带有 iOS AWS S3 SDK SignatureDoesNotMatch 的 Minio
Minio with the iOS AWS S3 SDK SignatureDoesNotMatch
我有一个 iOS 应用程序可以从亚马逊的 S3 上传/下载。我想用我自己的 Minio 云替换亚马逊的 S3。
我按照这里的快速教程 https://github.com/minio/minio and I have Minio running on my localhost and I can put files using s3cmd (https://docs.minio.io/docs/s3cmd-with-minio)。
不幸的是,我无法在我的 iOS 应用程序中使用它。
我正在使用 AWS SDK v2.4.16,因此我可以更改端点并将其设为我的本地主机 (http://my-imac.local:9000) 并更新了我的访问密钥和密钥,但我收到 SignatureDoesNotMatch 错误:"The request signature we calculated does not match the signature you provided. Check your key and signing method.".
指向我的本地服务器:
AWSEndpoint *minioEndpoint = [[AWSEndpoint alloc] initWithURLString:@"http://my-imac.local:9000"];
AWSServiceConfiguration *configuration = [[AWSServiceConfiguration alloc] initWithRegion:region
endpoint:minioEndpoint
credentialsProvider:credentialProvider];
[AWSS3 registerS3WithConfiguration:configuration forKey:s3RegionString];
这是我在本地主机上得到的:
time="2017-04-10T23:36:21Z" level=error
msg="{\"method\":\"PUT\",\"path\":\"/mybucket/28AB7D6DCFC44102955EBC0AEFF6E4E2-20170407161228839-0700/foo_28AB7D6DCFC44102955EBC0AEFF6E4E2-20170407161228839-0700_v2.json_bin\",\"query\":\"\",\"header\":{\"Accept\":[\"/\"],\"Accept-Encoding\":[\"gzip,
deflate\"],\"Accept-Language\":[\"en-us\"],\"Authorization\":[\"AWS4-HMAC-SHA256
Credential=LNTXV0YMMZ9SY7MD0ACZ/20170410/us-east-1/s3/aws4_request,
SignedHeaders=content-length;content-type;host;user-agent;x-amz-date,
Signature=7b2f4172dd926ba84c7edba5170028e0f9361bd8a656ad8f01c7e232f585ab31\"],\"Connection\":[\"keep-alive\"],\"Content-Length\":[\"282416\"],\"Content-Type\":[\"application/octet-stream\"],\"Host\":[\"my-imac.local\"],\"User-Agent\":[\"aws-sdk-iOS/2.4.16
iPhone-OS/9.1 en_US\"],\"X-Amz-Date\":[\"20170410T233620Z\"]}}"
cause="Signature does not match"
source="[object-handlers.go:472:objectAPIHandlers.PutObjectHandler()]"
iOS 方:
请求headers是:
{
Authorization = "AWS4-HMAC-SHA256 Credential=LNTXV0YMMZ9SY7MD0ACZ/20170410/us-east-1/s3/aws4_request, SignedHeaders=content-length;content-type;host;user-agent;x-amz-date, Signature=454c8bad35bdd3a15a08c9bf555fc69f1d5c0dabad78a474eabd4d844ca69aef";
"Content-Length" = 282416;
"Content-Type" = "application/octet-stream";
Host = "my-imac.local";
"User-Agent" = "aws-sdk-iOS/2.4.16 iPhone-OS/9.1 en_US";
"X-Amz-Date" = 20170410T233622Z;
}
回复:
2017-04-10 16:36:22.507 demo[7969:4711709] AWSiOSSDK v2.4.16 [Debug] AWSURLSessionManager.m line:566 | -[AWSURLSessionManager printHTTPHeadersForResponse:] | Response headers:
{
"Accept-Ranges" = bytes;
Connection = close;
"Content-Type" = "application/xml";
Date = "Mon, 10 Apr 2017 23:36:22 GMT";
Server = "Minio/RELEASE.2017-03-16T21-50-32Z (linux; amd64)";
"Transfer-Encoding" = Identity;
Vary = Origin;
"X-Amz-Request-Id" = 14B42D7AE5B09A2B;
}
请替换accessKey、secretKey和url,根据需要更改区域,服务必须设置为.S3
(如果在url中输入xxxx:9000,AWSS3会自动去掉端口号,目前只支持全url不带端口,所以请确保你有到9000端口的域映射,你可能需要参考这个Setup Nginx proxy with Minio Server)
let accessKey = "XXXXXXX"
let secretKey = "XXXXXXX"
let credentialsProvider = AWSStaticCredentialsProvider(accessKey: accessKey, secretKey: secretKey)
let configuration = AWSServiceConfiguration(region: .USEast1, endpoint: AWSEndpoint(region: .USEast1, service: .S3, url: URL(string:"XXXXXX")),credentialsProvider: credentialsProvider)
AWSServiceManager.default().defaultServiceConfiguration = configuration
let S3BucketName = "images"
let remoteName = "test.jpg"
let fileURL = URL(fileURLWithPath: NSTemporaryDirectory()).appendingPathComponent(remoteName)
let image = UIImage(named: "test")
let data = UIImageJPEGRepresentation(image!, 0.9)
do {
try data?.write(to: fileURL)
}
catch {}
let uploadRequest = AWSS3TransferManagerUploadRequest()!
uploadRequest.body = fileURL
uploadRequest.key = remoteName
uploadRequest.bucket = S3BucketName
uploadRequest.contentType = "image/jpeg"
uploadRequest.acl = .publicRead
let transferManager = AWSS3TransferManager.default()
transferManager.upload(uploadRequest).continueWith { (task: AWSTask<AnyObject>) -> Any? in
...
