Ruby on rails s3浏览器上载,规范还是策略存储桶?
最新sigv4 s3浏览器上传帖子的文档- -显示我需要使用Ruby on rails s3浏览器上载,规范还是策略存储桶?,ruby-on-rails,amazon-web-services,amazon-s3,Ruby On Rails,Amazon Web Services,Amazon S3,最新sigv4 s3浏览器上传帖子的文档- -显示我需要使用x-amz-signature、x-amz-credential和策略 如果我尝试这样做,我会得到一个错误,说我缺少文档中没有提到的AWSAccessKeyId,并且x-amz-signature需要是signature 要签名的字符串: 我是应该做上面的base64 bucket策略文档,还是应该做规范的方法,比如python发布到dynamoDB- 签名: 规范使用hmac hexdigesthmac.new(signing_key
x-amz-signature
、x-amz-credential
和策略
如果我尝试这样做,我会得到一个错误,说我缺少文档中没有提到的AWSAccessKeyId
,并且x-amz-signature
需要是signature
要签名的字符串:
我是应该做上面的base64 bucket策略文档,还是应该做规范的方法,比如python发布到dynamoDB-
签名:
规范使用hmac hexdigesthmac.new(signing_key,(string_to_sign).encode('utf-8')、hashlib.sha256).hexdigest()
上面的上传文档使用带有base64的hmac:base64.encode64(OpenSSL::hmac.digest('sha256',signaturekey,@policy))
在下,看起来他们正在使用非hmac hexdigest:OpenSSL::hmac.hexdigest(OpenSSL::Digest.new('sha256'),key,value)
需要哪种方法上传到s3
FWIW,我正在使用带有Rails的SPA作为API,所以很遗憾,我没有访问任何Rails视图帮助程序的权限
我发布了一个关于我的代码的问题,不幸的是,我看到了一个使用rails视图助手的链接
编辑:
策略发送的内容:
{"expiration":"2017-03-06T20:13:51Z",
"conditions":[
{"bucket":"example-development"},
{"x-amz-credential":"AKIAIVVIZJHOBCBAB5CA/20170305/us-west-2/s3/aws4_request"},
{"x-amz-algorithm":"AWS4-HMAC-SHA256"},
{"x-amz-date":"20170305T000000Z"}
]
}
Policy:"eyJleHBpcmF0aW9uIjoiMjAxNy0wMy0wNlQyMDoxOTowN1oiLCJjb25kaXRpb25zIjpbeyJidWNrZXQiOiJ3YXlkb3BlLWRldmVsb3BtZW50In0seyJ4LWFtei1jcmVkZW50aWFsIjoiQUtJQUlWVklaSkhPQkNCQUI1Q0EvMjAxNzAzMDUvdXMtd2VzdC0yL3MzL2F3czRfcmVxdWVzdCJ9LHsieC1hbXotYWxnb3JpdGhtIjoiQVdTNC1ITUFDLVNIQTI1NiJ9LHsieC1hbXotZGF0ZSI6IjIwMTcwMzA1VDAwMDAwMFoifV19"
X-Amz-Signature:"Cqjvo9aYCrb8PYHD+mUDjlOwKUzTpsI4d5/oycFAUBA="
key:"uploads/photo/photo/126/photo.jpg"
x-amz-algorithm:"AWS4-HMAC-SHA256"
x-amz-credential:"AKIAIVVIZJHOBCBAB5CA/20170305/us-west-2/s3/aws4_request"
x-amz-date:"20170305T000000Z"
表格发送的内容:
{"expiration":"2017-03-06T20:13:51Z",
"conditions":[
{"bucket":"example-development"},
{"x-amz-credential":"AKIAIVVIZJHOBCBAB5CA/20170305/us-west-2/s3/aws4_request"},
{"x-amz-algorithm":"AWS4-HMAC-SHA256"},
{"x-amz-date":"20170305T000000Z"}
]
}
Policy:"eyJleHBpcmF0aW9uIjoiMjAxNy0wMy0wNlQyMDoxOTowN1oiLCJjb25kaXRpb25zIjpbeyJidWNrZXQiOiJ3YXlkb3BlLWRldmVsb3BtZW50In0seyJ4LWFtei1jcmVkZW50aWFsIjoiQUtJQUlWVklaSkhPQkNCQUI1Q0EvMjAxNzAzMDUvdXMtd2VzdC0yL3MzL2F3czRfcmVxdWVzdCJ9LHsieC1hbXotYWxnb3JpdGhtIjoiQVdTNC1ITUFDLVNIQTI1NiJ9LHsieC1hbXotZGF0ZSI6IjIwMTcwMzA1VDAwMDAwMFoifV19"
X-Amz-Signature:"Cqjvo9aYCrb8PYHD+mUDjlOwKUzTpsI4d5/oycFAUBA="
key:"uploads/photo/photo/126/photo.jpg"
x-amz-algorithm:"AWS4-HMAC-SHA256"
x-amz-credential:"AKIAIVVIZJHOBCBAB5CA/20170305/us-west-2/s3/aws4_request"
x-amz-date:"20170305T000000Z"
bucket策略和COR包含零条件。对于s3浏览器上载,要签名的字符串应该是bucket配置:
按照页面底部的链接进行操作。您需要在表单和策略中使用值为
AWS4-HMAC-SHA256
的X-Amz-Algorithm
。您没有提到这一点,如果没有,可能会触发关于AWSAccessKeyId
(您通常不应该使用它)的消息。您应该使用策略文档。使用正在发送的数据进行更新