AmazonS3RequestManager icon indicating copy to clipboard operation
AmazonS3RequestManager copied to clipboard

Published 20 hours ago verified publisher icon AnthonyMDev

Doesn't work in new regions that require AWS4-HMAC-SHA256

Open tbleckert opened this issue 8 years ago • 12 comments

I have my bucket in Frankfurt (EUCentral1) and I receive this error:

FAILURE: Error Domain=com.AmazonS3RequestManager.error Code=-9999 "The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256." UserInfo={NSLocalizedFailureReason=The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.}

Is there anything I can do to fix this? Moving the bucket is not an option.

Thanks!

tbleckert avatar Mar 01 '16 23:03 tbleckert

@tbleckert We have to implement V4 signatures. For this to work the Authentication header must be adjusted. If you want to give it a shot AmazonS3SignatureHelpers.m would be the starting point. I think it's not too hard to do. Have a look at the implementation of the official iOS SDK: https://github.com/aws/aws-sdk-ios/blob/master/AWSCore/Authentication/AWSSignature.m

sebromero avatar Mar 02 '16 10:03 sebromero

Thanks for making me aware of this. I'll try looking into this sometime soon, but I'm probably not going to have time this week. If anyone wants to take a crack at it, I'd be happy to take a PR.

AnthonyMDev avatar Mar 02 '16 18:03 AnthonyMDev

I've started work on this, but it's quite a big project. This could take a while.

You can check out the AWS_signature_V4 branch if you want to contribute.

AWS documentation for the signature calculations are here: http://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html

AnthonyMDev avatar Mar 03 '16 00:03 AnthonyMDev

@AnthonyMDev Cool, thx. I'll have a look at it.

sebromero avatar Mar 03 '16 09:03 sebromero

@tbleckert Just an update for you. I have been working on this. I'm almost done getting the V4 Signature set up. I'll integrate it as soon as I have some more free time and we will be good to go!

AnthonyMDev avatar Mar 08 '16 19:03 AnthonyMDev

@AnthonyMDev Cool stuff! Thx mate.

sebromero avatar Mar 08 '16 19:03 sebromero

@AnthonyMDev Great work! Thanks!

tbleckert avatar Mar 09 '16 07:03 tbleckert

@tbleckert Okay, I've got a working beta of the V4 signature up and running. Can you try using the /feature/AWS_signature_v4 branch and see if that works for you please?

I'm fairly certain that this should work for GET requests just fine now. There is some wording in the AWS documentation that makes me think that we may have to sign the requests a completely different way for POST requests.

Can you please confirm that BOTH GET and POST requests work for you? If so, I'll release a new version with this included. Otherwise, I'll need some time to get the POST encoding done.

AnthonyMDev avatar Mar 09 '16 23:03 AnthonyMDev

Really stoked about this. I've been getting those 9999 codes as well.

WadeSellers avatar Mar 17 '16 20:03 WadeSellers

@WadeSellers Glad to hear that other people want this as well. I haven't had time to do ample testing of this to feel comfortable pushing it to master yet. As I said above, I'm not sure if POST requests are going to work yet specifically. If you are looking for this to be pushed to a new version and have some time, I'd really appreciate getting some outside sources to test and confirm that everything is working.

Thanks

AnthonyMDev avatar Mar 17 '16 20:03 AnthonyMDev

looks like the v4 signing dosent work for me when i try to upload an object.. any way to find out why?

arielzadi avatar Jun 11 '16 11:06 arielzadi

The POST requests may take a separate signature type. I'm not sure when I'll have time to look into this, but it's on my list. If someone else wants to make a PR before me, feel free.

AnthonyMDev avatar Jun 15 '16 17:06 AnthonyMDev