Signature error

[PerfilyevID]

Hello! Smth went wrong. Attemp to put object into storage returns 403 status code ("The request signature we calculated does not match the signature you provided" etc.). I had to roll back version to 0.1.6.

[DubZero]

Hi, is this in 1.8.1 version?

[PerfilyevID]

Yes

[DubZero]

Hm... The test for PUT going well. Can you please provide some information so that I can reproduce this error?

• Project .NET version
• Do you use PutObjectAsync as Stream or as byte[]
• What is the value of the parameter filename in PutObjectAsync And just to make sure, have you overridden these settings sections? : Protocol, Location, Endpoint

[PerfilyevID]

.NET 6.0

That's what I get in 0.1.6:

{
    "isSuccessStatusCode": true,
    "statusCode": 200,
    "error": null,
    "result": "http://storage.yandexcloud.net/storage/uploads/619f93e10917c967fa15e8af/2022/883b0104_f062_4f1f_a3a6_5d388eebd93e.zip"
}

After update:

{
    "isSuccessStatusCode": false,
    "statusCode": 403,
    "error": "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><Resource>/storage/uploads/619f93e10917c967fa15e8af/2022/883b0104_f062_4f1f_a3a6_5d388eebd93e.zip</Resource><RequestId>b8bdfd2154d98859</RequestId><CanonicalRequest>PUT\n/storage/uploads/619f93e10917c967fa15e8af/2022/883b0104_f062_4f1f_a3a6_5d388eebd93e.zip\n\nhost:storage.yandexcloud.net\nx-amz-content-sha256:2347297bf19dc54abc098a3acf0b3274b7a19d3bd3a270d7ca309f674e1ea420\nx-amz-date:20211126T163435Z\n\nhost;x-amz-content-sha256;x-amz-date\n2347297bf19dc54abc098a3acf0b3274b7a19d3bd3a270d7ca309f674e1ea420</CanonicalRequest><CanonicalRequestBytes>50 55 54 0a 2f 62 69 74 75 6d 2d 73 74 6f 72 61 67 65 2f 75 70 6c 6f 61 64 73 2f 36 31 39 66 39 33 65 31 30 39 31 37 63 39 36 37 66 61 31 35 65 38 61 66 2f 32 30 32 32 2f 38 38 33 62 30 31 30 34 5f 66 30 36 32 5f 34 66 31 66 5f 61 33 61 36 5f 35 64 33 38 38 65 65 62 64 39 33 65 2e 7a 69 70 0a 0a 68 6f 73 74 3a 73 74 6f 72 61 67 65 2e 79 61 6e 64 65 78 63 6c 6f 75 64 2e 6e 65 74 0a 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3a 32 33 34 37 32 39 37 62 66 31 39 64 63 35 34 61 62 63 30 39 38 61 33 61 63 66 30 62 33 32 37 34 62 37 61 31 39 64 33 62 64 33 61 32 37 30 64 37 63 61 33 30 39 66 36 37 34 65 31 65 61 34 32 30 0a 78 2d 61 6d 7a 2d 64 61 74 65 3a 32 30 32 31 31 31 32 36 54 31 36 33 34 33 35 5a 0a 0a 68 6f 73 74 3b 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3b 78 2d 61 6d 7a 2d 64 61 74 65 0a 32 33 34 37 32 39 37 62 66 31 39 64 63 35 34 61 62 63 30 39 38 61 33 61 63 66 30 62 33 32 37 34 62 37 61 31 39 64 33 62 64 33 61 32 37 30 64 37 63 61 33 30 39 66 36 37 34 65 31 65 61 34 32 30</CanonicalRequestBytes><SignatureProvided>20f1a5fad3620f79b1d6d892d886c42ed27128640c52950e468de14c1fe979ee</SignatureProvided><StringToSign>AWS4-HMAC-SHA256\n20211126T163435Z\n20211126/ru-central1/s3/aws4_request\n587e76651c33812b1c98e931f6dee4744f86c151fc10da18920baf9a4e80f35e</StringToSign><StringToSignBytes>41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 0a 32 30 32 31 31 31 32 36 54 31 36 33 34 33 35 5a 0a 32 30 32 31 31 31 32 36 2f 72 75 2d 63 65 6e 74 72 61 6c 31 2f 73 33 2f 61 77 73 34 5f 72 65 71 75 65 73 74 0a 35 38 37 65 37 36 36 35 31 63 33 33 38 31 32 62 31 63 39 38 65 39 33 31 66 36 64 65 65 34 37 34 34 66 38 36 63 31 35 31 66 63 31 30 64 61 31 38 39 32 30 62 61 66 39 61 34 65 38 30 66 33 35 65</StringToSignBytes></Error>",
    "result": null
}

Config always the same:

"YandexObjectStorage": { "Bucket": "storage", "AccessKey": "access", "SecretKey": "secret", "Protocol": "http", "Location": "ru-central1", "Endpoint": "storage.yandexcloud.net" }

Program.cs

using AspNetCore.Yandex.ObjectStorage;
using AspNetCore.Yandex.ObjectStorage.Extensions;

IConfiguration configuration = new ConfigurationBuilder()
                            .AddJsonFile("appsettings.json")
                            .Build();

var builder = WebApplication.CreateBuilder(args);
...
builder.Services.AddYandexObjectStorage(configuration);
builder.Services.AddControllers();
var app = builder.Build();
app.MapControllers();
app.Run();

Controller.cs

    public class ExampleController : Controller
    {
        private readonly YandexStorageService YandexObjectStorage;
        public PluginsController(IOptions<YandexStorageOptions> yandexOptions)
        {
            YandexObjectStorage = yandexOptions.Value.CreateYandexObjectService();
        }

        [HttpPost]
        [RequestSizeLimit(20971520)]
        [Route("plugin/{d}/{version}")]
        public async Task<IActionResult> PutMethod(string id, string version, [FromForm] IFormFile file)
        {
            try
            {
                ObjectId pluginId = new ObjectId(id);
                Plugin? plugin = await PluginRepository.Get(pluginId);
                string format = file.FileName.Split('.').Last().ToLower();
                plugin.LastChange = DateTime.UtcNow;
                await PluginRepository.Update(plugin);
                var result = await YandexObjectStorage.PutObjectAsync(file.OpenReadStream(), $"uploads/{id}/{version}/{plugin.RevitVersions[version]}.zip");
                return new JsonResult(result) { StatusCode=(int)result.StatusCode };
            }
            catch () { }
        }
    }

[DubZero]

I have a little suspicion of what the problem is In version 1.8.1 I repair options.Location. Until this version, the location variable wasn't assigned a value from settings. Location by default has value - us-east-1, so in version 1.6 this was 'us-east-1' despite the settings. But I checked: tests with "ru-centra1" is passed. Can you try 'us-east-1' (but I'm not sure if it might have an effect because ru-central1 worked too in tests)

[PerfilyevID]

Thx a lot! Now it works)

[DubZero]

Found that the location passed to the URL, but not passed to the signature calculator...

[DubZero]

I create PR for fix this

[DubZero]

@PerfilyevID in 1.8.4 should work with ru-central1 too