search

FineUploader / php-laravel-s3-server

Laravel-based server-side example for handling S3-related requests (such as GET signature) from Fine Uploader http://fineuploader.com
MIT License
6 stars 3 forks source link

Chunking enabled throw me SignatureDoesNotMatch? #4

Open despotbg opened 7 years ago

despotbg commented 7 years ago

Everything works fine until I turn on chunking. But when chunking is turned on, I get signature matching problem This is how my CORS configuration looks like on S3 `<?xml version="1.0" encoding="UTF-8"?>

* GET POST PUT DELETE 3000 ETag * ` And this is how I initialize fine uplaoder ``` request: { endpoint: '{!! $upload->getS3BucketUrl() !!}', accessKey: '{!! $upload->getAccessKey() !!}', }, signature: { endpoint: '/uploader', version: 4 }, objectProperties: { region: 'us-east-2', key: function (fileId) { return '{!! $user->getId() !!}/' + $("#fineUploader").fineUploader("getName",fileId); } }, chunking: { enabled: true } ``` Still I get response ```SignatureDoesNotMatchThe request signature we calculated does not match the signature you provided. Check your key and signing method.```
despotbg commented 7 years ago

I found mistake. I investigated S3 response. And there they return this 

<CanonicalRequest>
POST
//8a855b73-0b37-413a-aa3c-c74b48e32fb4/fronalpstockbig.jpg
uploads=
host:xyz.s3-us-east-2.amazonaws.com
x-amz-acl:private
x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b854
x-amz-date:20170823T195258Z
x-amz-meta-qqfilename:fronalpstockbig.jpg

host;x-amz-acl;x-amz-content-sha256;x-amz-date;x-amz-meta-qqfilename
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b854</CanonicalRequest>

while in function signV4RestRequest inside $matches[3] I have 

POST
/8a855b73-0b37-413a-aa3c-c74b48e32fb4/fronalpstockbig.jpg
uploads=
host:xyz.s3-us-east-2.amazonaws.com/
x-amz-acl:private
x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b854
x-amz-date:20170823T195258Z
x-amz-meta-qqfilename:fronalpstockbig.jpg

host;x-amz-acl;x-amz-content-sha256;x-amz-date;x-amz-meta-qqfilename
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b854

Note that $matches[3] have just one "/" after POST, and have "/" after amazonaws.com I solve this by adding next three lines 

preg_match($pattern, $rawStringToSign, $matches);
$matches[3] = str_replace('amazonaws.com/', 'amazonaws.com', $matches[3]); // THIS LINE ADDED
$matches[3] = str_replace("POST\n/", "POST\n//", $matches[3]); // THIS LINE ADDED
$matches[3] = str_replace("PUT\n/", "PUT\n//", $matches[3]); // THIS LINE ADDED
$hashedCanonicalRequest = hash('sha256', $matches[3]);