如何让node.js服务器签署来自amazon web services的fine uploader请求?
在尝试将图像上载到AWS时,我在让node.js签署来自AWS的请求时遇到问题。以下是我在Chrome控制台中得到的信息:如何让node.js服务器签署来自amazon web services的fine uploader请求?,node.js,amazon-s3,cors,fine-uploader,Node.js,Amazon S3,Cors,Fine Uploader,在尝试将图像上载到AWS时,我在让node.js签署来自AWS的请求时遇到问题。以下是我在Chrome控制台中得到的信息: [Fine Uploader 4.4.0] Parsing template s3.jquery.fineuploader-4.4.0.js:198 [Fine Uploader 4.4.0] Template parsing complete s3.jquery.fineuploader-4.4.0.js:198 [Fine Uploader 4.4.0] Renderi
[Fine Uploader 4.4.0] Parsing template s3.jquery.fineuploader-4.4.0.js:198
[Fine Uploader 4.4.0] Template parsing complete s3.jquery.fineuploader-4.4.0.js:198
[Fine Uploader 4.4.0] Rendering template in DOM. s3.jquery.fineuploader-4.4.0.js:198
[Fine Uploader 4.4.0] Template rendering complete s3.jquery.fineuploader-4.4.0.js:198
[Fine Uploader 4.4.0] Received 1 files or inputs. s3.jquery.fineuploader-4.4.0.js:198
[Fine Uploader 4.4.0] Attempting to validate image. s3.jquery.fineuploader-4.4.0.js:198
[Fine Uploader 4.4.0] Submitting S3 signature request for 0 s3.jquery.fineuploader-4.4.0.js:198
[Fine Uploader 4.4.0] Sending POST request for 0 s3.jquery.fineuploader-4.4.0.js:198
OPTIONS file://192.168.2.16/fine-uploader/_dist/s3/server.js No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. s3.jquery.fineuploader-4.4.0.js:3657
XMLHttpRequest cannot load file://192.168.2.16/fine-uploader/_dist/s3/server.js. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. default.html:1
[Fine Uploader 4.4.0] POST request for 0 has failed - response code 0 s3.jquery.fineuploader-4.4.0.js:203
[Fine Uploader 4.4.0] Received an empty or invalid response from the server! s3.jquery.fineuploader-4.4.0.js:203
[Fine Uploader 4.4.0] Policy signing failed. Received an empty or invalid response from the server! s3.jquery.fineuploader-4.4.0.js:203
[Fine Uploader 4.4.0] Received response status 0 with body: s3.jquery.fineuploader-4.4.0.js:198
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<script src="http://code.jquery.com/jquery-1.10.2.js" type="text/javascript"> </script>
<link href="../../s3/fineuploader-4.4.0.min.css" rel="stylesheet">
<script src="../../s3/s3.jquery.fineuploader-4.4.0.js"></script>
<script>
// Wait until the DOM is 'ready'
$(document).ready(function () {
$("#fine-uploader").fineUploaderS3({
debug: true,
request: {
endpoint: 'fineuploader1.s3.amazonaws.com'
// accessKey: 'AKIAICPB2GGIC4VOF2WQ'
},
signature: {
endpoint: '../../s3/server.js'
},
uploadSuccess: {
endpoint: '/s3/success'
},
iframeSupport: {
localBlankPagePath: '/success.html'
},
retry: {
enableAuto: true // defaults to false
},
deleteFile: {
enabled: true,
endpoint: '/s3handler'
}
});
});
</script>
<script type="text/template" id="qq-template">
<div class="qq-uploader-selector qq-uploader">
<div class="qq-total-progress-bar-container-selector qq-total-progress-bar-container">
