Fineuploader 未设置 x-amz-credentials

Fineuploader not setting x-amz-credentials

前言:在 2013 年底,我的 fineuploader 支持的上传站点以 S3 作为存储运行。亚马逊随后在多处将授权机制升级为V4。所以我决定升级我的fineuploader。

我的问题是它没有发送 x-amz-credentialcors.sendCredentials 是真的。因此,(新下载和调整的)PHP 服务器端显示 undefined variable: credentialcondition。来看看配置和相关代码:

我将 fineUploader 配置为:

var s3Uploader = new qq.s3.FineUploader({
    element: document.getElementById("fineuploader-s3"),
    debug: true,
    request: {
        endpoint: "anonimized-bucket-name.s3.amazonaws.com",
        accessKey: "AKIAANONIMIZEDG4AIYQ"
    },
    cors: {
        expected: true,
        sendCredentials: true
    },
    template: "qq-simple-thumbnails-template",
    signature: {
        endpoint: "index.php?mode=video&formId=3&hash=28120&v4=true"
    },
    uploadSuccess: {
        endpoint: "index.php?mode=video&formId=3&hash=28120&v4=true&success=1"
    },
    iframeSupport: {
        localBlankPagePath: "/include/blank.html"
    },
    chunking: {
        enabled: true
    },
    resume: {
        enabled: true
    },
    deleteFile: {
        enabled: false,
        method: "POST",
        endpoint: "index.php?mode=video&formId=3&hash=28120&v4=true"
    },
    validation: {
        itemLimit: 1000,
        sizeLimit: 5000111000
    },
    thumbnails: {
        placeholders: {
            notAvailablePath: "fu/assets/not_available-generic.png",
            waitingPath: "fu/assets/waiting-generic.png"
        }
    }
});

对我的 PHP 服务器的 POST 请求包含此正文(添加换行符以便于阅读):

{"expiration":"2016-12-22T09:59:32.767Z","conditions":[{"acl":"private"},
{"bucket":"anonimized-bucket-name"},{"Content-Type":"application/pdf"},
{"success_action_status":"200"},{"key":"c7e7c9dc-c4d3-4bec-af52-d3ad34c202ad.pdf"},
{"x-amz-meta-qqfilename":"Adatbazisok_2.pdf"},["content-length-range","0","5000111000"]]}

相关的服务器端代码是(与参考实现相比没有变化):

function signV4Policy($stringToSign, $policyObj) {
    global $clientPrivateKey;
    foreach ($policyObj["conditions"] as $condition) {
        if (isset($condition["x-amz-credential"])) {
            $credentialCondition = $condition["x-amz-credential"];
        }
    }
    $pattern = "/.+\/(.+)\/(.+)\/s3\/aws4_request/";
    preg_match($pattern, $credentialCondition, $matches);
    $dateKey = hash_hmac('sha256', $matches[1], 'AWS4' . $clientPrivateKey, true);
    $dateRegionKey = hash_hmac('sha256', $matches[2], $dateKey, true);
    $dateRegionServiceKey = hash_hmac('sha256', 's3', $dateRegionKey, true);
    $signingKey = hash_hmac('sha256', 'aws4_request', $dateRegionServiceKey, true);
    return hash_hmac('sha256', $stringToSign, $signingKey);
}

错误在 preg_match 行说 undefined variable: cretentialCondition

我收到的示例 policyObj:

array(2) {
  ["expiration"]=>
  string(24) "2016-12-22T09:59:32.767Z"
  ["conditions"]=>
  array(7) {
    [0]=>
    array(1) {
      ["acl"]=>
      string(7) "private"
    }
    [1]=>
    array(1) {
      ["bucket"]=>
      string(12) "anonimized-bucket-name"
    }
    [2]=>
    array(1) {
      ["Content-Type"]=>
      string(15) "application/pdf"
    }
    [3]=>
    array(1) {
      ["success_action_status"]=>
      string(3) "200"
    }
    [4]=>
    array(1) {
      ["key"]=>
      string(40) "c7e7c9dc-c4d3-4bec-af52-d3ad34c202ad.pdf"
    }
    [5]=>
    array(1) {
      ["x-amz-meta-qqfilename"]=>
      string(17) "Adatbazisok_2.pdf"
    }
    [6]=>
    array(3) {
      [0]=>
      string(20) "content-length-range"
      [1]=>
      string(1) "0"
      [2]=>
      string(10) "5000111000"
    }
  }
}

版本:php7,fineuploader 5.11.0(最新),浏览器:Win 7 Firefox 50.1.0(最新)

嗯。我是一个白痴。关键错误:

  • objectProperties.region 必须设置为您的 S3 存储桶的主区域
  • signature.version 必须设置为 4,其中 44,而不是 "4"
  • 我不确定,但我认为你必须将 cors.sendCredentials 设置为 true

这是我找不到然后没能准确遵循的手册:https://blog.fineuploader.com/2015/11/16/fine-uploader-5-4-aws-s3-version-4-signature-support/