added optional query parameter to s3.get #23
Conversation
|
Kudos to Amazon for this screw up. Or should I say backward incompatible change into the signing algorithm. The mindless drones in charge with the APIs done it again. Thing is that passing a query param to path used to work. GET ?acl or GET object?acl still works, but GET ?marker=object or GET ?max-keys=100 does not work as S3 API behaves like it never heard of those parameters. Behaves like GET ?foo. I have a bucket with over 150k objects in it and I had to iterate that bucket about three weeks ago in order to run some cleanup tasks. GET ?marker=object used to work back then. I still have the script that I used. Now it throws 403 errors. Some info from a debug version: GET /?acl => to sign string: GET Tue, 06 Mar 2012 09:24:50 GMT /bucket-name/?acl => works without error. GET /?max-keys=10 => to sign string: GET Tue, 06 Mar 2012 09:27:07 GMT /bucket-name/?max-keys=10 => error with StringToSign: 'GET\n\n\nTue, 06 Mar 2012 09:27:07 GMT\n/bucket-name/' (o_O) I'll merge your solution since it works by avoiding to pass the query params to the signing path, but I have to make sure that the rest of the things that should be passed to path (such as ?acl, ?location, ?torrent, etc) won't break. |
|
Interesting. Indeed this looks a bit more complicated than I thought: http://docs.amazonwebservices.com/AmazonS3/latest/dev/RESTAuthentication.html Thanks for reacting quickly to this. |
|
Figured out the whole thing. Since the latest modifications of the signing method, S3 makes a clear distinction between subresources and request parameters. Technically both are query arguments, but from the signing point of view they are different:
I changed a little bit your idea:
I'll publish the new version ASAP. I still have to write some unit tests. |
|
Nice. I'm looking forward to the new version. |
|
v0.6.6 is out. Still have to write the docs for query / s3.get(), but the functionality is there. |
|
Just gave it a try and it looks like there's still something wrong. I'll try to find some time later today to have a look at the code. |
|
I'll have a look. Due to the way querystring.stringify() works, it may break some things. I may use the manual merging method as I did for subresources where the above method doesn't do it as S3 expects it. This is the code that may break it: if ( ! tools.isEmpty(query)) {
query = qs.stringify(query);
if (path.indexOf('?') === -1) {
path += '?';
} else {
path += '&';
}
path = path + query;
}
path = encodeURI(path);
return path;I'll have to properly test it after a meeting. |
|
Checked the issue. Indeed, querystring.stringify() encodes the values. This replaces it: var queryPieces = [];
for (var i in query) {
queryPieces.push(i + '=' + query[i]);
}
query = queryPieces.join('&');I'll publish a new version ASAP. |
|
Published a new version that contains the above patch. Please let me know if everything is OK for you. |
|
just checked. everything is working correctly for me. thanks |
In order to page through the list of objects in a bucket, it is necessary to pass parameters to
GETAs far as I could see, this is not possible with
s3.getas it stands.Appending a query string to the
pathparameter breaks authorization, and would be kludgy anyway.So I propose adding a optional
queryparameter tos3.get