I am trying to listObjects from GCS bucket using latest aws-sdk java library.
Refer code snippet here
ClientConfiguration clientConfiguration = new ClientConfiguration();
// Solution is update the Signer Version.
clientConfiguration.setSignerOverride("S3SignerType");
AWSCredentials awsCredentials = new BasicAWSCredentials("XXX","XXX");
AmazonS3 amazonS3Client = AmazonS3ClientBuilder.standard()
.withCredentials(new AWSStaticCredentialsProvider(awsCredentials))
.withClientConfiguration(clientConfiguration)
.withEndpointConfiguration(new AwsClientBuilder.EndpointConfiguration("https://storage.googleapis.com","Multi-Regional")).build();
String bucketName = "bucket_name";
// List Objects
amazonS3Client.listObject(bucketName);
But receiving invalid arguments.Refer Error and DEBUG logs
Also I am able to do with getObjects and putObjects with above amazonS3Client.
Any ideas?
2017-11-13 17:54:15,360 [main] DEBUG com.amazonaws.request - Sending Request: GET https://bucket_name.storage.googleapis.com / Parameters: ({"encoding-type":["url"]}Headers: (User-Agent: aws-sdk-java/1.11.158 Linux/4.10.0-38-generic Java_HotSpot(TM)_64-Bit_Server_VM/25.131-b11/1.8.0_131, amz-sdk-invocation-id: 121cd76e-1374-4e5d-9e68-be22ee2ad17a, Content-Type: application/octet-stream, )
2017-11-13 17:54:16,316 [main] DEBUG com.amazonaws.request - Received error response: com.amazonaws.services.s3.model.AmazonS3Exception: Invalid argument. (Service: Amazon S3; Status Code: 400; Error Code: InvalidArgument; Request ID: null), S3 Extended Request ID: null
Exception in thread "main" com.amazonaws.services.s3.model.AmazonS3Exception: Invalid argument. (Service: Amazon S3; Status Code: 400; Error Code: InvalidArgument; Request ID: null), S3 Extended Request ID: null
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleErrorResponse(AmazonHttpClient.java:1588)
at
S3 has a parameter to its object list call called "encodingtype" that, when set to "url", encodes characters that can't be rendered natively in XML 1.0 using URL encoding. The client library appears to be using that flag. I don't believe that GCS's XML API supports that parameter, and so the call will fail with an InvalidArgument error.
You can probably avoid this by using a ListObjectRequest and calling setEncodingType(null), although I haven't tried.
I'm in the same boat but with the aws-sdk php library. I tracked down the issue to the constructor for the S3Client class where a bunch of middleware are added, one of which is setting the encoding type. Commenting out this line allows me to successfully perform the request, so I know I'm on the right track.
$stack->appendSign(PutObjectUrlMiddleware::wrap(), 's3.put_object_url');
$stack->appendSign(PermanentRedirectMiddleware::wrap(), 's3.permanent_redirect');
$stack->appendInit(Middleware::sourceFile($this->getApi()), 's3.source_file');
$stack->appendInit($this->getSaveAsParameter(), 's3.save_as');
$stack->appendInit($this->getLocationConstraintMiddleware(), 's3.location');
// $stack->appendInit($this->getEncodingTypeMiddleware(), 's3.auto_encode');
$stack->appendInit($this->getHeadObjectMiddleware(), 's3.head_object');
See if aws-sdk for java at least gives you some options to conditionally apply the middleware, but it appears that it's no dice with the php version.
As Brandon and Pez have noticed, GCS does not like the EncodingType header that's being added by the S3Client natively.
Fortunately, there's an easy way to fix this using a piece of middleware. This avoids edits to the vendor folder which should generally be avoided.
use Aws\Middleware;
$client = new S3Client([
'credentials' => [
'key' => 'XXXX',
'secret' => 'YYYY'
],
'region' => 'europe',
'endpoint' => 'https://storage.googleapis.com',
'version' => 'latest'
]);
$middleware = Middleware::tap(function ($command, $request = null) {
unset($command['EncodingType']);
});
$client->getHandlerList()->appendInit($middleware, 'encode-type-interceptor');
See also: https://blog.bandhosting.nl/blog/avoid-listobjects-invalid-query-parameter-s-encoding-type-errors-when-using-s3-with-google-cloud-storage
I ran into the same issue and found that Amazon Java API includes several hooks during the S3 calls that can be used to remove the encoding-type from the HTTP request.
