使用访问密钥和秘钥从S3服务器下载安全文件
使用访问密钥和秘钥从S3服务器下载安全文件
提问于 2015-08-20 06:31:15
我试图使用S3服务器下载一个安全文件,但它返回了403号错误(访问被拒绝)。
我的代码:
NSMutableURLRequest *request = [[NSMutableURLRequest alloc] initWithURL:[NSURL URLWithString:@"https://xxx.amazonaws.com/bucket-name/file_name"]];
request.HTTPMethod = @"GET";
[request setValue:@"kAccessKey" forHTTPHeaderField:@"accessKey"];
[request setValue:@"kSecretKey" forHTTPHeaderField:@"secretKey"];
NSURLSessionDownloadTask *downloadPicTask = [[NSURLSession sharedSession] downloadTaskWithRequest:request completionHandler:^(NSURL *location, NSURLResponse *response, NSError *error) {
UIImage *downloadedImage = [UIImage imageWithData:
[NSData dataWithContentsOfURL:location]];
dispatch_async(dispatch_get_main_queue(), ^{
weakSelf.imageView.image = downloadedImage;
[weakSelf.activityIndicator stopAnimating];
});
}];
[downloadPicTask resume];编辑
我找到了这个密码:
AWSCognitoCredentialsProvider *credentialsProvider = [[AWSCognitoCredentialsProvider alloc]initWithRegionType:AWSRegionUSWest2 identityId:@"xxxxxxx" identityPoolId:@"xxxxxxxx" logins:nil];
AWSServiceConfiguration *configuration = [[AWSServiceConfiguration alloc]initWithRegion:AWSRegionUSWest2 credentialsProvider:credentialsProvider];
// Construct the NSURL for the download location.
NSString *downloadingFilePath = [NSTemporaryDirectory() stringByAppendingPathComponent:@"sample_img.png"];
NSURL *downloadingFileURL = [NSURL fileURLWithPath:downloadingFilePath];
// Construct the download request.
AWSS3TransferManagerDownloadRequest *downloadRequest = [[AWSS3TransferManagerDownloadRequest alloc]init];
AWSS3TransferManager * transferManager = [AWSS3TransferManager S3TransferManagerForKey:[[configuration credentialsProvider]sessionKey]];
downloadRequest.bucket = @"test-upload-bucket";
downloadRequest.key = @"sample_img.png";
downloadRequest.downloadingFileURL = downloadingFileURL;
[[transferManager download:downloadRequest] continueWithExecutor:[AWSExecutor mainThreadExecutor]
withBlock:^id(AWSTask *task){
return nil;
}];IdentityId和IdentityPoolId的输入值是多少?
回答 3
Stack Overflow用户
回答已采纳
发布于 2017-08-29 14:12:57
一个正在工作的2017年夏季功能,您可以将图像名称和表格单元格传递给它(我正在下载某些表格条目的标识)。请确保修改凭据区域、密钥/秘密凭据和桶名。注意:您的凭据不应该是根。创建单独的IAM用户/组/策略,并且只授权特定的资源(桶/对象)和特定的操作。创造你的钥匙和秘密。我这么做是因为我不想使用amazon的密码来管理我的用户。但希望我的移动应用程序能够直接、安全地访问S3资源,而不是通过一个冗余的服务器端脚本。但是,Amazon推荐使用移动设备,您可以使用cogito,并让每个用户使用自己的/临时的cred。请注意。
-(void) awsImageLoad:(NSString*)imageFile :(UITableViewCell*)cell {
NSArray *filepathelements = [imageFile componentsSeparatedByString:@"/"];
if (filepathelements.count == 0) return;
//extract only the name from a possibe folder/folder/imagename
NSString *imageName = [filepathelements objectAtIndex:filepathelements.count-1];
AWSStaticCredentialsProvider *credentialsProvider =
[[AWSStaticCredentialsProvider alloc]
initWithAccessKey:@"_______________"
secretKey:@"__________________________________"];
//My credentials exist on the US East 1 region server farm
AWSServiceConfiguration *configuration = [[AWSServiceConfiguration alloc]initWithRegion:AWSRegionUSEast1 credentialsProvider:credentialsProvider];
// Construct the NSURL for the temporary download location.
NSString *downloadingFilePath = [NSTemporaryDirectory() stringByAppendingPathComponent:imageName];
NSURL *downloadingFileURL = [NSURL fileURLWithPath:downloadingFilePath];
// Construct the download request.
AWSS3TransferManagerDownloadRequest *downloadRequest = [AWSS3TransferManagerDownloadRequest new];
// S3 has only a Global Region -- establish our creds configuration
[AWSS3TransferManager registerS3TransferManagerWithConfiguration:configuration forKey:@"GlobalS3TransferManager"];
AWSS3TransferManager * transferManager = [AWSS3TransferManager S3TransferManagerForKey:@"GlobalS3TransferManager"];
downloadRequest.bucket = @"my_bucket_name";
downloadRequest.key = imageFile;
downloadRequest.downloadingFileURL = downloadingFileURL;
[[transferManager download:downloadRequest] continueWithExecutor:[AWSExecutor mainThreadExecutor] withBlock:^id(AWSTask *task){
if (task.error){
if ([task.error.domain isEqualToString:AWSS3TransferManagerErrorDomain]) {
switch (task.error.code) {
case AWSS3TransferManagerErrorCancelled:
case AWSS3TransferManagerErrorPaused:
break;
default:
NSLog(@"Error: %@", task.error);
break;
}
} else {
NSLog(@"Error: %@", task.error);
}
}
if (task.result) {
// ...this runs on main thread already
cell.imageView.image = [UIImage imageWithContentsOfFile:downloadingFilePath];
}
return nil;
}];
}Stack Overflow用户
发布于 2015-08-20 20:24:54
所有的HTTP请求在发送到AWS服务器之前都需要正确地签名,签名过程非常复杂,所以我建议尝试使用签名版本4签名过程
Arun_展示的示例是如何使用transferManager通过v2下载文件的代码片段。
Stack Overflow用户
发布于 2015-08-20 14:45:43
这对我起了作用:
AWSStaticCredentialsProvider *credentialsProvider = [[AWSStaticCredentialsProvider alloc]initWithAccessKey:@"AccessKey" secretKey:@"secretKey"];
AWSServiceConfiguration *configuration = [[AWSServiceConfiguration alloc]initWithRegion:AWSRegionUSWest2 credentialsProvider:credentialsProvider];
// Construct the NSURL for the download location.
NSString *downloadingFilePath = [NSTemporaryDirectory() stringByAppendingPathComponent:@"sample_img.png"];
NSURL *downloadingFileURL = [NSURL fileURLWithPath:downloadingFilePath];
// Construct the download request.
AWSS3TransferManagerDownloadRequest *downloadRequest = [AWSS3TransferManagerDownloadRequest new];
[AWSS3TransferManager registerS3TransferManagerWithConfiguration:configuration forKey:@"USWest2S3TransferManager"];
AWSS3TransferManager * transferManager = [AWSS3TransferManager S3TransferManagerForKey:@"USWest2S3TransferManager"];
downloadRequest.bucket = @"test-upload-bucket";
downloadRequest.key = @"sample_img.png";
downloadRequest.downloadingFileURL = downloadingFileURL;
[[transferManager download:downloadRequest] continueWithExecutor:[AWSExecutor mainThreadExecutor]
withBlock:^id(AWSTask *task){
return nil;
}];页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/32111029
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号