New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

generate-presigned-url generating old signatures #307

Closed
pupeno opened this Issue May 7, 2017 · 10 comments

Comments

Projects
None yet
2 participants
@pupeno

pupeno commented May 7, 2017

I tried to use com.amazonaws.services.s3/generate-presigned-url but it was generating version 2 signatures which didn't work:

http://stackoverflow.com/questions/43823546/when-trying-to-access-an-s3-signed-url-the-authorization-mechanism-not-supporte

The code in this example with the same credentials worked:

http://docs.aws.amazon.com/AmazonS3/latest/dev/PresignedUrlUploadObjectJavaSDK.html

@mcohen01

This comment has been minimized.

Show comment
Hide comment
@mcohen01

mcohen01 May 7, 2017

Owner

What is the error you're seeing? Do you have an actual function invocation to post? Any relevant details? As is, this bug report is not of much use.

Owner

mcohen01 commented May 7, 2017

What is the error you're seeing? Do you have an actual function invocation to post? Any relevant details? As is, this bug report is not of much use.

@pupeno

This comment has been minimized.

Show comment
Hide comment
@pupeno

pupeno May 7, 2017

The error I get when I try to use the generated URL is:

<Error>
  <Code>InvalidRequest</Code>
  <Message>The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.</Message>
  <RequestId>79..4A</RequestId>
  <HostId>rI...0=</HostId>
</Error>

pupeno commented May 7, 2017

The error I get when I try to use the generated URL is:

<Error>
  <Code>InvalidRequest</Code>
  <Message>The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.</Message>
  <RequestId>79..4A</RequestId>
  <HostId>rI...0=</HostId>
</Error>
@mcohen01

This comment has been minimized.

Show comment
Hide comment
@mcohen01

mcohen01 May 7, 2017

Owner

post your code

Owner

mcohen01 commented May 7, 2017

post your code

@pupeno

This comment has been minimized.

Show comment
Hide comment
@pupeno

pupeno May 7, 2017

(amazonica.aws.s3/generate-presigned-url "bucket-name"
                                         "key-name"
                                         (-> 24 t/hours t/from-now)
                                         "PUT")

pupeno commented May 7, 2017

(amazonica.aws.s3/generate-presigned-url "bucket-name"
                                         "key-name"
                                         (-> 24 t/hours t/from-now)
                                         "PUT")
@mcohen01

This comment has been minimized.

Show comment
Hide comment
@mcohen01

mcohen01 May 7, 2017

Owner

can't reproduce. try setting system property
System.setProperty(SDKGlobalConfiguration.ENFORCE_S3_SIGV4_SYSTEM_PROPERTY, "true")

amazonica just delegates to the Java SDK, so default signature version is V4

Owner

mcohen01 commented May 7, 2017

can't reproduce. try setting system property
System.setProperty(SDKGlobalConfiguration.ENFORCE_S3_SIGV4_SYSTEM_PROPERTY, "true")

amazonica just delegates to the Java SDK, so default signature version is V4

@pupeno

This comment has been minimized.

Show comment
Hide comment
@pupeno

pupeno May 7, 2017

pupeno commented May 7, 2017

@mcohen01

This comment has been minimized.

Show comment
Hide comment
@mcohen01

mcohen01 May 8, 2017

Owner
(import com.amazonaws.HttpMethod)
(import com.amazonaws.http.HttpMethodName)
(import com.amazonaws.services.s3.AmazonS3Client)
(import com.amazonaws.services.s3.model.GeneratePresignedUrlRequest)

(let [client (AmazonS3Client.)
      method (->> AmazonS3Client
                  .getDeclaredMethods
                  seq
                  (filter #(= (.getName %) "createRequest"))
                  first) ;; could be `last` 
      _ (.setAccessible method true)
      req (GeneratePresignedUrlRequest. "bucket" "key" HttpMethod/PUT)
      args (into-array Object ["bucket" "key" req HttpMethodName/PUT])
      r (.invoke method client args)]
  (.getSignerByURI client (.getEndpoint r)))

#object[com.amazonaws.services.s3.internal.AWSS3V4Signer 0x1fe9378b "com.amazonaws.services.s3.internal.AWSS3V4Signer@1fe9378b"]

Owner

mcohen01 commented May 8, 2017

(import com.amazonaws.HttpMethod)
(import com.amazonaws.http.HttpMethodName)
(import com.amazonaws.services.s3.AmazonS3Client)
(import com.amazonaws.services.s3.model.GeneratePresignedUrlRequest)

(let [client (AmazonS3Client.)
      method (->> AmazonS3Client
                  .getDeclaredMethods
                  seq
                  (filter #(= (.getName %) "createRequest"))
                  first) ;; could be `last` 
      _ (.setAccessible method true)
      req (GeneratePresignedUrlRequest. "bucket" "key" HttpMethod/PUT)
      args (into-array Object ["bucket" "key" req HttpMethodName/PUT])
      r (.invoke method client args)]
  (.getSignerByURI client (.getEndpoint r)))

#object[com.amazonaws.services.s3.internal.AWSS3V4Signer 0x1fe9378b "com.amazonaws.services.s3.internal.AWSS3V4Signer@1fe9378b"]

@pupeno

This comment has been minimized.

Show comment
Hide comment
@pupeno

pupeno May 11, 2017

I understand the code in the last comment but I'm not sure what you mean by it. I'm sorry.

pupeno commented May 11, 2017

I understand the code in the last comment but I'm not sure what you mean by it. I'm sorry.

@mcohen01

This comment has been minimized.

Show comment
Hide comment
@mcohen01

mcohen01 May 11, 2017

Owner

this is essentially the Java code that will be called when you call generate-presigned-url. amazonica just delegates to the Java SDK, which by default uses V4 signatures as long as the region/service supports it.

Owner

mcohen01 commented May 11, 2017

this is essentially the Java code that will be called when you call generate-presigned-url. amazonica just delegates to the Java SDK, which by default uses V4 signatures as long as the region/service supports it.

@mcohen01 mcohen01 closed this Jun 15, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment