AWS S3 CreatePresignedPost 不生成一些必填字段

AWS S3 CreatePresignedPost not generating some of the required fields

我正在尝试生成预签名 post 以授予浏览器从存储桶中上传/删除特定文件的权限,但 createPresignedPost 似乎没有生成一些必需的文件领域。 getSignedUrl 有效。

      const signedUrl = await new Promise<PresignedPost>( (resolve, reject) => {
        this.s3.createPresignedPost({
          Bucket: this.env.config.s3.buckets.images,
          Fields: { key },
          Conditions: [
            ["content-length-range", 0, 10 * 1024 * 1024]
          ],
          Expires: 3600,
        }, (err, preSigned) => { if (err) { reject(err) } else { resolve(preSigned) }});
      });

      // This works, but doesn't allow the object to be deleted, and does not allow setting a maximum file size
      //
      // const rawUrl = new URL(await this.s3.getSignedUrlPromise('putObject', {
      //     Bucket: this.env.config.s3.buckets.images,
      //     Key: key,
      //     Expires: 3600,
      // }));
      //
      // const signedUrl = {
      //   url: rawUrl.origin + rawUrl.pathname,
      //   fields: Object.fromEntries(Array.from(rawUrl.searchParams.entries()))
      // };

createPresignedPost 生成:

{ 
  url: 'https://s3.eu-west-3.amazonaws.com/xxx-images',
  fields: { 
    key: 'incoming/ae83pfxu7kf4dfdv4hbvorsxq31hadtjcp97ehwt30ds5',
    bucket: 'xxx-images',
    'X-Amz-Algorithm': 'AWS4-HMAC-SHA256',
    'X-Amz-Credential': 'xxx',
    'X-Amz-Date': '20200509T145014Z',
    Policy:    
 'eyJleHBpcmF0aW9uIjoiMjAyMC0wNS0wOVQxNTo1MDoxNFoiLCJjb25kaXRpb25zIjpbWyJjb250ZW50LWxlbmd0aC1yYW5nZSIsMCwxMDQ4NTc2MF0seyJrZXkiOiJpbmNvbWluZy9hZTgzcGZ4dTdrZjRkZmR2NGhidm9yc3hxMzFoYWR0amNwOTdlaHd0MzBkczUifSx7ImJ1Y2tldCI6InByZWZsaWdodGVtYWlsLWltYWdlcyJ9LHsiWC1BbXotQWxnb3JpdGhtIjoiQVdTNC1ITUFDLVNIQTI1NiJ9LHsiWC1BbXotQ3JlZGVudGlhbCI6IkFLSUE1RE5UN0lOWjJKTU5TQVhILzIwMjAwNTA5L2V1LXdlc3QtMy9zMy9hd3M0X3JlcXVlc3QifSx7IlgtQW16LURhdGUiOiIyMDIwMDUwOVQxNDUwMTRaIn1dfQ==',
    'X-Amz-Signature': 'xxx' } }

尝试使用这些参数 PUT 文件给出:

<?xml version="1.0" encoding="UTF-8"?>
<Error>
  <Code>AuthorizationQueryParametersError</Code>
  <Message>Query-string authentication version 4 requires the X-Amz-Algorithm, X-Amz-Credential, X-Amz-Signature, X-Amz-Date, X-Amz-SignedHeaders, and X-Amz-Expires parameters.</Message> 
 <RequestId>xxx</RequestId> 
 <HostId>xxx</HostId>
</Error>

旧的 API 调用也会生成缺少的 'X-Amz-SignedHeaders' 和 'X-Amz-Expires' 参数。

任何人都可以帮助我解决我做错了什么吗?

您应该使用 POST 而不是 PUT,因为您正在使用 createPresignedPost 生成 URL。