亚马逊合规我没有使用正确的算法签署我的请求

2024-10-01 00:28:56 发布

您现在位置:Python中文网/ 问答频道 /正文
9890 3

所以我可能需要添加字符串"AWS4",我正在使用angular和python。你知道吗

在python端,我计算签名,然后将其发送到前端,然后将文件发送到aws。我只显示签名和有效负载代码:

signature = base64.b64encode(hmac.new(aws_secret, policy, hashlib.sha256).digest())
            data = {
                "policy" : policy,
                "signature": signature,
                "key": AWS_UPLOAD_ACCESS_KEY_ID,
                "file_bucket_path": upload_start_path,
                "venuemenuobject" : serializesamplemenu.data,
                "startpath" : upload_start_path,
                "url": url
            }
            return Response(data)

然后用文件创建表单并发送请求。你知道吗

 let fd = new FormData();
              fd.append('acl', 'private');
              fd.append('Content-Type', contenttype);
              fd.append('AWSAccessKeyId',awspolicy.key);
              fd.append('Policy', awspolicy.policy);
              fd.append('key', awspolicy.startpath);
              fd.append('filename', filename);
              fd.append('Signature', awspolicy.signature);
              fd.append('file', content);
              console.log('the formdata object called');
              this.awsservice.uploadtos3(awspolicy.url,fd)
                .subscribe(
                  (req: any)=>{
                    console.log('the data was uploaded');
                    console.log(req);
                  }
                );

错误是:

The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.

根据文件https://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html 我们需要在请求中添加标题。你知道吗

所以我就这么做了。但还是不行。你知道吗

samplemenucreateandpolicy(venuepk, payload){

    const url =  samplemenupolicyandcreate + '/' + String(venuepk);
    return this.http.post(url, payload);
  }

  uploadtos3(url, payload, rawheader){
    let headers = new HttpHeaders();
    const authheader = 'AWS4-HMAC-SHA256 Credential=' + String(rawheader.key) + '/' + String(rawheader.date) + '/' + String(rawheader.region) +'/iam/aws4_request, SignedHeaders=content-type;x-amz-date, Signature=' + String(rawheader.signature);
    headers.append('Authorization',authheader);

    return this.http.post(url, payload, {headers: headers});

  }

我该怎么解决这个问题?你知道吗


Tags: keyawsurlnewdatastringpolicyheaders
1条回答
网友
1楼 · 发布于 2024-10-01 00:28:56

你肯定在使用签名版本2,而不是V4。你知道吗

signature = base64.b64encode(hmac.new(aws_secret, policy, hashlib.sha256).digest())

……在这里。。。你知道吗

fd.append('AWSAccessKeyId',awspolicy.key);

此参数为X-Amz-Credential,包含附加信息以及aws-access-key-id

according to the docs ... we need to add the headers to our request.

您混淆了两个不同的接口。你知道吗

您所做的是一个表单POST上传,它不使用Authorization头。你知道吗

复习https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-post-example.html。你知道吗

相关问题 更多 >

    编程相关推荐