签署POST上传到AWS的S3进去

签署POST上传到AWS的S3进去

本文介绍了如何做一个pre-签署POST上传到AWS的S3进去?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我希望做一个 pre -signed POST将文件上传到AWS的S3存储 - ?怎么会在围棋这​​样做

I would like to do a pre-signed POST to upload files to an AWS S3 bucket - how would this be done in Go?

请注意,这是不一样的pre-签署上传用PUT。

Please note that this is not the same as Pre-signed upload with PUT.

推荐答案

因此​​,为了帮助别人,我会回答这个问题我自己,并提供一些code,帮助别人谁可能有同样的问题。

So in order to help others I will answer the question myself and provide some code to help others who might have the same problem.

例如Web应用程序的谷歌应用程序引擎渲染出pre-签署POST表单可以发现的。

Example web app for Google App Engine rendering a pre-signed POST form can be found here.

我创建做了pre-签署POST一个小型图书馆去

总之,做了presigned张贴到公众阅读的亚马逊S3存储你需要:

In short, doing a presigned POST to a public-read Amazon S3 bucket you need to:

1。配置S3存储为仅允许公开下载。

为例斗策略,只允许公共读。

Example bucket policy that allow only public read.

{
    "Version": "2012-10-17",
    "Id": "akjsdhakshfjlashdf",
    "Statement": [
        {
            "Sid": "kjahsdkajhsdkjasda",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::BUCKETNAMEHERE/*"
        }
    ]
}

2。创建的HTTP POST,允许上传的政策。

AWS S3文档

使用过期例POST策略模板上传特定键,进入特定的水桶,并允许公共读访问。

Example POST policy template with expiration to upload a specific key, into a specific bucket and allow public-read access.

{ "expiration": "%s",
    "conditions": [
        {"bucket": "%s"},
        ["starts-with", "$key", "%s"],
        {"acl": "public-read"},

        {"x-amz-credential": "%s"},
        {"x-amz-algorithm": "AWS4-HMAC-SHA256"},
        {"x-amz-date": "%s" }
    ]
}

3。生成和使用S3存储所有者的凭据签政策。

AWS文档

  • 填写到期,斗,钥匙,证件和日期的正确值。
  • 的base64 EN $ C C的政策$。
  • HMAC-SHA256政策得到一个签名。
  • 六角连接code中的签名。

4。构建和POST多部分表单数据

AWS S3文档

现在要么你会生成一个HTML表单,并自动获得像在上面的链接描述正确的多部分表单数据的请求。

Now either you would generate an HTML form and automatically get the correct multipart form data request like described in the above link.

我想用手去做到这一点所以这里是如何做到这一点。

I wanted to do this by hand in Go so here's how to do that.

您需要提供所有在您在步骤2中创建的POST政策规定和3.你也可以不必在除了强制性的人(而不是在策略)。此请求的其他领域的部分无论哪种方式

Either way you need to provide all the parts that are specified in the POST policy you created in steps 2 and 3. You can also not have additional fields in the request except for the mandatory ones (not in the policy).

字段的次序也指定,并且所有的人都在HTTP POST请求的multipart字段

The order of the fields is also specified and all of them are multipart fields in the HTTP POST request.

func Upload(url string, fields Fields) error {
    var b bytes.Buffer
    w := multipart.NewWriter(&b)
    for _, f := range fields {
            fw, err := w.CreateFormField(f.Key)
            if err != nil {
                    return err
            }
            if _, err := fw.Write([]byte(f.Value)); err != nil {
                    return err
            }
    }
    w.Close()

    req, err := http.NewRequest("POST", url, &b)
    if err != nil {
            return err
    }
    req.Header.Set("Content-Type", w.FormDataContentType())

    client := &http.Client{}
    res, err := client.Do(req)
    if err != nil {
            return err
    }
    if res.StatusCode != http.StatusOK {
            err = fmt.Errorf("bad status: %s", res.Status)
    }
    return nil
}

这篇关于如何做一个pre-签署POST上传到AWS的S3进去?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-05 05:34