Ios 使用accesskey和secretkey从S3服务器下载安全文件
我试图使用NSURLSessionDownloadTask从S3服务器下载一个安全文件,但它返回403错误(访问被拒绝)。Ios 使用accesskey和secretkey从S3服务器下载安全文件,ios,amazon-web-services,amazon-s3,Ios,Amazon Web Services,Amazon S3,我试图使用NSURLSessionDownloadTask从S3服务器下载一个安全文件,但它返回403错误(访问被拒绝)。 我的代码: NSMutableURLRequest *request = [[NSMutableURLRequest alloc] initWithURL:[NSURL URLWithString:@"https://xxx.amazonaws.com/bucket-name/file_name"]]; request.HTTPMethod = @"GET"; [req
我的代码:
NSMutableURLRequest *request = [[NSMutableURLRequest alloc] initWithURL:[NSURL URLWithString:@"https://xxx.amazonaws.com/bucket-name/file_name"]];
request.HTTPMethod = @"GET";
[request setValue:@"kAccessKey" forHTTPHeaderField:@"accessKey"];
[request setValue:@"kSecretKey" forHTTPHeaderField:@"secretKey"];
NSURLSessionDownloadTask *downloadPicTask = [[NSURLSession sharedSession] downloadTaskWithRequest:request completionHandler:^(NSURL *location, NSURLResponse *response, NSError *error) {
UIImage *downloadedImage = [UIImage imageWithData:
[NSData dataWithContentsOfURL:location]];
dispatch_async(dispatch_get_main_queue(), ^{
weakSelf.imageView.image = downloadedImage;
[weakSelf.activityIndicator stopAnimating];
});
}];
[downloadPicTask resume];
编辑
我找到了这个代码:AWSCognitoCredentialsProvider *credentialsProvider = [[AWSCognitoCredentialsProvider alloc]initWithRegionType:AWSRegionUSWest2 identityId:@"xxxxxxx" identityPoolId:@"xxxxxxxx" logins:nil];
AWSServiceConfiguration *configuration = [[AWSServiceConfiguration alloc]initWithRegion:AWSRegionUSWest2 credentialsProvider:credentialsProvider];
// Construct the NSURL for the download location.
NSString *downloadingFilePath = [NSTemporaryDirectory() stringByAppendingPathComponent:@"sample_img.png"];
NSURL *downloadingFileURL = [NSURL fileURLWithPath:downloadingFilePath];
// Construct the download request.
AWSS3TransferManagerDownloadRequest *downloadRequest = [[AWSS3TransferManagerDownloadRequest alloc]init];
AWSS3TransferManager * transferManager = [AWSS3TransferManager S3TransferManagerForKey:[[configuration credentialsProvider]sessionKey]];
downloadRequest.bucket = @"test-upload-bucket";
downloadRequest.key = @"sample_img.png";
downloadRequest.downloadingFileURL = downloadingFileURL;
[[transferManager download:downloadRequest] continueWithExecutor:[AWSExecutor mainThreadExecutor]
withBlock:^id(AWSTask *task){
return nil;
}];
IdentityId和IdentityPoolId的输入值是多少?这对我很有用:
AWSStaticCredentialsProvider *credentialsProvider = [[AWSStaticCredentialsProvider alloc]initWithAccessKey:@"AccessKey" secretKey:@"secretKey"];
AWSServiceConfiguration *configuration = [[AWSServiceConfiguration alloc]initWithRegion:AWSRegionUSWest2 credentialsProvider:credentialsProvider];
// Construct the NSURL for the download location.
NSString *downloadingFilePath = [NSTemporaryDirectory() stringByAppendingPathComponent:@"sample_img.png"];
NSURL *downloadingFileURL = [NSURL fileURLWithPath:downloadingFilePath];
// Construct the download request.
