All geek questions in one place

PHP AWS api raw PUT bucket lifecycle request

I am creating a website that has a function that, if the user deletes the image / video, it will be archived, I use AWS S3 to store and delete, to transfer it to Glacier, I do not want to use the AWS SDK, so I create an unprocessed request using PHP cURL, from this link I tried to set the bucket life cycle on an object, http://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlifecycle.html and made some code, but it gave me a mismatch error.

SignatureDoesNotMatch-The request signature we calculated does not match the signature you provided. Check your key and signing method.

This is my code, in this I want to apply the life cycle on x.php , which is inside the bucket, apply the life cycle to expire, what am I doing wrong? Help me,

 $AWSaccessKey = 'xxxxxxxxxxxxxxxx'; $AWSsecretKey = 'xxxxxxxxxxxxxxxxxxxxxxxxxx'; $AWSregion = 'xxxxxxxxx'; // bucket $bucket = 'xxxxxxxx'; $postdata = $filedata = '<LifecycleConfiguration> <Rule> <Filter> <Prefix>/</Prefix> </Filter> <Status>Enabled</Status> <Expiration> <Days>0</Days> </Expiration> </Rule> </LifecycleConfiguration>'; $filetype = 'text/plain'; $path = '/x.php'; // file on which i want to put lifecycle to move it to GLACIER // file md5 $file_md5 = base64_encode(md5($filedata, true)); // file size $filesize = strlen($filedata); // date $date = gmdate('D, d MYH:i:s').' +0000'; // -> for putting lifecycle config $params = array( 'x-amz-date' => gmdate('D, d MYH:i:s \\G\\M\\T'), ); //'x-amz-security-token'=> $auth['Token'] // sort and stringify params (different to other requests, this is formatted like headers) $params_str = ''; uksort($params, 'strcmp'); foreach($params as $k=>$v){ $params_str .= $k.': '.$v."\\n"; } // -> for putting lifecycle config $to_sign = "PUT\\n$file_md5\\n$filetype\\n\\n".$params_str.'/'.$bucket.$path; // create signature // Note: S3 uses SHA1 instead of 256! $signature = base64_encode(hash_hmac('SHA1', $to_sign, $AWSsecretKey, true)); $headers = "Host: $bucket.s3.amazonaws.com\\n"; // change to your region $headers .= $params_str; // note that the params get added to the header $headers .= 'Content-MD5: '.$file_md5."\\n"; $headers .= 'Authorization: AWS '.$AWSaccessKey.':'.$signature."\\n"; $headers .= 'Content-Length: '.$filesize."\\n"; $ch = curl_init("http://$bucket.s3-$AWSregion.amazonaws.com"); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($ch, CURLOPT_HTTPHEADER, explode('\n', $headers)); curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PUT"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_VERBOSE, true); curl_setopt($ch, CURLOPT_STDERR, fopen(dirname(__FILE__).'/errorlog.txt', 'w')); $result = curl_exec($ch); var_dump($result);
+1
source share
1 answer

I think you do not quite understand how life cycle policies work.

$path = '/x.php'; // file on which i want to put lifecycle to move it to GLACIER

You do not move individual files. You configure the prefix. this should be in your xml document. You already have this

<Prefix>/</Prefix>

  • The PUT life cycle should always be /?lifecycle . And you put it like /x.php
  • It would be better to use AWS Signature V4 as opposed to V2, as some new regions do not support Signature V2, but all regions support Signature V4. More details here: http://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html
  • Signature V4, even if you see the SignatureDoesNotMatch error message, you should also see other <StringToSignBytes></StringToSignBytes> and <CanonicalRequest></CanonicalRequest> messages. They should be more than enough so that you can isolate and solve this problem.
  • You mentioned that you want to port it to GLACIER, but you did not mention it in your XML content. See the “Example 1: Add Lifecycle Configuration - Bucket Not Supported by <StorageClass>GLACIER</StorageClass> on this page for http://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlifecycle.html You will need <StorageClass>GLACIER</StorageClass> in your XML.

Hope this helps.

+1
source

Source: https://habr.com/ru/post/978606/

More articles:


All Articles