<div class="qq-total-progress-bar-selector qq-progress-bar qq-total-progress-bar"></div>
</div>
<div class="qq-upload-drop-area-selector qq-upload-drop-area" qq-hide-dropzone>
<span>Drop files here to upload</span>
</div>
<div class="qq-upload-button-selector qq-upload-button">
<div>Upload a file</div>
</div>
<span class="qq-drop-processing-selector qq-drop-processing">
<span>Processing dropped files...</span>
<span class="qq-drop-processing-spinner-selector qq-drop-processing-spinner"></span>
</span>
<ul class="qq-upload-list-selector qq-upload-list">
<li>
<div class="qq-progress-bar-container-selector">
<div class="qq-progress-bar-selector qq-progress-bar"></div>
</div>
<span class="qq-upload-spinner-selector qq-upload-spinner"></span>
<span class="qq-edit-filename-icon-selector qq-edit-filename-icon"></span>
<span class="qq-upload-file-selector qq-upload-file"></span>
<input class="qq-edit-filename-selector qq-edit-filename" tabindex="0" type="text">
<span class="qq-upload-size-selector qq-upload-size"></span>
<a class="qq-upload-cancel-selector qq-upload-cancel" href="#">Cancel</a>
<a class="qq-upload-retry-selector qq-upload-retry" href="#">Retry</a>
<a class="qq-upload-delete-selector qq-upload-delete" href="#">Delete</a>
<span class="qq-upload-status-text-selector qq-upload-status-text"></span>
</li>
</ul>
</div>
</script>
<title>Fine Uploader default UI</title>
</head>
<body>
<div id="fine-uploader"></div>
</body>
</html>
,我将通过下载并运行它来设置服务器。然而,它没有提到任何关于签名的内容。我将签名指向server.js。我不知道还能指向哪里。这个页面上关于签名的文档似乎对我没有任何帮助,因为我不明白它试图让我做什么来让它工作。我知道这些可能是愚蠢的问题,但我只需要指出正确的方向,这样我就可以继续前进。我非常感谢任何帮助。非常感谢。如果我能提供任何进一步的信息,请告诉我。首先,我猜您没有在服务器中属性设置CLIENT\u SECRET\u KEY环境变量。它应该设置为相同IAM用户的密钥,对应于在构建上传器期间传递给精细上传器S3的公钥
其次,您应该从一个合适的web服务器提供页面服务。我可以从日志消息中看出您没有这样做
第三,为什么要在JavaScript选项中注释掉访问密钥?这是一个必需的选项
您的设置可能还有其他问题,但这些是第一眼看到的最明显的问题。只要您正确设置了服务器和客户端,提供的节点示例就可以正常工作。这里有一个node.js示例,用于fine Uploader S3,它在多个地方被引用,例如在S3 endpoint handler doc页中。Correct。这与我在上面的server.js文件中发布的内容相同,我从这些说明中下载了这个文件。我是否错过了其他我应该做的事情?我注释掉了accesskey,因为如果我没有注释,那么我会得到一个控制台错误,“uncaughtSyntaxError:Unexpected identifier”。在Fine Uploader S3中,这个配置选项肯定没有问题。您不能简单地注释掉所需的选项。您需要确定代码的哪个方面导致了异常。因此,正如您所指出的,我取消了必需部分的注释,因此现在出现了一个意外的标识符。上面列出了我接触过的唯一代码,因此没有其他代码被篡改。这仅仅是服务器问题吗?我正在检查我的IT支持,看看这个服务器是否为此正确设置。这听起来不像是服务器会犯的错误。我感谢你指出一些可能的问题,但这些似乎并没有纠正问题。提前感谢您可能提供的任何进一步帮助。正如我所说的,您的代码中存在许多明显的问题,除非您先解决一些更基本的问题,否则很难提供帮助。你需要提供一个指向你的live应用程序的链接,以便我进一步提供帮助。
var express = require("express"),
crypto = require("crypto"),
aws = require("aws-sdk"),
app = express(),
clientSecretKey = process.env.CLIENT_SECRET_KEY,
// These two keys are only needed if you plan on using the AWS SDK
serverPublicKey = process.env.SERVER_PUBLIC_KEY,
serverSecretKey = process.env.SERVER_SECRET_KEY,
// Set these two values to match your environment
expectedBucket = "fineuploadertest1",
expectedMaxSize = 15000000,
s3;
// Init S3, given your server-side keys. Only needed if using the AWS SDK.
