SignatureDoesNotMatch: The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method.

[Gabxi]

Hi,

I saw #86 and couldn't figure out how to solve it based off my issue.

I'm getting the same error when I try to upload a file.

I'm trying to POST and GET from my S3 bucket. Here is the html form I'm using
My AWS ID is AKIAIO3FNB3XLQP4AJFA which was created on 2015 Feb 12. I figured that's fine to put out there because it's the public key.
'''

File:

'''

Here is the policy
'''
{ "expiration": "2016-08-06T12:00:00.000Z",
"conditions": [
{"bucket": "stratusview"},
["starts-with", "$key", "user/user1/"],
["starts-with", "$Content-Type", "application/“],
{"acl": "public-read"},
{"x-amz-meta-uuid": "14365123651274"},
{"x-amz-credential": "AKIAIO3FNB3XLQP4AJFA/20150212/us-west-1/s3/aws4_request"},
{"x-amz-algorithm": "AWS4-HMAC-SHA256"},
{"x-amz-date": "20150806T000000Z" }
]
}
'''

Here is the python code I'm using to generate the base 64 policy and the signatue
'''
import base64
import hmac
import hashlib
import sha

aws_secret_key = ''

policy_file = open('policy_document', 'r')
policy = policy_file.read().strip()
policy_encoded = base64.b64encode(policy)

signature = base64.b64encode(hmac.new(aws_secret_key, policy_encoded, digestmod=hashlib.sha256).digest())

print 'Your policy base-64 encoded: {}'.format(policy_encoded)
print 'Your signature base-64 encoded: {}'.format(signature)
'''

I think I'm generating the signature correctly. I was wondering if there was a way to see the base64encoded string I should get based off my parameters in the html. That way I can just check it into and python and get the right signature.

Thanks so much and sorry to repeat this question but I've been stuck on it all night.

[lsegal]

I would recommend posting a thread on the S3 forums about this issue, as it does not seem to be related to the AWS SDK for JavaScript. The POST object method is not supported by the SDK itself, furthermore it seems as though you are manually generating the signed URL yourself. I would recommend using an SDK to do this, if possible. The S3 forums would point you in the right direction.

[Gabxi]

Cool. Is this the way you recommend putting stuff into an S3 bucket?
http://docs.aws.amazon.com/AWSJavaScriptSDK/guide/browser-examples.html

I tried that but I had problem doing it that way. Is this the appropriate place to ask that kind of question?

[lsegal]

Yes, if you are using the SDK that is the right way to do it and this is the right place for those questions.

[Gabxi]

I decided to use the SDK. I want to try loading all the things in a bucket. My bucket is empty btw.

var config = new AWS.Config({
  accessKeyId: 'ACESSKEY', secretAccessKey: 'SECRETKEY', region: 'us-west-2'
});
var bucket = new AWS.S3({params: {Bucket: 'stratusview'}});
  bucket.listObjects(function (err, data) {
    if (err) {
      console.log(err)
      document.getElementById('status').innerHTML =
        'Could not load objects from S3';
    } else {
      document.getElementById('status').innerHTML =
        'Loaded ' + data.Contents.length + ' items from S3';
      for (var i = 0; i < data.Contents.length; i++) {
        document.getElementById('objects').innerHTML +=
          '<li>' + data.Contents[i].Key + '</li>';
      }
    }
  });

However, I get a Error: Missing credentials in config {message: "Missing credentials in config", code: "SigningError", name: "SigningError".

However, I believe I configured the credentials the right way. I know hardcoding the keys is a no-no but in this case I just need something to work really fast then I'll move to a better system.

Does this seem wrong?

var config = new AWS.Config({
  accessKeyId: 'ACESSKEY', secretAccessKey: 'SECRETKEY', region: 'us-west-2'
});

[lsegal]

It looks like you're creating a config object but not using it. You would either want to configure the global object or pass the config object to the S3 constructor.

[Gabxi]

I just tried that and I still get the same error.

I'm passing it like so

var bucket = new AWS.S3({credentials: config, params: {Bucket: 'stratusview'}});

When I do a console.log(err). I see the keys in the credentials. However, my endpoint is null. Is that a cause of the problem.

[Gabxi]

Oh nevermind. I changed config to config.credentials. Now I'm getting different errors. I'll dig around and a bit before bugging you again.

Thanks so much the help and sorry to bug.

[Gabxi]

I'm closing this because my issue is solved.

[lock]

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs and link to relevant comments in this thread.