All geek questions in one place

Access to private files bucket s3

I upload files from php download to s3 bucket.its, but when I get the image, I get the following error.

<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<Expires>2006-03-09T07:25:20Z</Expires>
<ServerTime>2016-11-05T04:38:24Z</ServerTime>

if I set the publication when downloading files, then I can get it, but I wanted to protect it from unauthorized users.

upload file code

try{
    $s3 = \Storage::disk('s3');
    $filePath = $file->getClientOriginalName();
    $s3->put($filePath, file_get_contents($val), 'private');

    } catch (Aws\Exception\S3Exception $e) {
        echo "There was an error uploading the file.\n"+$e;
    }

Before asking a question, I refereed many sites, but this did not help me

Amazon S3 see personal files

PHP Amazon S3 accesses private files via URL

How to access Amazon s3 private slave through Zend_Service_Amazon_S3

The third link works for me, but

1. Is it safe to pass the passkey in the URL?

2.can view this file for authenticated user?

public function get_s3_signed_url($bucket, $resource, $AWS_S3_KEY, $AWS_s3_secret_key, $expire_seconds) {
     $expires = time()+$expire_seconds;
     // S3 Signed URL creation
     $string_to_sign = "GET\n\n\n{$expires}\n/".str_replace(".s3.amazonAWS.com","", $bucket)."/$resource";
     $signature = urlencode(base64_encode((hash_hmac("sha1", utf8_encode($string_to_sign), $AWS_s3_secret_key, TRUE))));

     $authentication_params = "AWSAccessKeyId=".$AWS_S3_KEY;
     $authentication_params.= "&Expires={$expires}";
     $authentication_params.= "&Signature={$signature}";
     return $link = "http://s3.amazonAWS.com/{$bucket}/{$resource}?{$authentication_params}";
}
+4
1

get_s3_signed_url URL- , . , / . , .

Zend:

require_once('Zend/Service/Amazon/S3.php');

$awsKey = 'your-key';
$awsSecretKey = 'your-secret-key';

$s3 = new Zend_Service_Amazon_S3($awsKey, $awsSecretKey);

$bucketName = 'your-bucket-name';
$objectName = $bucketName . '/image.jpg'; //image path

$info = $s3->getInfo($objectName);

if (is_array($info)) {
    header('Content-type: ' . $info['type']);
    header('Content-length: ' . $info['size']);

    file_put_contents('image.jpg', file_get_contents($s3->getObject($objectName)));

    header('Content-Description: File Transfer');
    header("Content-Disposition: attachment; filename=\"image.jpg\"");
    header('Content-Transfer-Encoding: binary');
    header('Cache-Control: must-revalidate');
    header('Pragma: public');
    header('Expires: 0');
    ob_clean();
    flush();
    readfile('image.jpg');
    unlink('image.jpg');
} else {
    header('HTTP/1.0 404 Not Found');
}


php:

require_once('S3.php');

$awsKey = 'your-key';
$awsSecretKey = 'your-secret-key';

$s3 = new S3($awsKey, $awsSecretKey);

$bucketName = 'your-bucket-name';


** To store/download one image at a time**

$objectName = "image.jpg"; //s3 image path
$tempFile = "image.jpg"; //temporary/local image path

$s3->getObject($bucketName, $objectName, $tempFile); //stores the image 

if (filesize($tempFile)) {
    header('Content-Description: File Transfer');
    header('Content-Type: image/png');
    header("Content-Disposition: attachment; filename=\"" . $tempFile . "\"");
    header('Content-Transfer-Encoding: binary');
    header('Cache-Control: must-revalidate');
    header('Pragma: public');
    header('Expires: 0');
    header('Content-Length: ' . filesize($tempFile));
    ob_clean();
    flush();
    readfile($tempFile); //downloads the image
    unlink($tempFile); //deletes the image from local 
}

**To store/download 'n' images at a time**

$s3ImagesFolder = 'all_images/'; //folder where all the images are 

$bucketContents = $s3->getBucket($bucketName);

foreach ($bucketContents as $file) {

if ((strpos($file['name'], $s3ImagesFolder) > -1)) {
    $tempFile = end(explode("/", $file['name']));
    $s3->getObject($bucketName, $file['name'], $tempFile); // to store 

    //to download
    if ($file['size']) {
        header('Content-Description: File Transfer');
        header('Content-Type: image/png');
        header("Content-Disposition: attachment; filename=\"" . $tempFile . "\"");
        header('Content-Transfer-Encoding: binary');
        header('Cache-Control: must-revalidate');
        header('Pragma: public');
        header('Expires: 0');
        header('Content-Length: ' . $file['size']);
        ob_clean();
        flush();
        readfile($tempFile); //downloads the image
        unlink($tempFile); //deletes the image from local 
    }
  }
}
+1

Source: https://habr.com/ru/post/1659890/

More articles:


All Articles