AWSS3TransferManagerDownloadRequest *downloadRequest = [AWSS3TransferManagerDownloadRequest new];
[AWSS3TransferManager registerS3TransferManagerWithConfiguration:configuration forKey:@"USWest2S3TransferManager"];
AWSS3TransferManager * transferManager = [AWSS3TransferManager S3TransferManagerForKey:@"USWest2S3TransferManager"];
downloadRequest.bucket = @"test-upload-bucket";
downloadRequest.key = @"sample_img.png";
downloadRequest.downloadingFileURL = downloadingFileURL;
[[transferManager download:downloadRequest] continueWithExecutor:[AWSExecutor mainThreadExecutor]
withBlock:^id(AWSTask *task){
return nil;
}];
所有HTTP请求在发送到AWS服务器之前都需要正确签名,签名过程非常复杂,所以我建议尝试一下
Arun_u展示的示例是一段代码片段,介绍了如何使用transferManager通过AWS Mobile SDK for iOS v2下载文件 2017年夏季工作功能,您可以向其传递图像名称和表格单元格(我正在下载某些表格条目的徽标)。请确保修改您的凭据区域、密钥/机密凭据以及存储桶名称。注意:您的凭据不应为root。创建单独的IAM用户/组/策略,并仅授权特定资源(存储桶/对象)和特定操作。创建您的密钥和机密。我这样做是因为我不想用亚马逊的“我思故我在”来管理我的用户。但我希望我的移动应用程序能够直接、安全地访问S3资源,而不是通过冗余的服务器端脚本。但是,亚马逊建议手机用户使用cogito,让每个用户使用自己的/temp-creds。警告买主
-(void) awsImageLoad:(NSString*)imageFile :(UITableViewCell*)cell {
NSArray *filepathelements = [imageFile componentsSeparatedByString:@"/"];
if (filepathelements.count == 0) return;
//extract only the name from a possibe folder/folder/imagename
NSString *imageName = [filepathelements objectAtIndex:filepathelements.count-1];
AWSStaticCredentialsProvider *credentialsProvider =
[[AWSStaticCredentialsProvider alloc]
initWithAccessKey:@"_______________"
secretKey:@"__________________________________"];
//My credentials exist on the US East 1 region server farm
AWSServiceConfiguration *configuration = [[AWSServiceConfiguration alloc]initWithRegion:AWSRegionUSEast1 credentialsProvider:credentialsProvider];
// Construct the NSURL for the temporary download location.
NSString *downloadingFilePath = [NSTemporaryDirectory() stringByAppendingPathComponent:imageName];
NSURL *downloadingFileURL = [NSURL fileURLWithPath:downloadingFilePath];
// Construct the download request.
AWSS3TransferManagerDownloadRequest *downloadRequest = [AWSS3TransferManagerDownloadRequest new];
// S3 has only a Global Region -- establish our creds configuration
[AWSS3TransferManager registerS3TransferManagerWithConfiguration:configuration forKey:@"GlobalS3TransferManager"];
AWSS3TransferManager * transferManager = [AWSS3TransferManager S3TransferManagerForKey:@"GlobalS3TransferManager"];
downloadRequest.bucket = @"my_bucket_name";
downloadRequest.key = imageFile;
downloadRequest.downloadingFileURL = downloadingFileURL;
[[transferManager download:downloadRequest] continueWithExecutor:[AWSExecutor mainThreadExecutor] withBlock:^id(AWSTask *task){
if (task.error){
if ([task.error.domain isEqualToString:AWSS3TransferManagerErrorDomain]) {
switch (task.error.code) {
case AWSS3TransferManagerErrorCancelled:
case AWSS3TransferManagerErrorPaused:
break;
default:
NSLog(@"Error: %@", task.error);
break;
}
} else {
NSLog(@"Error: %@", task.error);
}
}
if (task.result) {
// ...this runs on main thread already
cell.imageView.image = [UIImage imageWithContentsOfFile:downloadingFilePath];
}
return nil;
}];
}
这似乎是一个开始。我正在尝试编写一个类,该类将使用AWS提供的rest服务来验证遵循此链接的用户,代码段是python的,我对标题格式有点困惑。你对此有什么想法吗?巨大的帮助!谢谢