generate-presigned-url generating old signatures

[pupeno]

I tried to use com.amazonaws.services.s3/generate-presigned-url but it was generating version 2 signatures which didn't work:

http://stackoverflow.com/questions/43823546/when-trying-to-access-an-s3-signed-url-the-authorization-mechanism-not-supporte

The code in this example with the same credentials worked:

http://docs.aws.amazon.com/AmazonS3/latest/dev/PresignedUrlUploadObjectJavaSDK.html

[mcohen01]

What is the error you're seeing? Do you have an actual function invocation to post? Any relevant details? As is, this bug report is not of much use.

[pupeno]

There's more information in here:

http://stackoverflow.com/questions/43823546/when-trying-to-access-an-s3-signed-url-the-authorization-mechanism-not-supporte

[pupeno]

The error I get when I try to use the generated URL is:

<Error>
  <Code>InvalidRequest</Code>
  <Message>The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.</Message>
  <RequestId>79..4A</RequestId>
  <HostId>rI...0=</HostId>
</Error>

[mcohen01]

post your code

[pupeno]

(amazonica.aws.s3/generate-presigned-url "bucket-name"
                                         "key-name"
                                         (-> 24 t/hours t/from-now)
                                         "PUT")

[mcohen01]

can't reproduce. try setting system property
System.setProperty(SDKGlobalConfiguration.ENFORCE_S3_SIGV4_SYSTEM_PROPERTY, "true")

amazonica just delegates to the Java SDK, so default signature version is V4

[pupeno]

I tried setting that and it made no change. The example on Amazon's web page doesn't require that and generates the V4 signature.

…

On 7 May 2017 at 18:43, Michael Cohen ***@***.***> wrote: can't reproduce. try setting system property System.setProperty(SDKGlobalConfiguration.ENFORCE_S3_SIGV4_SYSTEM_PROPERTY, "true") amazonica just delegates to the Java SDK, so default signature version is V4 — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#307 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAAg6RYCfX5fzt2NW0TH-r4MzW_BWRksks5r3gLTgaJpZM4NTCu2> .

-- J. Pablo Fernández <pupeno@pupeno.com> (http://pupeno.com)

[mcohen01]

(import com.amazonaws.HttpMethod)
(import com.amazonaws.http.HttpMethodName)
(import com.amazonaws.services.s3.AmazonS3Client)
(import com.amazonaws.services.s3.model.GeneratePresignedUrlRequest)

(let [client (AmazonS3Client.)
      method (->> AmazonS3Client
                  .getDeclaredMethods
                  seq
                  (filter #(= (.getName %) "createRequest"))
                  first) ;; could be `last` 
      _ (.setAccessible method true)
      req (GeneratePresignedUrlRequest. "bucket" "key" HttpMethod/PUT)
      args (into-array Object ["bucket" "key" req HttpMethodName/PUT])
      r (.invoke method client args)]
  (.getSignerByURI client (.getEndpoint r)))

#object[com.amazonaws.services.s3.internal.AWSS3V4Signer 0x1fe9378b "com.amazonaws.services.s3.internal.AWSS3V4Signer@1fe9378b"]

[pupeno]

I understand the code in the last comment but I'm not sure what you mean by it. I'm sorry.

[mcohen01]

this is essentially the Java code that will be called when you call generate-presigned-url. amazonica just delegates to the Java SDK, which by default uses V4 signatures as long as the region/service supports it.