gpt4 book ai didi

ruby-on-rails - 如何使用云端的 s3 对象 URL?

转载 作者:行者123 更新时间:2023-12-04 06:02:57 30 4
gpt4 key购买 nike

我目前正在 S3 上私下存储文件。在我的 Rails 应用程序中,在 attachment.rb 模型中,我可以获得私有(private)文件的公共(public) URL,如下所示:

def cdn_url ( style='original' )
attachment.s3_object(style).url_for( :read, secure: true, response_content_type: self.meta['file_content_type'], expires: 1.hour ).to_s
end

问题是这是向 S3 提供 URL 并重写 URL 以使用我的 Cloudfront 原始 url 错误:

The request signature we calculated does not match the signature you provided. Check your key and signing method.

如何获取如下所示的公共(public) URL Assets ,但通过 Cloudfront 提供该 Assets ?

最佳答案

第一种方法(简单)

只需使用 aws_cf_signer gem 。把它放在你的 bundler 中。

有了这个你可以做类似的事情

def cdn_url (options = {})
style = options[:style] || 'original'
cloudfront_domain = options[:cloudfront_domain] || 'example.cloudfront.net'
cloudfront_pem_key_path = options[:cloudfront_pem_key_path]
cloudfront_key_paid_id = options[:cloundfrount_key_paid_id]
path = attachment.path(style) #path of the file
# you can get this values from your aws a/c , most probably by going int
# https://console.aws.amazon.com/iam/home?#security_credential
signer = AwsCfSigner.new(cloudfront_pem_key_path, cloudfront_key_paid_id)
# this configuration may vary.
# visit https://github.com/dylanvaughn/aws_cf_signer
# and check all available settings/options
url = signer.sign(path, :ending => Time.now + 3600)
cloudfront_domain + url
end

有了这个,你可以像这样访问 url

  cdn_url(cloudfront_pem_key_path: '/users/downloads/pri.pem' , cloudfront_key_paid_id: '33243424XXX')

第二种方式

# A simple function to return a signed, expiring url for Amazon Cloudfront. 
# This will require openssl, digest/sha1, base64 and maybe other libraries.

module CloudFront
def get_signed_expiring_url(domain,path, expires_in, private_key_filename, key_pair_id)

# AWS works on UTC, so make sure you are not using local time
expires = (Time.now.getutc + expires_in).to_i.to_s

private_key = OpenSSL::PKey::RSA.new(File.read(private_key_filename))

# path should be your S3 path without a leading slash and without a file extension.
# e.g. files/private/52
policy = %Q[{"Statement":[{"Resource":"#{path}","Condition":{"DateLessThan":{"AWS:EpochTime":#{expires}}}}]}]
signature = Base64.strict_encode64(private_key.sign(OpenSSL::Digest::SHA1.new, policy))

# I'm not sure exactly why this is required, but it's in Amazon's perl script and seems necessary
# Different base64 implementations maybe?
signature.tr!("+=/", "-_~")

"#{domain}#{path}?Expires=#{expires}&Signature=#{signature}&Key-Pair-Id=#{key_pair_id}"
end
end

有了这个你可以做类似的事情

def cdn_url ( style='original',cloudfront_pem_key_path,key_pair_id)
path = attachment.path(style) #path of the file
# you can get this values from your aws a/c , most probably by going int
CloudFront.get_signed_expiring_url 'example.cloudfront.net', path, 45.seconds ,'/users/downloads/pri.pem', 'as12XXXXX')
end

试一试,也许它会奏效。请务必正确设置存储桶访问策略。如果您看到 accessDenied 错误,请检查一下 http://www.jppinto.com/2011/12/access-denied-to-file-amazon-s3-bucket/

关于ruby-on-rails - 如何使用云端的 s3 对象 URL?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/23924894/

30 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com