{
return AmazonS3ClientBuilder.standard()//
.withCredentials(getAwsCredentialsProvider())//
.withEndpointConfiguration(getEndpointConfiguration(regionName))//
.withRequestHandlers(new GoogleRequestHandler()) // IMPORTANT PART
.build();
}
public class GoogleRequestHandler extends RequestHandler2 {
#Override
public void beforeRequest(Request<?> request) {
// google does not support the encoding-type parameter so just remove it from the request
// This appears to be only true for ListObjects
if (request.getOriginalRequest() instanceof ListObjectsRequest) {
Map<String, List<String>> params = request.getParameters();
params.remove("encoding-type");
}
}
}
See RequestHandler2 for more documentation.
Related
I'm trying to upload a large file using AWS SDK for JavaScript v3 multipart upload.
Basically I'm using Upload class from #aws-sdk/lib-storage to upload. But after sometime when the sessionToken expires, AWS start throwing 400 Bad Request error.
I'm calling uploadReq.abort() in catch block. And I was expecting that code in catch block will be executed immediately when AWS started throwing 400 error and no further part upload request will be trigger. Instead, it continues to trigger the upload part request and catch block is only called once all the subsequent part requests finished and failed. Is there a way to tell AWS s3 client to not trigger anymore part upload request when there is any error?
Here is the code I'm trying:
import {
AbortMultipartUploadCommandOutput,
CompleteMultipartUploadCommandOutput,
S3,
Tag
} from '#aws-sdk/client-s3';
import { Progress, Upload } from '#aws-sdk/lib-storage';
...
const s3Client = new S3({
region: config.region,
credentials: {
accessKeyId: config.accessKeyId,
secretAccessKey: config.secretAccessKey,
sessionToken: config.sessionToken
}
});
const uploadReq = new Upload({
client: s3Client,
params: {
Bucket: <bucketName>,
Key: <key>,
Body: <file_body>
},
tags: [], // optional tags
queueSize: 4, // optional concurrency configuration
partSize: 1024 * 1024 * 10, // (10MB) - optional size of each part, in bytes. e.g. 1024 * 1024 * 10
leavePartsOnError: false // optional manually handle dropped parts
});
const uploadReq$ = from(uploadReq.done()).pipe(
catchError(() => {
uploadReq.abort();
return of(null);
})
);
I am having some problems attempting to post to an API gateway endpoint.
On my API gateway I have my gateway all set up, and tested via the tool and am getting results and can verify that the step function is in fact executing the request appropriately.
{
"executionArn": "arn:aws:states:us-east-2:xxxxxxxxxxxx:execution:DevStateMachine-XXXXXXXXXXX:c9047982-e7f8-4b72-98d3-281db0eb4c30",
"startDate": 1531170720.489
}
I have set up a Stage for this for my dev environment and all looks good there as well. where I am given a URL to post against.
https://xxxxxxxxxx.execute-api.us-east-2.amazonaws.com/dev/assignments
In my c# code I have the web client defined as follows:
public Guid QueueAssignment(AssignmentDTO assignment)
{
using (var client = new HttpClient())
{
var data = JsonConvert.SerializeObject(assignment);
var content = new StringContent(data);
var uri = "https://xxxxxxxxxx.execute-api.us-east-2.amazonaws.com/dev/assignments"
content.Headers.ContentType = new MediaTypeHeaderValue("application/json");
var response = client.PostAsync(uri, content).Result;
if (response.IsSuccessStatusCode)
{
_logger.Info("Successfully posted to AWS Step Function");
_logger.Info(response);
}
else
_logger.Error("Error posting to AWS Step Function");
_logger.Error(response);
}
}
Everytime this post is attempted I get the following error:
System.Net.WebException: The remote name could not be resolved: 'https://xxxxxxxxxx.execute-api.us-east-2.amazonaws.com'
Is there something I am missing in posting to this URI or some type of conversion I need to do? Im kind of at a loss on where to go on this on.
