javascript - Are AWS server-side TemporaryCredentials usable for client-side S3 upload? -

-

using client-side version of aws javascript sdk v2.2.29 (e.g. bower aws-sdk-js) possible (though unacceptable because exposes real aws credentials client):

var region = 'us-east-1',     accesskeyid = 'az12341234',     secretaccesskey = 'abcde1fghij2klmnopqr3tuvwx4yz';  var creds = new aws.credentials(accesskeyid, secretaccesskey);  creds.get(function() {   s3location = new aws.s3({     region: my.region,     credentials: creds   });   ready(); // presents upload form, binds events, etc.. });

the dream split process 2 parts, 1 secure server-side , following client-side.

part 1. use nodejs server-side version of aws javascript sdk (e.g. aws-sdk) this:

var creds = new aws.temporarycredentials(accesskeyid,  secretaccesskey);  creds.get(function() {   var aws = {     accesskeyid: creds.accesskeyid,     sessiontoken: creds.sessiontoken,     region: my.region,   };   // e.g. makes aws var available client   res.render('form', {     aws: aws   }); }

part 2. use client-side version of aws javascript sdk (e.g. bower aws-sdk-js) something like this:

// e.g. aws = <from-server-side> var creds = new aws.credentials(aws.accesskeyid, null, aws.sessiontoken); creds.get(function() {   s3location = new aws.s3({     credentials: creds,     region: aws.region   });   ready(); });

the code above seems work, until actual chunked upload begins, result in 403:

<code>signaturedoesnotmatch</code> <message>     request signature calculated not match      signature provided. check key , signing method. </message>

it seems s3 sdk might limited, , multipart uploads impossible if such transaction theoretically possible.

ought possible? ideas how?

for specific question, should @ roles/policies credentials, , ensure allowing multipart uploads.

another solution client request server return signed url allows client get/post file directly s3 (not using aws api using http directly.

i use fineuploader (for uploads), , have bunch of examples should give idea (even if don't want use fineuploader) how this:

http://docs.fineuploader.com/branch/master/endpoint_handlers/amazon-s3.html

heruku has example: https://devcenter.heroku.com/articles/s3-upload-node

but doing (or using cognito similar thing) should work. therefore, problem has related role/policies associated temporary credentials creating.


Comments

Post a Comment

Popular posts from this blog

c - How to retrieve a variable from the Apache configuration inside the module? -

-
i'm building custom apache module. how retrieve variable apache configuration inside module? see variable "some_var_config_from_apache_or_htaacess" inside apache module: /* source: http://people.apache.org/~humbedooh/mods/examples/mod_example_1.c */ /* include required headers httpd */ #include "httpd.h" #include "http_core.h" #include "http_protocol.h" #include "http_request.h" static void register_hooks(apr_pool_t *pool); static int example_handler(request_rec *r); /* define our module entity , assign function registering hooks */ module ap_module_declare_data example_module = { standard20_module_stuff, null, // per-directory configuration handler null, // merge handler per-directory configurations null, // per-server configuration handler null, // merge handler per-server configurations null, // directives may have httpd register_hoo
Read more

c# - Constructor arguments cannot be passed for interface mocks -

-
when debug code , read line mocklessonplannerafactory creation error: constructor arguments cannot passed interface mocks. var mockschoolclasscodeservice = new mock<ischoolclasscodeservice>(); var mockdateservice = new mock<idateservice>(); var mocklessonplannerafactory = new mock<ilessonplannerafactory>(mockdateservice.object); var mocklessonplannerbfactory = new mock<ilessonplannerbfactory>(mockdateservice.object); var service = new timetableservice(mockunitofwork.object, mocklessonplannerafactory.object, mocklessonplannerbfactory.object, mockschoolclasscodeservice.object); my timetableservice accepts instances of interface type only. mocklessonplannerafactory , bfactory... want in constructor idateservice passed. what wrong code? the clue in error message "constructor arguments cannot passed interface mocks." the mock created interface have default constructor because interfaces don't have constructor. remember mockin
Read more

python - malformed header from script index.py Bad header -

-
i want run python code in apache2(ubuntu 14.04) server. have followed these steps , getting error: step 1: configuration 1: have created directory , file under /var/www/cgi-bin configuration 2 : have edited /etc/apache2/sites-available/000-default.conf alias /cgi-bin /var/www/cgi-bin <directory "/var/www/cgi-bin"> options indexes followsymlinks execcgi addhandler cgi-script .cgi .py allow </directory> <directory /var/www/cgi-bin> options </directory> step 2: and python script is: index.py #!/usr/bin/env python import cgi; import cgitb;cgitb.enable() print "content-type: text/plain\n" print "<b>hello python</b>" step 3: when ran through chrome browser using: url : http://localhost/cgi-bin/index.py step 4: i getting error in error-log malformed header script 'index.py': bad header: hello python you should end header \r\n, must print out yet \r\n signal body coming. (i
Read more