Ray Nicholus
Ray Nicholus
@Jud Not being familiar with this workflow, it sounds like this could be solved simply by allowing the server to return this token as part of its response to Fine...
I think this will be quite complicated to deal with server-side, as your server code will then need to reconstruct the policy document (for older browsers) or the headers string...
...and the complexity of dealing with this server-side once v4 signatures are supported by Fine Uploader is much greater.
> Since the secret key and access key should change in tandem would it make sense to have the signature endpoint return the accessKey? Yes, I think that is feasible....
I don't know if this will be completed as part of 5.7.0, but I will certainly begin researching and planning changes to the library to address the workflows described here....
Just to confirm - the workaround detailed by @eugenebond in the case description does not work for you, @trauts2? There's an open pull request - #1549 - that aimed to...
I'd very much like to have proper STS support in Fine Uploader, or support for temporary credentials with a server-side signing workflow. Unfortunately, I'm pulled in many different directions these...
> it would be great to get the plumbing working with temporary credentials since this is arguably weakening the security to put static credentials on boxes Completely agree. Unfortunately, there...
Thanks for the kind words @trauts2. It's always good to hear that my work on this project has been helpful to users. My employer will likely need support for temporary...
@mgoodness I'm guessing/hoping your knowledge of STS/AWS temp credentials is greater than mine. Perhaps we could coordinate on implementation of this feature, since @Widen will likely need this support for...