aws
aws copied to clipboard
async-aws
wasabisys throws a 403 with latest [workaround included]
Summary:
For wasabisys - Apparently there are breaking changes as far back as 1.1.0 .. so only 1.0.0 works. I'm still digging into this issue, maybe someone has further light and knowledge to assist on helping this over the line?
Problem:
`PHP Fatal error: Uncaught AsyncAws\Core\Exception\Http\ClientException: HTTP 403 returned for "https://s3.us-west-1.wasabisys.com/ ... `
Code: InvalidAccessKeyId
Message: The AWS Access Key Id you provided does not exist in our records.
Type:
Detail:
in /var/www/html/default/swimwms/vendor/async-aws/core/src/Response.php:406
Stack trace:
#0 /var/www/html/default/swimwms/vendor/async-aws/core/src/Response.php(423): AsyncAws\Core\Response::AsyncAws\Core\{closure}()
#1 /var/www/html/default/swimwms/vendor/async-aws/core/src/Response.php(160): AsyncAws\Core\Response->getResolveStatus()
#2 /var/www/html/default/swimwms/vendor/async-aws/core/src/Response.php(105): AsyncAws\Core\Response->resolve()
#3 [internal function]: AsyncAws\Core\Response->__destruct()
#4 {main}
thrown in /var/www/html/default/swimwms/vendor/async-aws/core/src/Response.php on line 406
Resolution:
So those of you who experience technical difficulties uploading to wasabi here is a non-ideal workaround:
composer --ignore-platform-reqs require async-aws/s3 -v 1.0.0
- So far this appears okay with PHP 8.1
Side note: I'd be willing to provide a key and ARN to a wasabi s3 bucket for testing if necessary.
Looking at the diffs between 1.1.0 (fcf78eb936632d66215c6b8019c6c71ee224454a) and 1.0.0 (5f49759b8bf284027981b9a3a03564b51deaaf42)
- It does appear that the addition of the chunked stream is new. I'm curious if this is an incompatibility on the wasabi side?
I did find this from a java client: https://wasabi-support.zendesk.com/hc/en-us/articles/360003523031-How-do-I-use-AWS-Signature-Version-4-with-Wasabi-
I found this on their API website: https://wasabi.com/wp-content/themes/wasabi/docs/API_Guide/index.html#t=topics%2FOperations_on_Objects_Not_Supported_in_Wasabi.htm
could you give a try and disable this option https://async-aws.com/clients/s3.html#chunked-body ?
Hmm.. that doesn't seem to do it either .. I did also find this sad-fact with wasabi: https://wasabi.com/wp-content/themes/wasabi/docs/API_Guide/index.html#t=topics%2FAuthenticating_Requests.htm
Apparently if it's a AWS4 version signature, it ALWAYS has to go to us-east-1?
[EDIT]
I updated my ARN / endpoints / etc to us-east-1 and it still fails.
a blank s3bucket.ini (parsed from script) fill in your details - if you need a wasabi ARN / key secret for testing I can give you one offline.
accessKey=
secretKey=
endpoint='https://s3.us-west-1.wasabisys.com'
roleArn=''
region='us-west-1'
Here is my script I am using (commandline)
#!/usr/bin/php -q
<?php
require('../vendor/autoload.php');
//use AsyncAws\Core\Configuration;
use AsyncAws\S3\S3Client;
if (!empty($argv[1]) && !empty($argv[2])) {
$file = $argv[1];
$uri = $argv[2];
// get my bucket and folder from argv[2]
list($bucket, $folder) = explode('/',$uri,2);
if (file_exists($file)) {
// ini file with my s3 bucket data in it
$data = parse_ini_file('../s3bucket.ini');
$config = [
'region' => $data['region'],
'endpoint' => $data['endpoint'],
'roleArn' => $data['roleArn'],
'accessKeyId' => $data['accessKey'],
'accessKeySecret' => $data['secretKey'],
'pathStyleEndpoint' => true,
'sendChunkedBody' => false,
];
$s3 = new S3Client($config);
try {
$file_name = basename($file);
print "- Attempting to upload: {$file} as {$data['endpoint']}/{$bucket}/{$folder}/{$file_name}\n";
$info = $s3->PutObject( ['Bucket'=>$bucket,'Key'=>$folder.'/'.$file_name,'Body'=>\fopen($file,'r') ]);
}
catch (Exception $e) {
print_r($e->getMessage());
}
print "URL: {$data['endpoint']}/{$bucket}/{$folder}/$file_name\n";
}
else {
print "File does not exist: {$file}\n";
die();
}
}
else {
print "Usage: {$argv[0]} LocalFileName bucketUri\n";
die("Please specify a filename and bucket to upload to.\n");
};