我正在尝试使用S3预先签名的PUT URL执行文档上传 . 我使用java AWS SDK( GeneratePresignedUrlRequest.java )生成了url . 此url生成代码位于AWS API网关后面的lambda函数中 .
但是,当我在Postman中复制生成的URL并尝试执行上载时,我收到以下错误 .
<Error>
<Code>AccessDenied</Code>
<Message>
There were headers present in the request which were not signed
</Message>
<HeadersNotSigned>host</HeadersNotSigned>
<RequestId>6E624EC66091A099</RequestId>
<HostId>
9HnUUZpa9zUWfyzuNrZtRkoN2CYxH8V6rqx5QgsMFC6foTZKuG5qmZL5ThnUXooYPk2reFzKKUg=
</HostId>
</Error>
生成的网址是“https:// < bucket > .s3.amazonaws.com / < key >?X-Amz-Security-Token = < value >&X-Amz-Algorithm = AWS4-HMAC-SHA256&X-Amz-Date = 20180718T013339Z&X-Amz-SignedHeaders = content-type%253Bhost&X-Amz-Expires = 1799&X-Amz-Credential = < value >&X-Amz-Signature = < value >
有关在生成网址时需要纠正的内容的任何建议吗?
1 回答
该错误确实与'missing header'有关,但在 X-Amz-SignedHeaders = content-type%253Bhost中没有' host ' which was misleading. The value ' content-type ' that comes before ' host',当http客户端使用预先签名的url上传文件时,需要显式提供为请求标头到S3 .
我在java中生成了预先签名的url
GeneratePresignedUrlRequest generatePresignedUrlRequest = new GeneratePresignedUrlRequest(bucketName,objectKey).withMethod(HttpMethod.PUT).withContentType("application/pdf").withExpiration(expiration);所以S3期望 content-type 的值 'application/pdf' 是预先签名的url请求的一部分,作为我理解的签名匹配的 Headers .