Presigned URLs
I need some help -- I'm trying to generate a presigned upload URL with R2 and I keep getting this error:
"The request signature we calculated does not match the signature you provided. Check your secret access key and signing method."
My go code is as follows:
func CreatePreSignedUploadURLR2() (string, error) {
iSess, err := session.NewSession(cloudflareR2Config)
if err != nil {
return "", err
}
sess := session.Must(iSess, nil)
svc := s3.New(sess)
r, := svc.PutObjectRequest(&s3.PutObjectInput{
ACL: aws.String("public-read"),
Bucket: aws.String("bucket-name"),
Key: aws.String("file.png"),
})
url, err := r.Presign(10 * time.Hour)
return url, err
}
I have similar code where I use the same R2 config and upload files like this and it works fine:
uploader := s3manager.NewUploader(sess)
, err = uploader.Upload(&s3manager.UploadInput{
ACL: aws.String("public-read"),
Bucket: bucket,
Key: key,
Body: bytes.NewReader(file),
ContentType: aws.String(ContentType),
})
Any ideas what I could be doing wrong?
This is what the pre-signed URL looks like:
https://accountid.r2.cloudflarestorage.com/bucket-name/file.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=b4053e91cf47c2e60fc0913379392611%2F20230815%2Fauto%2Fs3%2Faws4_request&X-Amz-Date=20230815T005722Z&X-Amz-Expires=36000&X-Amz-SignedHeaders=host%3Bx-amz-acl&X-Amz-Signature=cdfeef86ea408de67dfe70ce89444dc6ad5957fcd938507f0cd0d672679fccbf
8 Replies
Unknown User•11mo ago
Message Not Public
Sign In & Join Server To View
Thanks -- I tried that...same error
These are the headers being sent
trying with this code now (still getting the same error):
r, _ := svc.PutObjectRequest(&s3.PutObjectInput{
Bucket: aws.String("bucket-name"),
Key: aws.String("file.png"),
ContentType: aws.String("image/png"),
})
Unknown User•11mo ago
Message Not Public
Sign In & Join Server To View
I tried again using the code from here: https://developers.cloudflare.com/r2/examples/aws/aws-sdk-go/#generate-presigned-urls
Still getting the same error, even with curl
aws-sdk-go · Cloudflare R2 docs
You must generate an Access Key before getting started. All examples will utilize access_key_id and access_key_secret variables which represent the …
Happens both with and without the content type header
running into the same issue
using typescript instead
import { S3Client } from '@aws-sdk/client-s3'
export const r2 = new S3Client({
region: 'auto',
endpoint:
https://${process.env.R2_ACCOUNT_ID}.r2.cloudflarestorage.com,
credentials: {
accessKeyId: process.env.R2_ACCESS_KEY_ID '',
secretAccessKey: process.env.R2_SECRET_ACCESS_KEY '',
},
})