javascript - Are AWS server-side TemporaryCredentials usable for client-side S3 upload? -

-

using client-side version of aws javascript sdk v2.2.29 (e.g. bower aws-sdk-js) possible (though unacceptable because exposes real aws credentials client):

var region = 'us-east-1',     accesskeyid = 'az12341234',     secretaccesskey = 'abcde1fghij2klmnopqr3tuvwx4yz';  var creds = new aws.credentials(accesskeyid, secretaccesskey);  creds.get(function() {   s3location = new aws.s3({     region: my.region,     credentials: creds   });   ready(); // presents upload form, binds events, etc.. });

the dream split process 2 parts, 1 secure server-side , following client-side.

part 1. use nodejs server-side version of aws javascript sdk (e.g. aws-sdk) this:

var creds = new aws.temporarycredentials(accesskeyid,  secretaccesskey);  creds.get(function() {   var aws = {     accesskeyid: creds.accesskeyid,     sessiontoken: creds.sessiontoken,     region: my.region,   };   // e.g. makes aws var available client   res.render('form', {     aws: aws   }); }

part 2. use client-side version of aws javascript sdk (e.g. bower aws-sdk-js) something like this:

// e.g. aws = <from-server-side> var creds = new aws.credentials(aws.accesskeyid, null, aws.sessiontoken); creds.get(function() {   s3location = new aws.s3({     credentials: creds,     region: aws.region   });   ready(); });

the code above seems work, until actual chunked upload begins, result in 403:

<code>signaturedoesnotmatch</code> <message>     request signature calculated not match      signature provided. check key , signing method. </message>

it seems s3 sdk might limited, , multipart uploads impossible if such transaction theoretically possible.

ought possible? ideas how?

for specific question, should @ roles/policies credentials, , ensure allowing multipart uploads.

another solution client request server return signed url allows client get/post file directly s3 (not using aws api using http directly.

i use fineuploader (for uploads), , have bunch of examples should give idea (even if don't want use fineuploader) how this:

http://docs.fineuploader.com/branch/master/endpoint_handlers/amazon-s3.html

heruku has example: https://devcenter.heroku.com/articles/s3-upload-node

but doing (or using cognito similar thing) should work. therefore, problem has related role/policies associated temporary credentials creating.


Comments

Post a Comment

Popular posts from this blog

c++ - llvm function pass ReplaceInstWithInst malloc -

-
#include "llvm/pass.h" #include "llvm/ir/module.h" #include "llvm/ir/function.h" #include "llvm/support/raw_ostream.h" #include "llvm/ir/legacypassmanager.h" #include "llvm/ir/instrtypes.h" #include "llvm/transforms/ipo/passmanagerbuilder.h" #include "llvm/ir/irbuilder.h" #include "llvm/transforms/utils/basicblockutils.h" using namespace llvm; namespace { struct replacepass : public functionpass { static char id; replacepass() : functionpass(id) {} virtual bool runonfunction(function &f) { allocainst* insttoreplace = ??? basicblock::iterator ii(insttoreplace); replaceinstwithinst(insttoreplace->getparent()->getinstlist(), ii, new allocainst(type::int32ty, 0, insttoreplace)); return true; } }; } char replacepass::id = 0; static void registerreplacepass(const passmanagerbuilder &, legacy::passmanagerbase &pm) { pm.add(new re
Read more

java.lang.NoClassDefFoundError When Creating New Android Project -

-
i've tried installing (and re-installing) android studio several times now, , each time, studio isn't able create new android project. when attempt initial android studio window (ie. basic 'create', 'open', 'import' etc options), i'm asked of questions in wizard, brief progress dialog, followed nothing @ all. if open incomplete project process creates choosing 'open' list, can try choosing create new android project menu. this has same issue, error message in output console time... java.lang.noclassdeffounderror: com/sun/xml/internal/bind/v2/model/annotation/annotationreader (wrong name: com/sun/xml/internal/bind/v0/model/qnnotation/annotationreader) note: when installed android studio, installed incompatible jdk (1.8, not 1.7). have had go default project settings change jdk uses 1.8. does know how can avoid this? there place should downloading jxb classes? missing in java paths? this appears have been caused cor
Read more

Decoding a Python 2 `tempfile` with python-future -

-
i'm attempting write python 2/3 compatible routine fetch csv file, decode latin_1 unicode , feed csv.dictreader in robust, scalable manner. for python 2/3 support, i'm using python-future including imporing open builtins , , importing unicode_literals consistent behaviour i'm hoping handle exceptionally large files spilling disk, using tempfile.spooledtemporaryfile i'm using io.textiowrapper handle decoding latin_1 encoding before feeding dictreader this works fine under python 3. the problem textiowrapper expects wrap stream conforms bufferediobase . unfortunately under python 2, although have imported python 3-style open , vanilla python 2 tempfile.spooledtemporaryfile still of course returns python 2 cstringio.stringo , instead of python 3 io.bytesio required textiowrapper . i can think of these possible approaches: wrap python 2 cstringio.stringo python 3-style io.bytesio . i'm not sure how approach - need write such wrapper or 1 ex
Read more