問題描述

我正在嘗試構建一個允許用戶從 NodeJS 支持的網站將文件直接上傳到我的 Amazon S3 存儲桶的構建.除了 實際的亞馬遜文檔 都非常過時.

I'm trying to get an built that allows users to upload a file directly to my Amazon S3 bucket, from a NodeJS powered website. It seems the only tutorials out there, other than the actual amazon docs for this are all very out of date.

我一直在關注本教程，對于基本信息，但它又過時了.它沒有正確調用 crypto 的方法，因為它試圖將原始 JavaScript 對象傳遞給 update 方法，該方法會拋出錯誤，因為它不是字符串或緩沖區.

I've been following this tutorial, for the basic info, but again it's out dated. It doesn't have the method calls to crypto correct, as it tries to pass a raw JavaScript object to the update method, which throws an error because it's not a string or buffer.

我也一直在尋找 knox npm 包的源代碼.它沒有內置 POST 支持 - 我完全理解，因為一旦它具有正確的字段，它就是瀏覽器在執行 POST.Knox 似乎確實擁有簽署政策的正確代碼，我試圖讓我的代碼基于此工作......但再次無濟于事.

I've also been looking at the source for the knox npm package. It doesn't have POST support built in - which I totally understand, because it's the browser doing the POST once it has the right fields. Knox does appear to have the right code to sign a policy, and I've tried to get my code working based on this... but again to no avail.

這是我想出的代碼.它會生成一個 base64 編碼的策略，并創建一個簽名……但是當我嘗試上傳文件時，根據亞馬遜的說法，它是錯誤的簽名.

Here is what I've come up with, for code. It produces a base64 encoded policy, and it creates a signature... but it's the wrong signature according to Amazon, when I try to do a file upload.

var crypto = require("crypto");
var config = require("../../amazonConfig.json");

exports.createS3Policy = function(callback) {
  var date = new Date();

  var s3Policy = {
    "expiration": "2014-12-01T12:00:00.000Z",
    "conditions": [
      {"acl": "public-read"}, 
      ["content-length-range", 0, 2147483648],
      {"bucket": "signalleaf"}, 
      ["starts-with", "$Cache-Control", ""],
      ["starts-with", "$Content-Type", ""],
      ["starts-with", "$Content-Disposition", ""],
      ["starts-with", "$Content-Encoding", ""],
      ["starts-with", "$Expires", ""],
      ["starts-with", "$key", "/myfolder/"], 
      {"success_action_redirect": "http://example.com/uploadsuccess"},
    ]
  };

  var stringPolicy = JSON.stringify(s3Policy).toString("utf-8");
  var buffer = Buffer(stringPolicy, "utf-8");

  var encoded = buffer.toString("base64");
  var signature = crypto.createHmac("sha1", config.secretKey)
    .update(new Buffer(stringPolicy, "utf-8")).digest("base64");


  var s3Credentials = {
    s3PolicyBase64: encoded,
    s3Signature: signature
  };

  GLOBAL.s3creds = s3Credentials;

  callback(s3Credentials);
};

我顯然做錯了什么，在這里.但我不知道是什么.誰能幫助確定我做錯了什么?我的問題在哪里?是否有人提供有關如何從 NodeJS v0.10.x 生成帶有簽名的正確 Amazon S3 策略的工作教程，用于 POST 到 s3 REST api?

I'm obviously doing something wrong, here. But I have no idea what. Can anyone help identify what I'm doing wrong? Where my problem is? Does anyone have a working tutorial for how to generate a proper Amazon S3 Policy, with signature, from NodeJS v0.10.x, for a POST to the s3 REST api?

推薦答案

好吧，我終于想通了.在玩了很長時間的隨機猜謎游戲后，我心想

Ok, I finally figured it out. After playing the random guessing game for a VERY long time, I thought to myself

也許我需要簽署 base64 編碼策略" - 我

"maybe i need to sign the base64 encoded policy" - me

和 BAM 就是這樣.

我還重新排序了條件以匹配表單的發布方式，但我不確定這會有所不同.

I also re-ordered the conditions to match how the form is posting, though I'm not sure this makes a difference.

var crypto = require("crypto");
var config = require("../../amazonConfig.json");

exports.createS3Policy = function(contentType, callback) {
  var date = new Date();

  var s3Policy = {
    "expiration": "2014-12-01T12:00:00.000Z", // hard coded for testing
    "conditions": [
      ["starts-with", "$key", "somefolder/"], 
      {"bucket": "my-bucket-name"}, 
      {"acl": "public-read"}, 
      ["starts-with", "$Content-Type", contentType],
      {"success_action_redirect": "http://example.com/uploadsuccess"},
    ]
  };

  // stringify and encode the policy
  var stringPolicy = JSON.stringify(s3Policy);
  var base64Policy = Buffer(stringPolicy, "utf-8").toString("base64");

  // sign the base64 encoded policy
  var signature = crypto.createHmac("sha1", config.secretKey)
    .update(new Buffer(base64Policy, "utf-8")).digest("base64");

  // build the results object
  var s3Credentials = {
    s3Policy: base64Policy,
    s3Signature: signature
  };

  // send it back
  callback(s3Credentials);
};

希望這能幫助遇到同樣問題的其他人.

Hopefully this will help others that run in to the same problem.

這篇關于Amazon S3 POST api，并使用 NodeJS 簽署策略的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！