Search code examples
amazon-web-servicesamazon-s3boto3

Request signature issue with AWS

I am trying to do what the image is showing basically, but I keep getting The request signature we calculated does not match the signature you provided. Check your key and signing method.

One thing I noticed is that my signature is shorter than what AWS has showed in their example so I know something is definitely wrong but I can't seem to figure out what.

def annotate():

    try:
        if request.method == 'POST':
            pass
        unique_filename = str(uuid.uuid4())
        file_name_prefix = f"folder_name/{unique_filename}~"
        object_name = file_name_prefix+"${filename}"
        s3_policy_conditions = [
        {"bucket": S3_BUCKET_NAME},
        {"acl": "private"},
        {"success_action_redirect": "www.success.html"},
        {"key":object_name}
    ]
        fields = {"key": file_name_prefix+"${filename}", "acl": "private"}
    # Generate presigned post request
        encoded_policy = s3.generate_presigned_post(
        Bucket=S3_BUCKET_NAME,
        Key=object_name,
        Fields=fields,
        Conditions=s3_policy_conditions,
        ExpiresIn=120  # 2 minutes
    )
        print(encoded_policy)
        return render_template('annotate.html',data=encoded_policy)
    except Exception as e:
        # Handle errors appropriately
                error_response = {
                    'code': 500,
                    'status': 'error',
                    'message': str(e)
                }
                return jsonify(error_response)

This is the code for my AWS signing. And below is my code for extracting my signed policy and use it to POST.

 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  </head>
  <body>
    <h1>Upload VCF File</h1>
    <form id="upload_form"
      action="{{ data['url'] }}" method="post"
      enctype="multipart/form-data"
    >
      <input type="hidden" name="key" value="{{ data['fields']['key']~filename }}">
      <input type="hidden" name="acl" value="private">
      <input type="hidden" name="success_action_redirect" value="vkodagi-hw3.mpcs-cc.com:5000/annotate/files" />
      <input type="hidden" name="AWSAccessKeyId" value="{{ data['fields']['AWSAccessKeyId'] }}" />
      <input type="hidden" name="policy" value="{{ data['fields']['policy'] | tojson}}" />
      <input type="hidden" name="signature" value="{{ data['fields']['signature']}}" />
      Select input file: <input id="upload_file" type="file" name="file" />
      <input type="submit" value="Upload Input File" />
    </form>
  </body>
</html>

What am I doing wrong? Why is my signature small? I have tried to do a simple upload to the server, then I upload to the s3 bucket and that works. So I can guarantee that my credentials are correct. enter image description here

Solution

  • The most likely cause of your pre-signed URL being shorter than you expected it to be is because you are using signature v2 signing.

    You should be using signature v4, which can be done as follows (add your credentials as needed):

    s3 = boto3.client('s3', config=Config(signature_version='s3v4'))