauto%2Fstorage%2Fgoog4_request&X-Goog-Date=20221227T183246Z&X-Goog-Expires=899&X-Goog-SignedHeaders=host host:storage.googleapis.com host UNSIGNED-PAYLOAD</CanonicalRequest>
</Error>
Any advice?
答案1
得分: 1
错误信息完全误导人,它应该抱怨HTTP方法。一旦我将生成的URL放入Postman并进行PUT请求,它就可以工作了。我可以上传一张金鱼的图片。上面的错误是由GET请求生成的。
英文:
The error is completely misleading, it should have complained about the http method. Once I put the generated url in Postman and made a PUT request it worked. I could upload an image of a goldfish. The error above is generated for a GET request.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论