DEVHIDE
Login Or Sign up

Fine Uploader 5.11.10 SignatureDoesNotMatch with PHP & AWS S3

274 Views Asked by At

UPDATED POST AND RETURN INFO

I'm new to FineUploader and I'm running into problems when uploading files to AWS s3. S3 responds with <Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message> I've tried many different options and parameters and have currently paired it down to a very simple configuration but still get the same response. I've followed the steps in the documentation for setting up fineuploder and the PHP signature endpoint for signing, gone through countless options/settings, looked at various posts but nothing has quite got me to a solution.

The js is simplified down to:

var s3Uploader = new qq.s3.FineUploader({
     debug: true,
     element: document.getElementById('fine_uploader'),
     request: {
         endpoint: 'https://bucketname.s3.amazonaws.com',
         accessKey: 'KEY'
     },
     cors: {
         expected: true,
         sendCredentials: true
     },
     signature: {
         endpoint: 'https://domain/s3/endpoint',
         version: 4
     },
     uploadSuccess: {
         endpoint: 'https://domain/s3/endpointsuccess'
     },
     iframeSupport: {
         localBlankPagePath: 'https://domain/s3/blank'
     },
     thumbnails: {
         placeholders: {
             notAvailablePath: "https://domain/not_available-generic.png",
             waitingPath: "https://domain/waiting-generic.png"
         }
     }
});

The endpoint-cors.php file for signing requests is identical to that found on Github FineUploader/php-s3-server/endpoint-cors.php dated Nov 5, 2015.

FineUploder submits the following to my endpoint for signing:

{"expiration":"2016-12-30T16:58:27.028Z","conditions":[{"acl":"private"},{"bucket":"bucketname"},{"Content-Type":"application/pdf"},{"success_action_status":"200"},{"x-amz-algorithm":"AWS4-HMAC-SHA256"},{"key":"2c6ed85e-1d5f-45e3-8458-e864f92a8cf3.pdf"},{"x-amz-credential":"KEY/20161230/us-east-1/s3/aws4_request"},{"x-amz-date":"20161230T165327Z"},{"x-amz-meta-qqfilename":"DefaultDocument.pdf"}]}

My signing endpoint responds with: 

    {"policy":"eyJleHBpcmF0aW9uIjoiMjAxNi0xMi0zMFQxNjo1ODoyNy4wMjhaIiwiY29uZGl0aW9ucyI6W3siYWNsIjoicHJpdmF0ZSJ9LHsiYnVja2V0IjoidXBsb2FkdG9idWlsZGVycG9wIn0seyJDb250ZW50LVR5cGUiOiJhcHBsaWNhdGlvblwvcGRmIn0seyJzdWNjZXNzX2FjdGlvbl9zdGF0dXMiOiIyMDAifSx7IngtYW16LWFsZ29yaXRobSI6IkFXUzQtSE1BQy1TSEEyNTYifSx7ImtleSI6IjJjNmVkODVlLTFkNWYtNDVlMy04NDU4LWU4NjRmOTJhOGNmMy5wZGYifSx7IngtYW16LWNyZWRlbnRpYWwiOiJBS0lBSjRaNlRWRDVVNTZOUzVRUVwvMjAxNjEyMzBcL3VzLWVhc3QtMVwvczNcL2F3czRfcmVxdWVzdCJ9LHsieC1hbXotZGF0ZSI6IjIwMTYxMjMwVDE2NTMyN1oifSx7IngtYW16LW1ldGEtcXFmaWxlbmFtZSI6IkRlZmF1bHREb2N1bWVudC5wZGYifV19","signature":"01dd1e6ab8be148c9f26b8721a267f41d0b4e1d6ac1da7ca3f5a1cc8ab9888e3"}

AWS S3 POST information for file upload:

Request URL:https://bucketname.s3.amazonaws.com/
Request Method:POST
Status Code:403 Forbidden
Remote Address:ipaddress:443
Response Headers
Access-Control-Allow-Methods:POST, PUT, DELETE
Access-Control-Allow-Origin:*
Access-Control-Expose-Headers:ETag
Access-Control-Max-Age:3000
Connection:close
Content-Type:application/xml
Date:Fri, 30 Dec 2016 16:53:29 GMT
Server:AmazonS3
Transfer-Encoding:chunked
Vary:Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-id-2:lQOge5d8wTNIwH1g3TE/IuNPXNad29p6PbC8DHPDTPZzWvS9eTK6wE5nd2K6Kt/f+FsH9B0oBRw=
x-amz-request-id:E9A9C61173E13568
Request Headers
Accept:*/*
Accept-Encoding:gzip, deflate, br
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Content-Length:659510
Content-Type:multipart/form-data; boundary=----WebKitFormBoundaryiz1gbHgrB4vnnG1m
Host:bucketname.s3.amazonaws.com
Origin:https://domain
Referer:https://domain/create/?pt=O1&pid=mFflJn
User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36
Request Payload
------WebKitFormBoundaryiz1gbHgrB4vnnG1m
Content-Disposition: form-data; name="key"

2c6ed85e-1d5f-45e3-8458-e864f92a8cf3.pdf
------WebKitFormBoundaryiz1gbHgrB4vnnG1m
Content-Disposition: form-data; name="Content-Type"

application/pdf
------WebKitFormBoundaryiz1gbHgrB4vnnG1m
Content-Disposition: form-data; name="success_action_status"

200
------WebKitFormBoundaryiz1gbHgrB4vnnG1m
Content-Disposition: form-data; name="acl"

private
------WebKitFormBoundaryiz1gbHgrB4vnnG1m
Content-Disposition: form-data; name="x-amz-meta-qqfilename"

DefaultDocument.pdf    
------WebKitFormBoundaryiz1gbHgrB4vnnG1m
Content-Disposition: form-data; name="x-amz-algorithm"

AWS4-HMAC-SHA256
------WebKitFormBoundaryiz1gbHgrB4vnnG1m
Content-Disposition: form-data; name="x-amz-credential"

AKIAJ4Z6TVD5U56NS5QQ/20161230/us-east-1/s3/aws4_request
------WebKitFormBoundaryiz1gbHgrB4vnnG1m
Content-Disposition: form-data; name="x-amz-date"

20161230T165327Z
------WebKitFormBoundaryiz1gbHgrB4vnnG1m
Content-Disposition: form-data; name="policy"

eyJleHBpcmF0aW9uIjoiMjAxNi0xMi0zMFQxNjo1ODoyNy4wMjhaIiwiY29uZGl0aW9ucyI6W3siYWNsIjoicHJpdmF0ZSJ9LHsiYnVja2V0IjoidXBsb2FkdG9idWlsZGVycG9wIn0seyJDb250ZW50LVR5cGUiOiJhcHBsaWNhdGlvblwvcGRmIn0seyJzdWNjZXNzX2FjdGlvbl9zdGF0dXMiOiIyMDAifSx7IngtYW16LWFsZ29yaXRobSI6IkFXUzQtSE1BQy1TSEEyNTYifSx7ImtleSI6IjJjNmVkODVlLTFkNWYtNDVlMy04NDU4LWU4NjRmOTJhOGNmMy5wZGYifSx7IngtYW16LWNyZWRlbnRpYWwiOiJBS0lBSjRaNlRWRDVVNTZOUzVRUVwvMjAxNjEyMzBcL3VzLWVhc3QtMVwvczNcL2F3czRfcmVxdWVzdCJ9LHsieC1hbXotZGF0ZSI6IjIwMTYxMjMwVDE2NTMyN1oifSx7IngtYW16LW1ldGEtcXFmaWxlbmFtZSI6IkRlZmF1bHREb2N1bWVudC5wZGYifV19
------WebKitFormBoundaryiz1gbHgrB4vnnG1m
Content-Disposition: form-data; name="x-amz-signature"

01dd1e6ab8be148c9f26b8721a267f41d0b4e1d6ac1da7ca3f5a1cc8ab9888e3
------WebKitFormBoundaryiz1gbHgrB4vnnG1m
Content-Disposition: form-data; name="file"; filename="DefaultDocument.pdf"
Content-Type: application/pdf


------WebKitFormBoundaryiz1gbHgrB4vnnG1m--

AWS S3 POST RESPONSE:

<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message><AWSAccessKeyId>AKIAJ4Z6TVD5U56NS5QQ</AWSAccessKeyId><StringToSign>eyJleHBpcmF0aW9uIjoiMjAxNi0xMi0zMFQxNjo1ODoyNy4wMjhaIiwiY29uZGl0aW9ucyI6W3siYWNsIjoicHJpdmF0ZSJ9LHsiYnVja2V0IjoidXBsb2FkdG9idWlsZGVycG9wIn0seyJDb250ZW50LVR5cGUiOiJhcHBsaWNhdGlvblwvcGRmIn0seyJzdWNjZXNzX2FjdGlvbl9zdGF0dXMiOiIyMDAifSx7IngtYW16LWFsZ29yaXRobSI6IkFXUzQtSE1BQy1TSEEyNTYifSx7ImtleSI6IjJjNmVkODVlLTFkNWYtNDVlMy04NDU4LWU4NjRmOTJhOGNmMy5wZGYifSx7IngtYW16LWNyZWRlbnRpYWwiOiJBS0lBSjRaNlRWRDVVNTZOUzVRUVwvMjAxNjEyMzBcL3VzLWVhc3QtMVwvczNcL2F3czRfcmVxdWVzdCJ9LHsieC1hbXotZGF0ZSI6IjIwMTYxMjMwVDE2NTMyN1oifSx7IngtYW16LW1ldGEtcXFmaWxlbmFtZSI6IkRlZmF1bHREb2N1bWVudC5wZGYifV19</StringToSign><SignatureProvided>01dd1e6ab8be148c9f26b8721a267f41d0b4e1d6ac1da7ca3f5a1cc8ab9888e3</SignatureProvided><StringToSignBytes>65 79 4a 6c 65 48 42 70 63 6d 46 30 61 57 39 75 49 6a 6f 69 4d 6a 41 78 4e 69 30 78 4d 69 30 7a 4d 46 51 78 4e 6a 6f 31 4f 44 6f 79 4e 79 34 77 4d 6a 68 61 49 69 77 69 59 32 39 75 5a 47 6c 30 61 57 39 75 63 79 49 36 57 33 73 69 59 57 4e 73 49 6a 6f 69 63 48 4a 70 64 6d 46 30 5a 53 4a 39 4c 48 73 69 59 6e 56 6a 61 32 56 30 49 6a 6f 69 64 58 42 73 62 32 46 6b 64 47 39 69 64 57 6c 73 5a 47 56 79 63 47 39 77 49 6e 30 73 65 79 4a 44 62 32 35 30 5a 57 35 30 4c 56 52 35 63 47 55 69 4f 69 4a 68 63 48 42 73 61 57 4e 68 64 47 6c 76 62 6c 77 76 63 47 52 6d 49 6e 30 73 65 79 4a 7a 64 57 4e 6a 5a 58 4e 7a 58 32 46 6a 64 47 6c 76 62 6c 39 7a 64 47 46 30 64 58 4d 69 4f 69 49 79 4d 44 41 69 66 53 78 37 49 6e 67 74 59 57 31 36 4c 57 46 73 5a 32 39 79 61 58 52 6f 62 53 49 36 49 6b 46 58 55 7a 51 74 53 45 31 42 51 79 31 54 53 45 45 79 4e 54 59 69 66 53 78 37 49 6d 74 6c 65 53 49 36 49 6a 4a 6a 4e 6d 56 6b 4f 44 56 6c 4c 54 46 6b 4e 57 59 74 4e 44 56 6c 4d 79 30 34 4e 44 55 34 4c 57 55 34 4e 6a 52 6d 4f 54 4a 68 4f 47 4e 6d 4d 79 35 77 5a 47 59 69 66 53 78 37 49 6e 67 74 59 57 31 36 4c 57 4e 79 5a 57 52 6c 62 6e 52 70 59 57 77 69 4f 69 4a 42 53 30 6c 42 53 6a 52 61 4e 6c 52 57 52 44 56 56 4e 54 5a 4f 55 7a 56 52 55 56 77 76 4d 6a 41 78 4e 6a 45 79 4d 7a 42 63 4c 33 56 7a 4c 57 56 68 63 33 51 74 4d 56 77 76 63 7a 4e 63 4c 32 46 33 63 7a 52 66 63 6d 56 78 64 57 56 7a 64 43 4a 39 4c 48 73 69 65 43 31 68 62 58 6f 74 5a 47 46 30 5a 53 49 36 49 6a 49 77 4d 54 59 78 4d 6a 4d 77 56 44 45 32 4e 54 4d 79 4e 31 6f 69 66 53 78 37 49 6e 67 74 59 57 31 36 4c 57 31 6c 64 47 45 74 63 58 46 6d 61 57 78 6c 62 6d 46 74 5a 53 49 36 49 6b 52 6c 5a 6d 46 31 62 48 52 45 62 32 4e 31 62 57 56 75 64 43 35 77 5a 47 59 69 66 56 31 39</StringToSignBytes><RequestId>E9A9C61173E13568</RequestId><HostId>lQOge5d8wTNIwH1g3TE/IuNPXNad29p6PbC8DHPDTPZzWvS9eTK6wE5nd2K6Kt/f+FsH9B0oBRw=</HostId></Error>

