DevStarlight DevStarlight - 2 months ago 10
Node.js Question

SignatureDoesNotMatch $cordovaFileTransfer

I'm trying to upload a video to

Amazon s3
previously recorded with
$cordovaCapture
.

The capture process works correctly, and as a response I get the
object
:

[MediaFile]
0:
MediaFileend: 0
fullPath: "file:/storage/sdcard/DCIM/Camera/VID_20160919_144041.mp4"
lastModified: null
lastModifiedDate: 1474288843000
localURL: "cdvfile://localhost/persistent/DCIM/Camera/VID_20160919_144041.mp4"
name: "VID_20160919_144041.mp4"
size: 17098
start: 0
type: "video/mp4"
__proto__: utils.extend.F
length: 1
__proto__: Array[0]


Then, before I upload the video, I request to my server the Authenticating URL as it follows:

nodeJS

getSignedUrl: function (filename, type, callback) {
if (filename) {
AWS.config.update({
accessKeyId: 'my_access_key',
secretAccessKey: 'my_secret_access_key',
region: 'my_region'
});

var s3 = new AWS.S3();
s3.getSignedUrl('putObject', {Bucket: 'my_bucket', Key: 'uploads/' + filename, ContentType: type}, function (err, url) {
if (err) {
callback(err);
} else {
callback(url);
}
});
} else {
callback('Error');
}
}


That gives me the next endpoint:

https://s3-my_region.amazonaws.com/my_bucket/uploads/VID_20160919_144…=video%2Fmp4&Expires=1474289746&Signature=sF67ukPu3oELJXzsmAXCeeEJ%2FE4%3D


After I get the
URL
to point my upload, here is where problems are comming:

Having this code:

var options = {
httpMethod: "PUT",
fileName: name,
mimeType: type,
chunkedMode: 'false',
encodedURI: 'false',
headers: {
"Content-Type": type
}
};

$cordovaFileTransfer.upload(url, videoPath, options)
.then(function (result) {
callback(result);
}, function (err) {
callback(err);
}, function (progress) {
p = progress;
});


This is the error that I get:

http status: 403
Code: 1
description: <?xml version="1.0" encoding="UTF-8"?>
<Error>
<Code>SignatureDoesNotMatch</Code>
<Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message>
<AWSAccessKeyId>my_access_key</AWSAccessKeyId>
<StringToSign>
PUT
video/mp4
1474291133
/my_bucket/uploads/VID_20160919_150347.mp4
</StringToSign>
<SignatureProvided>
nwLEVBOarxi7YwyB4hJ2op4j1ms%253D
</SignatureProvided>
<StringToSignBytes>
50 55 54 0a 0a 76 69 64 65 6f 2f....
</StringToSignBytes>
<RequestId>CC29DD761826BAFF</RequestId>
<HostId>
OHTLyBaAa29X04msYXqwmvr1Mw90wnPmkxXeU7pTOb9pFwDuuRXDC3AdLNwVIoEHnoUEsceWn24=
</HostId>
</Error>


Sounds like the problem is around the
header
, that doesn't work as expected.

As well, I tried with a second option
code
in my client following directly the documentation of the cordova-plugin-file-transfer:

var options = new FileUploadOptions(),
ft = new FileTransfer();

options.httpMethod = "PUT";
options.fileName = name;
options.mimeType = type;
options.headers = {
ContentType: type
};
options.chunkedMode = "false";
options.encodeURI = "false";

ft.upload(videoPath, url, callback, callback, options);


with the same response error.

Here I got also problems with
Content-Type
. Even though in the documentation declares like:

var headers = {
"Content-Type": 'video/mp4'
};

options.headers = headers;


it was returning me the next error:

http status: 501
description: <?xml version="1.0" encoding="UTF-8"?>
<Error>
<Code>NotImplemented</Code>
<Message>
A header you provided implies functionality that is not implemented
</Message>
<Header>Transfer-Encoding</Header>
<RequestId>231F38AFFBB587C6</RequestId>
.
.
.
</Error>


Although I'm gonna keep investigating... could someone help me with this problem?

just as a note, I made it work with a
$http.post
like in this other post of mine.

Thanks in advice.

