我正在尝试为S3中的GET对象请求创建签名URL。我已经成功地使用这段代码将对象放入S3中,但似乎无法让它在GET请求中工作。我使用以下代码对URL进行签名:
//Create the signed url using the company id
func (user *User) signURLForUser(sess *session.Session) (*URLSign, error) {
svc := s3.New(sess)
svc.Config.Region = aws.String(os.Getenv("REGION"))
req, _ := svc.GetObjectRequest(&s3.GetObjectInput{
Bucket: aws.String("bucket"),
Key: aws.String(user.CompanyID + "/" + user.FileRequest),
})
var urlSign URLSign
//urlSign.Size = *out.ContentLength
str, err := req.Presign(time.Minute * 60 * 24 * 5) //Expire in 5 days
if err != nil {
log.Println("Error signing URL Request")
return nil, err
}
urlSign.URL = str
return &urlSign, nil
}
但是,当我尝试使用返回的URL时,出现了以下错误:
<Error>
<Code>AuthorizationQueryParametersError</Code>
<Message>X-Amz-Algorithm only supports "AWS4-HMAC-SHA256"</Message>
<RequestId>9D7CFB14B195A260</RequestId>
<HostId>
Dgh+SqrHbrdKcbkCYrAj3nObLMAwS7k5+VR1zwC/8ZMS3S4++IAAEXXh3zMZ3CpOAyxX1Kc7Opg=
</HostId>
</Error>
我已检查了IAM权限,它们已设置为GetObject。我想不出我还做错了什么。
编辑:这是一个URL示例 确保: https://rsmachiner-user-code.s3.amazonaws.com//CFDMP_ServoGear.gcode?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Credential=ASIAVEENPDKJRUDZKEVM%2F20180812%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20180812T005443Z&X-Amz-Expires=432000&X-Amz-Security-Token=FQoGZXIvYXdzEBoaDIVdv9t408gWWi9vvSLjAaa0pZNA%2BXu83%2FFSyng4XvFdv5%2B7nRB%2FQydMLyi%2BBS84yXqwP6VYn7VlInw4ip1M0lkjHRXQf8OAvQLPrIl%2FQZoTe%2Fy3N6bqhLDOnFVJ3UZzYDQ4%2FbX%2Brc6mvVbkhRsQPiarKBuLYDiOD%2FNoSaItMwI9FsMDknw1qX0Pf%2BZ5La0GmanHrTt9YUI01cIUKJ40No5mKJIwcXw3%2F5QOpUc59rZ2zEzlWP9OXeEwWKp%2Bog5P0v7ABX1lRPsCx4HGEstKhw3ZWmJfQhAcAvhrjmXIMqGNKkaCI5L0ap23jf4GvPMGd4%2BcKIKKvtsF&X-Amz-SignedHeaders=host&X-Amz-Signature=82dfb9b392b5e1ef44c7140259ad884e696b48f8094bdd2d223b8650ebdf59f7
s3.amazonaws.com/<--this-->/CFDMP_ServoGear.gcode?X-在某个时候会给你带来问题。S3对象键不应该有前导斜杠,但URL中出现的//表明你正在添加它们。这最终可能导致意外/奇怪/令人困惑的行为或兼容性问题。正确的对象键是cat.jpg或pics/cat.jpg,而不是/cat.jpg或/pics/cat.jpg...但你需要在上传和下载两端都修复这个问题。最好现在就修复它,而不是以后再修复。 - Michael - sqlbot