aws.config.update({
accessKeyId: serverPublicKey,
secretAccessKey: serverSecretKey
});
s3 = new aws.S3();
app.use(express.bodyParser());
app.use(express.static(__dirname)); //only needed if serving static content as well
app.listen(8000);
// Handles all signature requests and the success request FU S3 sends after the file is in S3
// You will need to adjust these paths/conditions based on your setup.
app.post("\\192.168.2.16\fine-uploader\_dist\s3\server.js", function(req, res) {
if (req.query.success !== undefined) {
verifyFileInS3(req, res);
}
else {
signRequest(req, res);
}
});
// Handles the standard DELETE (file) request sent by Fine Uploader S3.
// Omit if you don't want to support this feature.
app.delete("../../s3/server.js", function(req, res) {
deleteFile(req.query.bucket, req.query.key, function(err) {
if (err) {
console.log("Problem deleting file: " + err);
res.status(500);
}
res.end();
});
});
// Signs any requests. Delegate to a more specific signer based on type of request.
function signRequest(req, res) {
if (req.body.headers) {
signRestRequest(req, res);
}
else {
signPolicy(req, res);
}
}
// Signs multipart (chunked) requests. Omit if you don't want to support chunking.
function signRestRequest(req, res) {
var stringToSign = req.body.headers,
signature = crypto.createHmac("sha1", clientSecretKey)
.update(stringToSign)
.digest("base64");
var jsonResponse = {
signature: signature
};
res.setHeader("Content-Type", "application/json");
if (isValidRestRequest(stringToSign)) {
res.end(JSON.stringify(jsonResponse));
}
else {
res.status(400);
res.end(JSON.stringify({invalid: true}));
}
}
// Signs "simple" (non-chunked) upload requests.
function signPolicy(req, res) {
var base64Policy = new Buffer(JSON.stringify(req.body)).toString("base64"),
signature = crypto.createHmac("sha1", clientSecretKey)
.update(base64Policy)
.digest("base64");
var jsonResponse = {
policy: base64Policy,
signature: signature
};
res.setHeader("Content-Type", "application/json");
if (isPolicyValid(req.body)) {
res.end(JSON.stringify(jsonResponse));
}
else {
res.status(400);
res.end(JSON.stringify({invalid: true}));
}
}
// Ensures the REST request is targeting the correct bucket.
// Omit if you don't want to support chunking.
function isValidRestRequest(headerStr) {
return new RegExp("\/" + expectedBucket + "\/.+$").exec(headerStr) != null;
}
// Ensures the policy document associated with a "simple" (non-chunked) request is
// targeting the correct bucket and the max-size is as expected.
// Omit the parsedMaxSize-related code if you don't have a max file size.
function isPolicyValid(policy) {
var bucket, parsedMaxSize;
policy.conditions.forEach(function(condition) {
if (condition.bucket) {
bucket = condition.bucket;
}
else if (condition instanceof Array && condition[0] === "content-length-range") {
parsedMaxSize = condition[2];
}
});
return bucket === expectedBucket && parsedMaxSize === expectedMaxSize.toString();
}
// After the file is in S3, make sure it isn't too big.
// Omit if you don't have a max file size, or add more logic as required.
function verifyFileInS3(req, res) {
function headReceived(err, data) {
if (err) {
res.status(500);
console.log(err);
res.end(JSON.stringify({error: "Problem querying S3!"}));
}
else if (data.ContentLength > expectedMaxSize) {
res.status(400);
res.write(JSON.stringify({error: "Too big!"}));
deleteFile(req.body.bucket, req.body.key, function(err) {
if (err) {
console.log("Couldn't delete invalid file!");
}
res.end();
});
}
else {
res.end();
}
}
callS3("head", {
bucket: req.body.bucket,
key: req.body.key
}, headReceived);
}
function deleteFile(bucket, key, callback) {
callS3("delete", {
bucket: bucket,
key: key
}, callback);
}
function callS3(type, spec, callback) {
s3[type + "Object"]({
Bucket: spec.bucket,
Key: spec.key
}, callback)
}
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>DELETE</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<ExposeHeader>ETag</ExposeHeader>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>