Comparison of the endpoint signature and the AWS S3 POST response appear the same signature and policy are being submitted.

 Response Snipets:
 endpoint response: {....,"signature":"01dd1e6ab8be148c9f26b8721a267f41d0b4e1d6ac1da7ca3f5a1cc8ab9888e3"}
 AWS S3 response:   <SignatureProvided>01dd1e6ab8be148c9f26b8721a267f41d0b4e1d6ac1da7ca3f5a1cc8ab9888e3</SignatureProvided>

endpoint policy:             eyJleHBpcmF0aW9uIjoiMjAxNi0xMi0zMFQxNjo1ODoyNy4wMjhaIiwiY29uZGl0aW9ucyI6W3siYWNsIjoicHJpdmF0ZSJ9LHsiYnVja2V0IjoidXBsb2FkdG9idWlsZGVycG9wIn0seyJDb250ZW50LVR5cGUiOiJhcHBsaWNhdGlvblwvcGRmIn0seyJzdWNjZXNzX2FjdGlvbl9zdGF0dXMiOiIyMDAifSx7IngtYW16LWFsZ29yaXRobSI6IkFXUzQtSE1BQy1TSEEyNTYifSx7ImtleSI6IjJjNmVkODVlLTFkNWYtNDVlMy04NDU4LWU4NjRmOTJhOGNmMy5wZGYifSx7IngtYW16LWNyZWRlbnRpYWwiOiJBS0lBSjRaNlRWRDVVNTZOUzVRUVwvMjAxNjEyMzBcL3VzLWVhc3QtMVwvczNcL2F3czRfcmVxdWVzdCJ9LHsieC1hbXotZGF0ZSI6IjIwMTYxMjMwVDE2NTMyN1oifSx7IngtYW16LW1ldGEtcXFmaWxlbmFtZSI6IkRlZmF1bHREb2N1bWVudC5wZGYifV19
S3 Response:   <StringToSign>eyJleHBpcmF0aW9uIjoiMjAxNi0xMi0zMFQxNjo1ODoyNy4wMjhaIiwiY29uZGl0aW9ucyI6W3siYWNsIjoicHJpdmF0ZSJ9LHsiYnVja2V0IjoidXBsb2FkdG9idWlsZGVycG9wIn0seyJDb250ZW50LVR5cGUiOiJhcHBsaWNhdGlvblwvcGRmIn0seyJzdWNjZXNzX2FjdGlvbl9zdGF0dXMiOiIyMDAifSx7IngtYW16LWFsZ29yaXRobSI6IkFXUzQtSE1BQy1TSEEyNTYifSx7ImtleSI6IjJjNmVkODVlLTFkNWYtNDVlMy04NDU4LWU4NjRmOTJhOGNmMy5wZGYifSx7IngtYW16LWNyZWRlbnRpYWwiOiJBS0lBSjRaNlRWRDVVNTZOUzVRUVwvMjAxNjEyMzBcL3VzLWVhc3QtMVwvczNcL2F3czRfcmVxdWVzdCJ9LHsieC1hbXotZGF0ZSI6IjIwMTYxMjMwVDE2NTMyN1oifSx7IngtYW16LW1ldGEtcXFmaWxlbmFtZSI6IkRlZmF1bHREb2N1bWVudC5wZGYifV19</StringToSign>

Thanks for any help you provide.

fine-uploader
Original Q&A
0

There are 0 best solutions below

Related Questions in FINE-UPLOADER

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.