javascript - Nodejs - 使用 Brightcove 生成​​的签名 url 将文件上传到 AWS W3 返回 403 Forbidden

Question

我正尝试按照本文中的步骤将视频添加到 Brightcove https://apis.support.brightcove.com/dynamic-ingest/getting-started/source-file-upload-api-dynamic-ingest.html

前 2 个步骤工作正常。请求 S3 URLS 后，我得到这样的响应

    {
      "bucket": "ingestion-upload-production",
      "object_key": "57838016001/4752143002001/ed5a5ba0-1d97-4f95-a8ec-cbb786b04a37/greatblueheron.mp4",
      "access_key_id": "ACCESS_KEY_APPEARS_HERE",
      "secret_access_key": "SECRET_ACCESS_KEY_APPEARS_HERE",
      "session_token": "FQoDYXdzEKf//////////wEaDKR0wDgquq/qvkZgbyKOA7URC/9io6cmRBDkhbvxoHIKkPZlK/9YNvdWcESPkm75/2PvU6FV1Mc+/XENPzY8KgvP86MBJNxYLPdkuP1phgHs2Yh2p1KIDcQSCZJ3i6i9m4S14ewjWIugYLYDQi6CG+3fiFwfzbKT5jes1kh24m9BQQIuvVOiM1GLTldyDzlrdDopJkdYd4IEU7FU36CUT7RL/aeMwR2Usk56nwqyqkkQHPmvqmGyiLdrD3OrIbUU+6+ZP4usS9dbV3eAqOWDIk3HCN+Kuc9f/eUWhY21ftNDXWgasqQqXwPRs3T1i/hoiIKODbzr8F",
      "signed_url": "https://ingestion-upload-production.s3.amazonaws.com/57838016001/4752143002001/ed5a5ba0-1d97-4f95-a8ec-cbb786b04a37/greatblueheron.mp4?AWSAccessKeyId=ACCESS_KEY_HERE&Expires=1475673952&Signature=%2Fsr5cV%2FVOfGCBkodol9xQIKlbu4%3D",
      "api_request_url": "https://ingestion-upload-production.s3.amazonaws.com/57838016001/4752143002001/ed5a5ba0-1d97-4f95-a8ec-cbb786b04a37/greatblueheron.mp4"
}

文章只提到了使用curl命令将文件放到S3的方式，在终端执行就可以了

curl -X PUT "SIGNED_URL_GOES_HERE" --upload-file FILE_PATH_FOR_LOCAL_ASSET_GOES_HERE 

我尝试在 nodejs 中实现它，但没有成功

1. 使用 Node 获取和 PUT 方法

        fetch(signedUrl, {
        method: 'PUT',
        data: {
            'value': fs.createReadStream(file_path),
            'options': {
              'filename': file_name,
              'contentType': file_type
            }
        },

        **OR**
        data : fs.createReadStream(file_path)

        **OR**
        data : fs.readFileSync(file_path),

        headers:{
            "Content-Type":file_type
        }
    })

返回 403 Forbidden

1. 所以我用 Postman 测试了它

PUT signedUrl

二进制正文(不是表单数据)

我得到的回应是:

    <?xml version="1.0" encoding="UTF-8"?>
<Error>
    <Code>SignatureDoesNotMatch</Code>
    <Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message>
    <AWSAccessKeyId>AWSAccessKeyId</AWSAccessKeyId>
    <StringToSign>PUT

video/quicktime
1594858748
/<BUCKET>/<KEY></StringToSign>
    <SignatureProvided><SIGNATURE>=</SignatureProvided>
    <StringToSignBytes>50 55 54 0a 0a 76 69 64 65 6f 2f 71 75 69 63 6b 74 69 6d 65 0a 31 35 39 34 38 35 38 37 34 38 0a 2f 69 6e 67 65 73 74 69 6f 6e 2d 75 70 6c 6f 61 64 2d 70 72 6f 64 75 63 74 69 6f 6e 2f 33 38 34 35 62 2d 39 63 39 64 2d 61 65 31 63 32 39 30 65 30 63 36 64 2f 74 65 73 74 2d 6d 65 64 65 6f 2e 6d 6f 76</StringToSignBytes>
    <RequestId></RequestId>
    <HostId></HostId>
</Error>

我尝试了其他方法，例如:

• 使用“child_process”和 execSync 直接从 Node js 执行 curl 命令

const command = `curl -X PUT ${signedUrl} --upload-file ${filepath}`;
execSync(command).toString();

我收到 --upload-file: command not found

• 使用适用于 js 的 AWS 开发工具包。我找不到将文件放入预签名 url 的方法，并且在使用通过 Brightcove 请求 S3 URL 时生成的 access_key_id 和 secret_access_key 进行测试时，我得到:InvalidAccessKeyId:您提供的 AWS 访问 key ID 在我们的记录中不存在

const AWS = require('aws-sdk');
const config = {
            accessKeyId: ACCESS_KEY_ID,
            secretAccessKey: SECRET_ACCESS_KEY
        };
        AWS.config.update(config);

        const S3Bucket = new AWS.S3({
            params: { Bucket: response.BUCKET },
        });

        var params = {
            Key: KEY,
            Body: fs.createReadStream(file_name)
        };
        S3Bucket.upload(params, function (err, data) {
            if (err) {
                console.log('ERROR MSG: ', err);
            } else {
                console.log('Successfully uploaded data');
            }
        });

甚至

AWS.config.update({
            accessKeyId: access_key_id,
            secretAccessKey: secret_access_key
        });
        
        let params = {
            Bucket: bucket,
            Key: key,
            Body: fs.createReadStream(filename)
        };
        try {
            let uploadPromise = await new AWS.S3().putObject(params).promise();
            console.log("Successfully uploaded data to bucket", uploadPromise);
        } catch (e) {
            console.log("Error uploading data: ", e);
        } 

• 使用@smcloudstore/aws-s3；同样的回应

我做错了什么？我测试了这里提供的所有解决方案 stackoverflow 但没有成功您能否分享一个工作代码以使用 nodejs 和预签名的 url 将文件放入 AWS S3

提前致谢

Answer 1

基于此处的文档 https://apis.support.brightcove.com/dynamic-ingest/getting-started/source-file-upload-api-dynamic-ingest.html#Authentication

(PHP 示例)

你可以这样做

const response = {
      "bucket": "ingestion-upload-production",
      "object_key": "57838016001/4752143002001/ed5a5ba0-1d97-4f95-a8ec-cbb786b04a37/greatblueheron.mp4",
      "access_key_id": "ACCESS_KEY_APPEARS_HERE",
      "secret_access_key": "SECRET_ACCESS_KEY_APPEARS_HERE",
      "session_token": "FQoDYXdzEKf//////////wEaDKR0wDgquq/qvkZgbyKOA7URC/9io6cmRBDkhbvxoHIKkPZlK/9YNvdWcESPkm75/2PvU6FV1Mc+/XENPzY8KgvP86MBJNxYLPdkuP1phgHs2Yh2p1KIDcQSCZJ3i6i9m4S14ewjWIugYLYDQi6CG+3fiFwfzbKT5jes1kh24m9BQQIuvVOiM1GLTldyDzlrdDopJkdYd4IEU7FU36CUT7RL/aeMwR2Usk56nwqyqkkQHPmvqmGyiLdrD3OrIbUU+6+ZP4usS9dbV3eAqOWDIk3HCN+Kuc9f/eUWhY21ftNDXWgasqQqXwPRs3T1i/hoiIKODbzr8F",
      "signed_url": "https://ingestion-upload-production.s3.amazonaws.com/57838016001/4752143002001/ed5a5ba0-1d97-4f95-a8ec-cbb786b04a37/greatblueheron.mp4?AWSAccessKeyId=ACCESS_KEY_HERE&Expires=1475673952&Signature=%2Fsr5cV%2FVOfGCBkodol9xQIKlbu4%3D",
      "api_request_url": "https://ingestion-upload-production.s3.amazonaws.com/57838016001/4752143002001/ed5a5ba0-1d97-4f95-a8ec-cbb786b04a37/greatblueheron.mp4"
}
const s3 = new S3({
  region: 'us-east-1',
  credentials: {
    accessKeyId: response.access_key_id,
    secretAccessKey: response.secret_access_key,
    sessionToken: response.session_token
  }
})
s3.upload({
  Bucket: response.bucket,
  Key: response.object_key,
  Body: fs.createReadStream(file_name)
})