Auto Updater does not work for Amazon S3 private Bucket

Question

• Version: 22.9.1

• Electron Version:
• Electron Type (current, beta, nightly): 11.1.0 (stable)

• Target: mac OS 11.1

• Electron Updater Version: 4.3.5

I set my S3 to private () and then put the following in my update script:

.......
autoUpdater.on('checking-for-update', () => {
            if (w !== undefined) {
                w.get('settings').content().send('check-for-updates-begin');
            }

            let opts = {
                service: 's3',
                region: 'eu-central-1',
                host: s3_bucket + '.s3.eu-central-1.amazonaws.com',
                path: '/latest-mac.yml' // For example....
            };
            aws4.sign(opts, {
                accessKeyId: "XXXXX",
                secretAccessKey: "XXXXXXXX"
            });

            autoUpdater.requestHeaders = opts.headers;
        });
........

Unfortunately, I then get the following error:

Error: HttpError: 403 Forbidden
"<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message>

.....

Someone a solution for me?

Answer 1

My solution:

I set the FeedUrl for autoUpdater autoUpdater.setFeedURL('https://[BUCKET].s3.[REGION].amazonaws.com');

Answer 2

If anyone else has a similar issue and setFeedUrl did not work, try this:

https://github.com/electron-userland/electron-builder/issues/2355#issuecomment-724842574

---

User @scorring posted an elegant solution with correct props

autoUpdater.on("checking-for-update", async () => {
  let opts = {
    region: "eu-west-1",
    protocol: "https:",
    hostname: "BUCKET_NAME.s3.amazonaws.com",
    path: "/PATH/TO/latest.yml",
    host: "s3-eu-west-1.amazonaws.com"
  };

  await aws4.sign(opts, {
    accessKeyId: "XXX",
    secretAccessKey: "YYY"
  });

  autoUpdater.requestHeaders = opts.headers;
});

This worked for me