plupload icon indicating copy to clipboard operation
plupload copied to clipboard

Published 20 hours ago verified publisher icon moxiecode

Please use AWS4-HMAC-SHA256.

Open indicalabs opened this issue 6 years ago • 2 comments

error message from aws: The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256.

I was able to create aws4 signature, but it looks like the plupload doesn't support it

indicalabs avatar Mar 05 '18 16:03 indicalabs

I think I have the same issue with AWS4-HMAC-SHA256. Policy signature calculated and validated according to AWS documentation, but it does not work with plUpload.

The response I see is:

The request signature we calculated does not match the signature you provided. Check your key and signing method.

pszalko avatar Apr 09 '19 16:04 pszalko

It looks like plUpload does support AWS4-HMAC-SHA256.

After some research and double check of the multipart_params I found out that if you mix:

  • signature (SHA1) with x-amz-signature (SHA256)
  • add AWSAccessKeyId

then AWS API silently switches to AWS Signature Version 2 (aka SHA1).

I suggest double checking parameters defined in your multipart_params value according to: https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-authentication-HTTPPOST.html and make sure you're not sending additional AWS params like AWSAccessKeyId or signature.

This gist helped me to find the root cause of my issue: https://gist.github.com/jaredcassidy/1fb6af1c46f7b45bfc23cee90fbe4a3a

Anyway, I think it's time to update plUpload documentation to AWS Signature Version 4, since version 2 is currently deprecated and it will stop working at June 24, 2019.

Hope this message will help someone save few hours of digging into plUpload and AWS API.

pszalko avatar Apr 09 '19 17:04 pszalko