I`m trying to create cdc test for uploading file verifying. I use DIUS library. I do not find any examples how to work with .withFileUpload() in DIUS. My code for pact is next:
#Pact(provider = PROVIDER, consumer = CONSUMER)
public RequestResponsePact createPact(PactDslWithProvider builder) throws Exception {
DslPart responseBody = new PactDslJsonBody()
.stringType("resource", DESTINATION_FILENAME)
.stringType("requestId", null)
.stringType("code", "201")
.array("response")
.closeArray()
.asBody();
return builder.given("UploadOperation")
.uponReceiving("Upload operation")
.path("/files/upload")
.matchQuery("overwrite", "true")
.matchQuery("destination_filename", DESTINATION_FILENAME)
.withFileUpload("file",
".gitignore",
"multipart/form-data",
new byte[]{11,44,66,123,66}) // some bytes
.willRespondWith()
.status(201)
.body(responseBody)
.toPact();
}
Code for pact creation and verification:
#Test
#PactVerification
public void doTest() throws IOException {
String url = String.format("Http://localhost:%d/files/upload?overwrite=true&destination_filename=%s", PORT, DESTINATION_FILENAME);
// HttpEntity for request
HttpEntity multipart = MultipartEntityBuilder.create()
.setMode(HttpMultipartMode.BROWSER_COMPATIBLE)
.addBinaryBody("file", new byte[]{11,44,66,123,66},
ContentType.create("multipart/form-data"), ".gitignore")
.build();
// I make the request and get an answer
HttpResponse response = Request.Put(url)
.addHeader("Content-Type", "multipart/form-data;
boundary=j72BRjsEynnAqDw43KTlsjxoKWsjdF_tl6N5")
.body(multipart)
.execute()
.returnResponse();
String json = EntityUtils.toString(response.getEntity());
System.out.println("json=" + json);
JSONObject jsonObject = new JSONObject(json);
assertTrue(jsonObject.getString("code").equals("201"));
assertTrue(response.getStatusLine().getStatusCode() == 201);}
but when I run the test i get: json={"error": Missing start boundary}
java.lang.AssertionError: Pact Test function failed with an exception, possibly due to ExpectedButNotReceived(expectedRequests=[ method: PUT
path: /files/upload
query: [destination_filename:[test], overwrite:[true]]
headers: [Content-Type:multipart/form-data; boundary=iYxVLiQ0ZrP5g0SUP2pWa-rg20UM4JFe90p]
matchers: MatchingRules(rules={query=Category(name=query, matchingRules={overwrite=MatchingRuleGroup(rules=[RegexMatcher(regex=true, example=null)], ruleLogic=AND), destination_filename=MatchingRuleGroup(rules=[RegexMatcher(regex=test, example=null)], ruleLogic=AND)}), header=Category(name=header, matchingRules={Content-Type=MatchingRuleGroup(rules=[RegexMatcher(regex=multipart/form-data;(\s*charset=[^;]*;)?\s*boundary=.*, example=multipart/form-data; boundary=iYxVLiQ0ZrP5g0SUP2pWa-rg20UM4JFe90p)], ruleLogic=AND)}), path=Category(name=path, matchingRules={})})
generators: Generators(categories={})
body: OptionalBody(state=PRESENT, value=--iYxVLiQ0ZrP5g0SUP2pWa-rg20UM4JFe90p
Content-Disposition: form-data; name="file"; filename=".gitignore"
Content-Type: multipart/form-data
,B{B
--iYxVLiQ0ZrP5g0SUP2pWa-rg20UM4JFe90p--
)])
...
Caused by: org.json.JSONException: JSONObject["code"] not found.
Whats wrong in my code? I suppose something wrong with Content type, with 'boundary' part. But I dont know how to specify arbitrary boundary.
Maybe anybody knows another library where multipart/form-data uploading requests realized.
Thanks.
I found the solution from test example in DIUS library
contentType in .withFileUpload() and accordingly in .addBinaryBody() methods shouldn`t be "multipart/form-data". It may be "form-data" for example.
.addHeader in request method is not necessary because content type was already defined in body.
I am trying to access a simple AWS IOT REST service but I have not been able to do so successfully yet. Here is what I did.
I created an iam user in my aws and downloaded the access key and secret key
Logged into AWS IOT with that user and created a "thing"
From the thing's property I found the REST URL for the shadow
Used Postman with the new "aws signature" feature and provided it with the access key, secret key, region (us-east-1) and service name (iot)
Tried to "GET" the endpoint and this is what I got -
{
"message": "Credential should be scoped to correct service. ",
"traceId": "be056198-d202-455f-ab85-805defd1260d"
}
I thought there is something wrong with postman so I tried using aws-sdk-sample example of connecting to S3 and changed it to connect to the IOT URL.
