Presigned URLs
I need some help -- I'm trying to generate a presigned upload URL with R2 and I keep getting this error:
"The request signature we calculated does not match the signature you provided. Check your secret access key and signing method."
My go code is as follows:
func CreatePreSignedUploadURLR2() (string, error) {
iSess, err := session.NewSession(cloudflareR2Config)
if err != nil {
return "", err
}
sess := session.Must(iSess, nil)
svc := s3.New(sess)
r, := svc.PutObjectRequest(&s3.PutObjectInput{
ACL: aws.String("public-read"),
Bucket: aws.String("bucket-name"),
Key: aws.String("file.png"),
})
url, err := r.Presign(10 * time.Hour)
return url, err
}
I have similar code where I use the same R2 config and upload files like this and it works fine:
uploader := s3manager.NewUploader(sess)
, err = uploader.Upload(&s3manager.UploadInput{
ACL: aws.String("public-read"),
Bucket: bucket,
Key: key,
Body: bytes.NewReader(file),
ContentType: aws.String(ContentType),
})
Any ideas what I could be doing wrong?
This is what the pre-signed URL looks like:
https://accountid.r2.cloudflarestorage.com/bucket-name/file.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=b4053e91cf47c2e60fc0913379392611%2F20230815%2Fauto%2Fs3%2Faws4_request&X-Amz-Date=20230815T005722Z&X-Amz-Expires=36000&X-Amz-SignedHeaders=host%3Bx-amz-acl&X-Amz-Signature=cdfeef86ea408de67dfe70ce89444dc6ad5957fcd938507f0cd0d672679fccbf
8 Replies
Try removing the
ACL when you sign your request
Although... that probably isn't the issue here
Are you also sure you aren't sending over any headers you haven't signed? Content-Type is a common oneThanks -- I tried that...same error
These are the headers being sent
trying with this code now (still getting the same error):
r, _ := svc.PutObjectRequest(&s3.PutObjectInput{
Bucket: aws.String("bucket-name"),
Key: aws.String("file.png"),
ContentType: aws.String("image/png"),
})
Try disabling the Postman-Token header. You can also try hitting your URL with curl to make sure only headers you specify are being sent.
I tried again using the code from here: https://developers.cloudflare.com/r2/examples/aws/aws-sdk-go/#generate-presigned-urls
Still getting the same error, even with curl
aws-sdk-go · Cloudflare R2 docs
You must generate an Access Key before getting started. All examples will utilize access_key_id and access_key_secret variables which represent the …
Happens both with and without the content type header
running into the same issue
using typescript instead
import { S3Client } from '@aws-sdk/client-s3'
export const r2 = new S3Client({
region: 'auto',
endpoint:
https://${process.env.R2_ACCOUNT_ID}.r2.cloudflarestorage.com,
credentials: {
accessKeyId: process.env.R2_ACCESS_KEY_ID '',
secretAccessKey: process.env.R2_SECRET_ACCESS_KEY '',
},
})