}
注意您还需要应用以下更改才能使其完全正常工作https://github.com/aws/aws-sdk-ios/pull/638
我有一个 iOS 应用程序可以从亚马逊的 S3 上传/下载。我想用我自己的 Minio 云替换亚马逊的 S3。
我按照这里的快速教程 https://github.com/minio/minio and I have Minio running on my localhost and I can put files using s3cmd (https://docs.minio.io/docs/s3cmd-with-minio)。
不幸的是,我无法在我的 iOS 应用程序中使用它。
我正在使用 AWS SDK v2.4.16,因此我可以更改端点并将其设为我的本地主机 (http://my-imac.local:9000) 并更新了我的访问密钥和密钥,但我收到 SignatureDoesNotMatch 错误:"The request signature we calculated does not match the signature you provided. Check your key and signing method.".
指向我的本地服务器:
AWSEndpoint *minioEndpoint = [[AWSEndpoint alloc] initWithURLString:@"http://my-imac.local:9000"];
AWSServiceConfiguration *configuration = [[AWSServiceConfiguration alloc] initWithRegion:region
endpoint:minioEndpoint
credentialsProvider:credentialProvider];
[AWSS3 registerS3WithConfiguration:configuration forKey:s3RegionString];
这是我在本地主机上得到的:
time="2017-04-10T23:36:21Z" level=error msg="{\"method\":\"PUT\",\"path\":\"/mybucket/28AB7D6DCFC44102955EBC0AEFF6E4E2-20170407161228839-0700/foo_28AB7D6DCFC44102955EBC0AEFF6E4E2-20170407161228839-0700_v2.json_bin\",\"query\":\"\",\"header\":{\"Accept\":[\"/\"],\"Accept-Encoding\":[\"gzip, deflate\"],\"Accept-Language\":[\"en-us\"],\"Authorization\":[\"AWS4-HMAC-SHA256 Credential=LNTXV0YMMZ9SY7MD0ACZ/20170410/us-east-1/s3/aws4_request, SignedHeaders=content-length;content-type;host;user-agent;x-amz-date, Signature=7b2f4172dd926ba84c7edba5170028e0f9361bd8a656ad8f01c7e232f585ab31\"],\"Connection\":[\"keep-alive\"],\"Content-Length\":[\"282416\"],\"Content-Type\":[\"application/octet-stream\"],\"Host\":[\"my-imac.local\"],\"User-Agent\":[\"aws-sdk-iOS/2.4.16 iPhone-OS/9.1 en_US\"],\"X-Amz-Date\":[\"20170410T233620Z\"]}}" cause="Signature does not match" source="[object-handlers.go:472:objectAPIHandlers.PutObjectHandler()]"
iOS 方:
请求headers是:
{
Authorization = "AWS4-HMAC-SHA256 Credential=LNTXV0YMMZ9SY7MD0ACZ/20170410/us-east-1/s3/aws4_request, SignedHeaders=content-length;content-type;host;user-agent;x-amz-date, Signature=454c8bad35bdd3a15a08c9bf555fc69f1d5c0dabad78a474eabd4d844ca69aef";
"Content-Length" = 282416;
"Content-Type" = "application/octet-stream";
Host = "my-imac.local";
"User-Agent" = "aws-sdk-iOS/2.4.16 iPhone-OS/9.1 en_US";
"X-Amz-Date" = 20170410T233622Z;
}
回复:
2017-04-10 16:36:22.507 demo[7969:4711709] AWSiOSSDK v2.4.16 [Debug] AWSURLSessionManager.m line:566 | -[AWSURLSessionManager printHTTPHeadersForResponse:] | Response headers:
{
"Accept-Ranges" = bytes;
Connection = close;
"Content-Type" = "application/xml";
Date = "Mon, 10 Apr 2017 23:36:22 GMT";
Server = "Minio/RELEASE.2017-03-16T21-50-32Z (linux; amd64)";
"Transfer-Encoding" = Identity;
Vary = Origin;
"X-Amz-Request-Id" = 14B42D7AE5B09A2B;
}
请替换accessKey、secretKey和url,根据需要更改区域,服务必须设置为.S3
(如果在url中输入xxxx:9000,AWSS3会自动去掉端口号,目前只支持全url不带端口,所以请确保你有到9000端口的域映射,你可能需要参考这个Setup Nginx proxy with Minio Server)
let accessKey = "XXXXXXX"
let secretKey = "XXXXXXX"
let credentialsProvider = AWSStaticCredentialsProvider(accessKey: accessKey, secretKey: secretKey)
let configuration = AWSServiceConfiguration(region: .USEast1, endpoint: AWSEndpoint(region: .USEast1, service: .S3, url: URL(string:"XXXXXX")),credentialsProvider: credentialsProvider)
AWSServiceManager.default().defaultServiceConfiguration = configuration
let S3BucketName = "images"
let remoteName = "test.jpg"
let fileURL = URL(fileURLWithPath: NSTemporaryDirectory()).appendingPathComponent(remoteName)
let image = UIImage(named: "test")
let data = UIImageJPEGRepresentation(image!, 0.9)
do {
try data?.write(to: fileURL)
}
catch {}
let uploadRequest = AWSS3TransferManagerUploadRequest()!
uploadRequest.body = fileURL
uploadRequest.key = remoteName
uploadRequest.bucket = S3BucketName
uploadRequest.contentType = "image/jpeg"
uploadRequest.acl = .publicRead
let transferManager = AWSS3TransferManager.default()
transferManager.upload(uploadRequest).continueWith { (task: AWSTask<AnyObject>) -> Any? in
...
}
注意您还需要应用以下更改才能使其完全正常工作https://github.com/aws/aws-sdk-ios/pull/638