Here is my program snippet (Java)
String awsAccessKey = "fasfasfasdfsdafs";
String awsSecretKey = "asdfasdfasfasdfasdfasdf/asdfsdafsd/fsdafasdf";
URL endpointUrl = null;
String regionName = "us-east-1";
try {
endpointUrl = new URL("https://dasfsdfasdf.iot.us-east-1.amazonaws.com/things/SOMETHING/shadow");
}catch (Exception e){
e.printStackTrace();
}
Map<String, String> headers = new HashMap<String, String>();
headers.put("x-amz-content-sha256", AWSSignerBase.EMPTY_BODY_SHA256);
AWSSignerForAuthorizationHeader signer = new AWSSignerForAuthorizationHeader(
endpointUrl, "GET", "iot", regionName);
String authorization = signer.computeSignature(headers,
null, // no query parameters
AWSSignerBase.EMPTY_BODY_SHA256,
awsAccessKey,
awsSecretKey);
// place the computed signature into a formatted 'Authorization' header
// and call S3
headers.put("Authorization", authorization);
String response = HttpUtils.invokeHttpRequest(endpointUrl, "GET", headers, null);
System.out.println("--------- Response content ---------");
System.out.println(response);
System.out.println("------------------------------------");
This gives me the same error -
--------- Request headers ---------
x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Authorization: AWS4-HMAC-SHA256 Credential=fasfasfasdfsdafs/20160212/us-east-1/iot/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=3b2194051a8dde8fe617219c78c2a79b77ec92338028e9e917a74e8307f4e914
x-amz-date: 20160212T182525Z
Host: dasfsdfasdf.iot.us-east-1.amazonaws.com
--------- Response content ---------
{"message":"Credential should be scoped to correct service. ","traceId":"cd3e0d96-82fa-4da5-a4e1-b736af6c5e34"}
------------------------------------
Can someone tell me what I am doing wrong please? AWS documentation does not have much information on this error. Please help
Sign your request with iotdata instead if iot
example:
AWSSignerForAuthorizationHeader signer = new AWSSignerForAuthorizationHeader(
endpointUrl, "GET", "iotdata", regionName);
In your 4th step, don't fill anything for Service Name. Postman will default the value with execute-api.
Hope this works!
Its basically due to Service name is not given correctly you can use service Name = 'iotdata' instead of iot.
If you user Key management then Service Name would be kms.
For EC2 Service Name would be ec2 etc.
Use the AWS IoT SDK for Node.js instead. Download the IoT Console generated private key and client cert as well as the CA Root cert from here. Start with the scripts in the examples directory.
I am using the Amazon API and get this error while updating my stock from my database to Amazon website:
Caught Exception: Internal Error
Response Status Code: 0
Error Code:
Error Type:
Request ID:
XML:
I read this thread (amazonsellercommunity . com/forums/thread.jspa?messageID=2194823) and then get the error explanation:
<Error><Type>Sender</Type><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.</Message><Detail/></Error>
So I thought my MARKETPLACE_ID, MERCHANT_ID, AWS_ACCESS_KEY_ID or AWS_SECRET_ACCESS_KEY could be wrong. But I checked and these informations are correct.
Actually, I don't understand why this error happens... Before, it worked perfectly and since a couple of days it just crash. And I don't change anything in my code. Strange, isn't it?
Edit :
Here is my section code for signature.
define ('DATE_FORMAT', 'Y-m-d\TH:i:s\Z');
define('AWS_ACCESS_KEY_ID', 'ABC...'); // My AWS Access Key Id (20 characters)
define('AWS_SECRET_ACCESS_KEY', 'ABCDEF...'); // My AWS Secret Access Key (40 characters)
define('APPLICATION_NAME', 'MyCompany_AmazonMWS');
define('APPLICATION_VERSION', '0.0.1');
define ('MERCHANT_ID', 'XXXXXXX'); // My Merchant ID
define ('MARKETPLACE_ID', 'XXXXXXX'); // My Marketplace ID
$config = array (
'ServiceURL' => "https://mws.amazonservices.fr",
'ProxyHost' => null,
'ProxyPort' => -1,
'MaxErrorRetry' => 3,
);
$service = new MarketplaceWebService_Client(
AWS_ACCESS_KEY_ID,
AWS_SECRET_ACCESS_KEY,
$config,
APPLICATION_NAME,
APPLICATION_VERSION
);
$parameters = array (
'Marketplace' => MARKETPLACE_ID,
'Merchant' => MERCHANT_ID,
'FeedType' => '_POST_INVENTORY_AVAILABILITY_DATA_',
'FeedContent' => $feedHandle,
'PurgeAndReplace' => false,
'ContentMd5' => base64_encode(md5(stream_get_contents($feedHandle), true)),
);
// and then I do this:
$request = new MarketplaceWebService_Model_SubmitFeedRequest($parameters);
invokeSubmitFeed($service, $request);
If you want to see some parts of my code, just ask.
If I recall correctly, the authentication mechanism for Amazon APIs is sensitive to the current date/time on your machine (which is used in the process of signing the request). Check to see if your date/time is set correctly.
For me it was just an error with my web app passing url escaped strings. The special characters weren't like by amazon and this (not so useful) error came up. Make sure your file names have no url escaped characters.
I solved it (on Ubuntu 14.04 Server) using ntpdate:
First make sure it is installed:
apt-get install ntpdate
And then execute:
ntpdate ntp.ubuntu.com