英文:
Upload file by .NetCore and Angular On S3 - The request signature we calculated does not match the signature you provided. Check your key and
问题
我想在.NetCore和Angular上通过S3上传图像,实际上我想在后端使用密钥和秘密密钥创建一个带签名的URL,然后我想通过后端生成的URL在Angular中上传文件。
我的后端代码在.NET中如下:
public ServiceResponse GetPreSigned(FileCategory prepend, string append = null){var mediaId = Guid.NewGuid();var config = new AmazonS3Config{SignatureVersion = "v4",RegionEndpoint = RegionEndpoint.USEast1,ServiceURL = _config.LIARA_ENDPOINT};var amazonS3Client = new AmazonS3Client(_config.LIARA_ACCESS_KEY, _config.LIARA_SECRET_KEY, config);Amazon.S3.Model.GetPreSignedUrlRequest ccc = new Amazon.S3.Model.GetPreSignedUrlRequest(){BucketName = _config.LIARA_BUCKET_NAME,Key = GenerateResourceKey(mediaId, prepend.ToString(), append),Expires = DateTime.Now.AddMinutes(30),Verb = HttpVerb.PUT,};return new GetMediaPostRequestSuccess{MediaKey = GenerateResourceKey(mediaId, prepend.ToString(), append),BucketUri = amazonS3Client.GetPreSignedURL(ccc)};}
而Angular的代码如下:
uploadFile(file: any, preSignedUrl: GetMediaPostRequestSuccess): Observable<HttpEvent<any>> {const formData: FormData = new FormData();formData.append('file', file);// 通过签名URL上传文件return this._http.put(preSignedUrl.bucketUri, formData, {headers: { 'dont-modify-this-one': '' }, // 避免被拦截器添加授权头observe: 'events'});}
我收到以下响应消息:
我们计算的请求签名与您提供的签名不匹配。请检查您的密钥和签名方法。
此外,这是我的请求参数:
我认为我在请求头中漏掉了一些东西,比如授权。
我可以使用GetPreSignedURL来上传文件吗?GetPreSignedURL负责签名和所有安全问题吗?
英文:
I want to upload an image on S3 by .NetCore and Angular, Actually I want to create a signed URL with the key and the secret key and ... in the backend, and then I want to upload the file in the angular by the generated URL in the backend
my backend code in .net :
public ServiceResponse GetPreSigned(FileCategory prepend, string append = null){var mediaId = Guid.NewGuid();var config = new AmazonS3Config{SignatureVersion = "v4",RegionEndpoint = RegionEndpoint.USEast1,ServiceURL = _config.LIARA_ENDPOINT};var amazonS3Client = new AmazonS3Client(_config.LIARA_ACCESS_KEY, _config.LIARA_SECRET_KEY, config);Amazon.S3.Model.GetPreSignedUrlRequest ccc = new Amazon.S3.Model.GetPreSignedUrlRequest(){BucketName = _config.LIARA_BUCKET_NAME,Key = GenerateResourceKey(mediaId, prepend.ToString(), append),Expires = DateTime.Now.AddMinutes(30),Verb = HttpVerb.PUT,};return new GetMediaPostRequestSuccess{MediaKey = GenerateResourceKey(mediaId, prepend.ToString(), append),BucketUri = amazonS3Client.GetPreSignedURL(ccc)};}
and the angular code is :
uploadFile(file: any, preSignedUrl: GetMediaPostRequestSuccess): Observable<HttpEvent<any>> {const formData: FormData = new FormData();formData.append('file', file);// Upload file by using the signed URLreturn this._http.put(preSignedUrl.bucketUri, formData, {headers: { 'dont-modify-this-one': ''}, // To Avoid Add Autorization Header by Intercepterobserve: 'events'})
and I got the below message as a response :
The request signature we calculated does not match the signature you provided. Check your key and signing method.
also this is my request params :
I think I missed something in the request header like Authorization.
Can I use GetPreSignedURL to upload a file? is GetPreSignedURL responsible for signature and all security issues?
答案1
得分: 0
Setting ContentType in GetPreSignedUrlRequest, solved the problem
Amazon.S3.Model.GetPreSignedUrlRequest config = new Amazon.S3.Model.GetPreSignedUrlRequest()
{
BucketName = _config.LIARA_BUCKET_NAME,
Key = GenerateResourceKey(mediaId, request.FileCategory.ToString(), request.Append ),
Expires = DateTime.Now.AddDays(30),
Verb = HttpVerb.PUT,
ContentType = string.IsNullOrEmpty(request.FileType) ? "application/octet-stream" : request.FileType
};
return amazonS3Client.GetPreSignedURL(config);
Also on the client side, we don't need to pass the formData, just pass the file as payload
uploadFile(file: any, preSignedUrl: GetMediaPostRequestSuccess):
Observable<HttpEvent
return this._http.put(preSignedUrl.bucketUri, file, {
headers: {
'dont-modify-this-one': '',
'Content-Type': file.type !== '' ? file.type : 'application/octet-stream'
},
reportProgress: true,
observe: 'events'
})
}
英文:
Setting ContentType in GetPreSignedUrlRequest, solved the problem
Amazon.S3.Model.GetPreSignedUrlRequest config = new Amazon.S3.Model.GetPreSignedUrlRequest(){BucketName = _config.LIARA_BUCKET_NAME,Key = GenerateResourceKey(mediaId, request.FileCategory.ToString(), request.Append ),Expires = DateTime.Now.AddDays(30),Verb = HttpVerb.PUT,ContentType = string.IsNullOrEmpty(request.FileType) ? "application/octet-stream" : request.FileType};return amazonS3Client.GetPreSignedURL(config);
Also on the client side, we don't need to pass the formData, just pass the file as payload
uploadFile(file: any, preSignedUrl: GetMediaPostRequestSuccess):Observable<HttpEvent<any>> {return this._http.put(preSignedUrl.bucketUri, file, {headers: {'dont-modify-this-one': '','Content-Type': file.type !== '' ? file.type : application/octet-stream'},reportProgress: true,observe: 'events'})
}
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论