amazon-s3-php-class icon indicating copy to clipboard operation
amazon-s3-php-class copied to clipboard

Published 20 hours ago verified publisher icon tpyo

[InvalidRequest] The authorization mechanism you have provided is not supported. Please use AWS4-HMAC-SHA256

Open damient opened this issue 11 years ago • 16 comments

Hi,

I use the new location "Franckfurt" for my bucket and Amazon use the new signature version 4 only.

Can you adapt your code for this version ?

Thx.

damient avatar Nov 16 '14 16:11 damient

vote++. This would be very useful.

stuartford avatar Nov 19 '14 11:11 stuartford

vote++ Does anybody have a work around for now?

fb3rasp avatar Dec 16 '14 10:12 fb3rasp

vote++

MaiKaY avatar Dec 17 '14 07:12 MaiKaY

Someone would need to implement the new hashing algorithm described at http://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html / http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html - Currently I didn't manage to do so…

Luzifer avatar Dec 22 '14 17:12 Luzifer

Example implementation: https://github.com/chrismeller/awstools/blob/master/aws/signature/v4.php

DavidAnderson684 avatar Jan 31 '15 17:01 DavidAnderson684

AWS4-HMAC-SHA256 - described here http://docs.aws.amazon.com/general/latest/gr/sigv4-create-string-to-sign.html

from http://blog.paddez.com/?p=2781

boussou avatar Feb 20 '15 22:02 boussou

I actually started work on this, and got the signature in the header working. Then I spotted the requirement that if you use this signature, then there's also a requirement to sign the payload with a new hash too - and doing this for multipart uploads had another complicating factor as well.

At that point, I decided to instead switch to the official AWS PHP SDK as a better long-term option. I created a compatibility layer that was sufficient for the use-case of my code, but won't handle a lot of other scenarios - but it may be useful for others to consult if they decide to port over to the AWS SDK; it's here: http://plugins.svn.wordpress.org/updraftplus/trunk/includes/S3compat.php

DavidAnderson684 avatar Feb 20 '15 23:02 DavidAnderson684

I found that when you create a bucket from this package, it work perfectly. it end up in the region "US Standard" and then in this region AWS4-HMAC-SHA256 is pefectly accepted then a file uploads actually work.

When I use a bucket name created in the regions "Frankfurt" I got an error

boussou avatar Feb 21 '15 12:02 boussou

@bouusoou: Which package are you referring to as "this package" ? tpyo's class, or mine?

DavidAnderson684 avatar Feb 21 '15 12:02 DavidAnderson684

tpyo's class.

I am a bit confused with yours and did not use it in the end, because tpyo's was. (when region is "US Standard")

I think call should look like this:

$compat=new UpdraftPlus_S3_Compat; $compat->setAuth($awsAccessKey, $awsSecretKey); $compat-> setRegion($region); $compat->putObjectFile($file, $bucket, $uri, $acl = self::ACL_PRIVATE)

boussou avatar Feb 21 '15 17:02 boussou

+1 on this

robertotremonti avatar Jun 18 '15 14:06 robertotremonti

Also run into this today. Using the official SDK kit is no option for me as it imho requires PHP 5.5 and my code has to run on PHP 5.3.10+. As a workaround I just don't use the newer servers like Frankfurt, but it would be helpful if that is supported.

Bakual avatar Jun 23 '15 09:06 Bakual

"it imho requires PHP 5.5"

The 2.x branch of the official SDK is still maintained, and requires PHP 5.3.3+ : https://github.com/aws/aws-sdk-php/tree/2.8

DavidAnderson684 avatar Jun 23 '15 09:06 DavidAnderson684

Thanks! Didn't know that.

Bakual avatar Jun 23 '15 10:06 Bakual

Sorry everyone, I haven't been able to look into this. Would anyone be willing to work on a PR?

tpyo avatar Jun 29 '15 16:06 tpyo

unfortunately I dont have the time to fix up the code and make a PR but I'd like to +1 this

Edit: now I saw there is PR #122 which looks quite promising on first glance

philicious avatar Jul 25 '16 20:07 philicious