search

liddiard / google-sheet-s3

Google Apps Script that publishes a Google Sheet to Amazon S3 as a JSON file. Auto-updates on edit & maintains data types. Creates an array of objects keyed by column header.
https://docs.google.com/spreadsheets/d/19loh8WQudFyClZORX_nNzDvI4iVewVy9v70zdog83Uc/edit?usp=sharing
MIT License
131 stars 35 forks source link

Authorization mechanism not supported - "Please use AWS4-HMAC-SHA256" #3

Open jpiccirillo opened 7 years ago

jpiccirillo commented 7 years ago

Hi there,

I've gotten to the step where I enter the Bucket name, path (blank), AWS access key ID, and AWS secret key into the dialog box on the google sheet. However, when I click save, the page hangs with the button showing "Saving", and nothing occurs.

In the Chrome developer tools, I see the following error logged: 

665147591-mae_html_user_bin_i18n_mae_html_user.js:42 

Uncaught Error: AWS Error - InvalidRequest: The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.
 at S3Request:184 (S3:4) 38692e5d-4673-4c76-8733-0d4f8f1a0aa0
 at S3:146 (S3:4) a1279393-c26a-481c-9557-516ab8f2ac22
 at publish (Code:71) (Publish sheet to S3:20) 744867ab-df1e-44d5-aa49-4744c8b83522
 at updateConfig (Code:100) (Publish sheet to S3:20) 744867ab-df1e-44d5-aa49-4744c8b83522

I think I've followed your instructions correctly and set up everything I need to on the S3 side. Any idea on how to get around this error?

Thanks! Jeffrey

socialwithin-eng commented 5 years ago

Hey @jpiccirillo, I am running into the same issue. Did you ever end up figuring out what was the problem?

liddiard commented 5 years ago

Sorry for the late reply on this! It looks like the authorization mechanism used by the S3 Google Apps Script that my script is using is no longer supported.

The author of the S3 upload script says someone tried to fix it with this PR, though one of the commenters on that PR said it's still not working, so it's unclear if the fix works 😕

I'm no longer actively developing/using this project, but if someone wants to test if that fork works, I'm happy to update the installation instructions to use it instead.

Tetsunori-Mitarai commented 5 years ago

hi, @jpiccirillo @liddiard @socialwithin-eng :)

I'm using same script and, tried fixing and testing issues in my repository. (at least, made working. but still under testing.) https://github.com/Tetsunori-Mitarai/S3-for-Google-Apps-Script/tree/fixAuthV4

if you using patch-1 then, you can use same instructions.

and, some S3Test.gs legacy codes have problems, yet. ex: when delete no exists bucket, gonna get auth failed.(not get delete fail)

TranBaVinhSon commented 5 years ago

@Tetsunori-Mitarai I tried both your lib and patch-1 but still got same error: 

AWS Error - InvalidRequest: The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.
liddiard commented 5 years ago

What AWS regions are you all using? I haven't had a chance to test @Tetsunori-Mitarai 's changes myself (thanks for the work btw!), but I did some brief googling and found this issue which led me to this page of the AWS docs. The docs say that specific regions only support the newer v4 auth mechanism, while other regions still support v2.

I just tried the existing script again on a bucket I have in the US West (Oregon) region and it's still working fine. I realize this might not be a long-term solution if AWS is planning on migrating all regions to the newer signing process, but for now it's still working for me in a region that's not in that list.

liddiard commented 5 years ago

If anyone's willing to develop it, and alternate solution might be to use Google Cloud Storage (Google's equivalent to S3) to host the JSON files instead of AWS. I found a blog with a sample script and a sample application to do that.

liddiard commented 5 years ago

Actually after looking at the AWS docs linked above again, I see S3 isn't in the list of "AWS services that support Signature Version 2", so changing regions might not fix it after all.. Definitely seems like upgrading to signature version 4 would be best 😕

dariusbhx commented 4 years ago

I just ran into this issue when using django i found this thread on stack-overflow: https://stackoverflow.com/questions/26533245/the-authorization-mechanism-you-have-provided-is-not-supported-please-use-aws4

In my case I was using django and added the following line in settings.py file and the error was solved: AWS_S3_REGION_NAME = "eu-west-2" Just replace eu-west-2 with your region. Hope this helps!

gloomylumi commented 2 years ago

I ended up having to scrap the S3 binding originally used with this add-on. I was adapting the add-on for use Google Forms, rather than Sheets anyway. I used this repo instead and replaced the code under the 'upload to s3' comment on line 63 with a call to wrapper function that looked like this:

function s3PutObject(objectName, object) {
  const props = PropertiesService.getDocumentProperties().getProperties()

  const contentBlob = Utilities.newBlob(JSON.stringify(object), "application/json")
  contentBlob.setName(objectName)

  const service = 's3'
  const region = 'us-east-2'
  const action = 'PutObject'
  const params = {}
  const method = 'PUT'
  const payload = contentBlob.getDataAsString()
  const headers = {}
  const uri = '/' + objectName
  const options = {
    Bucket: props.bucketName
  }

  AWS.init(props.awsAccessKeyId, props.awsSecretKey)
  const response = AWS.request(service, region, action, params, method, payload, headers, uri, options)
  return response
}

In the context of this repo, the function call would look like: 

s3PutObject([props.path, sheet.getId()].join('/'), cells)

Hope this helps someone else!