【发布时间】:2021-01-04 02:23:34
【问题描述】:
所以我已经盯着这个看了一段时间,我显然看不出有什么问题,我从我的 Lambda 中获取了一个签名 URL,然后使用 rn-fetch-blob 上传到它。
Lambda 代码如下:
export default async (event, context, callback, utils) => {
const { imageName } = JSON.parse(event.body)
console.log('imageName', imageName)
// These access keys relate to a user with AdministratorAccess
utils.AWS.config.update({
accessKeyId: 'XXXXX',
secretAccessKey: 'XXXXXXX',
})
let s3 = new utils.AWS.S3({ signatureVersion: 'v4' })
let params = { Bucket: 'MY_BUCKET', Key: imageName, Expires: 60, ContentType: 'image/jpeg' }
let url = await s3.getSignedUrl('putObject', params)
callback(null, utils.responder.success({ url.data.url }))
}
React Native 代码如下:
const uploadImageToS3Endpoint = (s3Url, imageUrl) => {
var source = imageUrl.replace('file://', '')
return RNFetchBlob.fetch('POST', s3Url, {
'Content-Type': 'image/jpeg'
}, RNFetchBlob.wrap(source))
}
我回来了(连同一大堆其他东西,为了简洁而编辑)
The request signature we calculated does not match the signature you provided. Check your key and signing method.
我也尝试将公共写入分配到 S3 存储桶,以证明这不是权限问题,仍然得到相同的结果。任何建议都将不胜感激,因为这应该很简单!
编辑
AWS 响应 RN 获取
"<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><AWSAccessKeyId>THE_KEY</AWSAccessKeyId><StringToSign>AWS4-HMAC-SHA256
20181230T120956Z
20181230/eu-west-2/s3/aws4_request
b7b755c6335c0401711fafa241bbd816b5c7ad225c41cc324b0daaac2ee9f587</StringToSign><SignatureProvided>5345073e95a1dd39fa28f0a3c5c7350b2d7da75a5dedf3c2a895fdbd0e354961</SignatureProvided><StringToSignBytes>41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 0a 32 30 31 38 31 32 33 30 54 31 32 30 39 35 36 5a 0a 32 30 31 38 31 32 33 30 2f 65 75 2d 77 65 73 74 2d 32 2f 73 33 2f 61 77 73 34 5f 72 65 71 75 65 73 74 0a 62 37 62 37 35 35 63 36 33 33 35 63 30 34 30 31 37 31 31 66 61 66 61 32 34 31 62 62 64 38 31 36 62 35 63 37 61 64 32 32 35 63 34 31 63 63 33 32 34 62 30 64 61 61 61 63 32 65 65 39 66 35 38 37</StringToSignBytes><CanonicalRequest>POST
/C1E2DB45-CB94-4D3C-AEA7-C1CE4B42FCF1.jpg
Content-Type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJMVYRTCLXJGL2JGQ%2F20181230%2Feu-west-2%2Fs3%2Faws4_request&X-Amz-Date=20181230T120956Z&X-Amz-Expires=60&X-Amz-SignedHeaders=host
host:tthsshopproductimages.s3.eu-west-2.amazonaws.com
host
UNSIGNED-PAYLOAD</CanonicalRequest><CanonicalRequestBytes>50 4f 53 54 0a 2f 43 31 45 32 44 42 34 35 2d 43 42 39 34 2d 34 44 33 43 2d 41 45 41 37 2d 43 31 43 45 34 42 34 32 46 43 46 31 2e 6a 70 67 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3d 69 6d 61 67 65 25 32 46 6a 70 65 67 26 58 2d 41 6d 7a 2d 41 6c 67 6f 72 69 74 68 6d 3d 41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 26 58 2d 41 6d 7a 2d 43 72 65 64 65 6e 74 69 61 6c 3d 41 4b 49 41 4a 4d 56 59 52 54 43 4c 58 4a 47 4c 32 4a 47 51 25 32 46 32 30 31 38 31 32 33 30 25 32 46 65 75 2d 77 65 73 74 2d 32 25 32 46 73 33 25 32 46 61 77 73 34 5f 72 65 71 75 65 73 74 26 58 2d 41 6d 7a 2d 44 61 74 65 3d 32 30 31 38 31 32 33 30 54 31 32 30 39 35 36 5a 26 58 2d 41 6d 7a 2d 45 78 70 69 72 65 73 3d 36 30 26 58 2d 41 6d 7a 2d 53 69 67 6e 65 64 48 65 61 64 65 72 73 3d 68 6f 73 74 0a 68 6f 73 74 3a 74 74 68 73 73 68 6f 70 70 72 6f 64 75 63 74 69 6d 61 67 65 73 2e 73 33 2e 65 75 2d 77 65 73 74 2d 32 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 0a 0a 68 6f 73 74 0a 55 4e 53 49 47 4e 45 44 2d 50 41 59 4c 4f 41 44</CanonicalRequestBytes><RequestId>4E4DFD848923AC27</RequestId><HostId>DljdK6KPnzAeXxwUyYu32gb4g4JRI8kDTsdqZVqcM3wLYBsZ6kfT8UGZq6FI5/VimHdY6iL8eKg=</HostId></Error>"
【问题讨论】:
-
您在 lambda 端或 react native 上收到此签名错误?
-
哦,抱歉,是的,这是 RN 呼叫的响应。
-
您能否发布来自 s3 客户端的准确响应以及来自 rnFetch 的准确请求,包括标头等
-
请给我 20 分钟!
-
我发现了这个有趣的信息 注意:使用预签名 URL 时,并非所有操作参数都受支持。发送请求时,某些参数(例如 SSECustomerKey、ACL、Expires、ContentLength 或 Tagging)必须作为标头提供。如果您使用预签名 URL 从浏览器上传并需要使用这些字段,请参阅 createPresignedPost()。您可以尝试使用 createPresignedPost() 而不是 getSignedUrl
标签: amazon-web-services react-native amazon-s3 aws-lambda