到目前为止,我已经在网上搜索了两天多,可能已经浏览了大部分在线记录的场景和变通方法,但到目前为止,没有一个对我有用。
我使用的是AWS SDK for PHP V2.8.7,运行在PHP 5.3上。
我试图连接到我的亚马逊S3桶与以下代码:
// Create a `Aws` object using a configuration file
$aws = Aws::factory('config.php');
// Get the client from the service locator by namespace
$s3Client = $aws->get('s3');
$bucket = "xxx";
$keyname = "xxx";
try {
$result = $s3Client->putObject(array(
'Bucket' => $bucket,
'Key' => $keyname,
'Body' => 'Hello World!'
));
$file_error = false;
} catch (Exception $e) {
$file_error = true;
echo $e->getMessage();
die();
}
我的config.php文件如下:
return [
// Bootstrap the configuration file with AWS specific features
'includes' => ['_aws'],
'services' => [
// All AWS clients extend from 'default_settings'. Here we are
// overriding 'default_settings' with our default credentials and
// providing a default region setting.
'default_settings' => [
'params' => [
'credentials' => [
'key' => 'key',
'secret' => 'secret'
]
]
]
]
];
它产生以下错误:
我们计算的请求签名与您提供的签名不匹配。检查您的密钥和签名方法。
我已经检查了我的访问密钥和秘密至少20次,生成了新的,使用不同的方法来传递信息(即配置文件和在代码中包含凭据),但目前没有任何工作。
In a previous version of the aws-php-sdk, prior to the deprecation of the S3Client::factory() method, you were allowed to place part of the file path, or Key as it is called in the S3Client->putObject() parameters, on the bucket parameter. I had a file manager in production use, using the v2 SDK. Since the factory method still worked, I did not revisit this module after updating to ~3.70.0. Today I spent the better part of two hours debugging why I had started receiving this error, and it ended up being due to the parameters I was passing (which used to work):
$s3Client = new S3Client([
'profile' => 'default',
'region' => 'us-east-1',
'version' => '2006-03-01'
]);
$result = $s3Client->putObject([
'Bucket' => 'awesomecatpictures/catsinhats',
'Key' => 'whitecats/white_cat_in_hat1.png',
'SourceFile' => '/tmp/asdf1234'
]);
我必须将我的bucket/key路径中的catsinhats部分移动到key参数中,如下所示:
$s3Client = new S3Client([
'profile' => 'default',
'region' => 'us-east-1',
'version' => '2006-03-01'
]);
$result = $s3Client->putObject([
'Bucket' => 'awesomecatpictures',
'Key' => 'catsinhats/whitecats/white_cat_in_hat1.png',
'SourceFile' => '/tmp/asdf1234'
]);
我相信正在发生的是,桶名现在是URL编码。在进一步检查我从SDK接收到的确切消息后,我发现:
在https://s3.amazonaws.com/awesomecatpictures%2Fcatsinhats/whitecats/white_cat_in_hat1.png上执行PutObject错误
AWS HTTP错误:客户机错误:
PUT https://s3.amazonaws.com/awesomecatpictures%2Fcatsinhats/whitecats/white_cat_in_hat1.png导致403 Forbidden
这表明提供给Bucket参数的/ I已经通过urlencode(),现在是%2F。
签名的工作方式相当复杂,但问题可以归结为用于生成加密签名的桶和密钥。如果它们在调用客户端和AWS中都不完全匹配,则请求将被拒绝,并返回403。错误信息确实指出了问题:
我们计算的请求签名与你的签名不匹配
提供。检查您的密钥和签名方法。
所以,我的钥匙错了,因为我的桶错了。