UPDATE

Investigating much more in the issue, with the
nodeJS
code I wasn't able to upload anything as well, so I just modified the
S3
constructor like this way:

s3 = new AWS.S3({
signatureVersion: 'v4',
region: "us-west-2"
});


After that, checking with
curl
through console like this way:

curl -v -H "Content-Type: application/octet-stream" --upload-file "/Users/my_user/Desktop/VID_20160920_233443.mp4" "https://s3-us-west-2.amazonaws.com/my_bucket/uploads/VID_20160920_233443.mp4?Content-Type=video%2Fmp4&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJV3UP7LBEKPYMLGA%2F20160921%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20160921T103723Z&X-Amz-Expires=600&X-Amz-Signature=8463625a45237452280b3dc9cfd89366093f7b78f8c76598ba2240f06c7f20c9&X-Amz-SignedHeaders=host%3Bx-amz-acl&x-amz-acl=public-read"


the response was successfully:

* Trying 54.231.176.22...
* Connected to s3-us-west-2.amazonaws.com (54.231.176.22) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate: *.s3-us-west-2.amazonaws.com
* Server certificate: DigiCert Baltimore CA-2 G2
* Server certificate: Baltimore CyberTrust Root
> PUT /my_bucket/uploads/VID_20160920_233443.mp4?Content-Type=video%2Fmp4&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJV3UP7LBEKPYMLGA%2F20160921%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20160921T103723Z&X-Amz-Expires=600&X-Amz-Signature=8463625a45237452280b3dc9cfd89366093f7b78f8c76598ba2240f06c7f20c9&X-Amz-SignedHeaders=host%3Bx-amz-acl&x-amz-acl=public-read HTTP/1.1
> Host: s3-us-west-2.amazonaws.com
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/octet-stream
> Content-Length: 18964
> Expect: 100-continue
>
< HTTP/1.1 100 Continue
* We are completely uploaded and fine
< HTTP/1.1 200 OK
< x-amz-id-2: moDxOsEISsfqjCILaIsJtl3ncc7UeH4hNNISiJeuH46MrDrHEfVm9EKC5RRkORMilDEE5z7l8cI=
< x-amz-request-id: BC345E2AC71AC019
< Date: Wed, 21 Sep 2016 10:38:05 GMT
< x-amz-expiration: expiry-date="Fri, 23 Sep 2016 00:00:00 GMT", rule-id="Delete bad uploads after 1 day"
< ETag: "7688c487b1ea40c849fdb070cf736b28"
< Content-Length: 0
< Server: AmazonS3
<
* Connection #0 to host s3-us-west-2.amazonaws.com left intact


changing the
angular
code like this new one:

var options = new FileUploadOptions(),
ft = new FileTransfer();

options.httpMethod = "PUT";
options.fileKey = "file";
options.fileName = name;
options.mimeType = type;
options.chunkedMode = false;

options.headers = {
"Content-Type": type,
"x-amz-acl": 'public-read'
};

ft.upload(videoPath, url, callback(null), callback, options);


The problem still comes:

An error has occurred: Code = 1
upload error source cdvfile://localhost/persistent/DCIM/Camera/VID_20160921_122323.mp4
upload error target https://s3-us-west-2.amazonaws.com/my_bucket/uploads/VID_20160921_122…9e365af3f771c5d&X-Amz-SignedHeaders=host%3Bx-amz-acl&x-amz-acl=public-read
http status: 501
description: <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>NotImplemented</Code><Message>A header you provided implies functionality that is not implemented</Message><Header>Transfer-Encoding</Header><RequestId>D646593FD109C0F8</RequestId><HostId>wVmGWPAAWdmSXdq5N/eO7ihqHk0GoMlXNe6k9sAyyEz55Q4k2gGgkgsgyXkh8xsxUDlmzQdAIPQ=</HostId></Error>


Here I include my
FileUploadOptions()
:

chunkedMode: false
fileKey: "file"
fileName: "VID_20160921_125152.mp4"
headers: Object
Content-Type: "video/mp4"
x-amz-acl: "public-read"
__proto__: Object
httpMethod: "PUT"
mimeType: "video/mp4"
params: null


UPDATE 2

Trying directly with the
$cordovaFileTransfer
plugin from ngCordova, I get another error:

"<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AuthorizationQueryParametersError</Code><Message>Error parsing the X-Amz-Credential parameter; the Credential is mal-formed; expecting "&lt;YOUR-AKID&gt;/YYYYMMDD/REGION/SERVICE/aws4_request".</Message><RequestId>C863350E96804F5C</RequestId><HostId>7TmXBDlsGNvDmLFKgLePTMAg+Onf8y1ZPTEWmbdHPAyWHFIdt1+5J7U3H8Ygnf3sebMRpRNdxXA=</HostId></Error>"


UPDATE 3

To clarify everything as much as possible I've deployed a github with all the backend/frontend in which I'm working.

Thanks once again.

UPDATE 4

Thanks to the help of daserge, I could get the headers of my PUT. Here bellow I paste the result:

HTTP/1.1 400 Bad Request
x-amz-request-id 3F686CFD09B5C6DD
x-amz-id-2 KDrmvzhnrWfLB+Tdttg88MaPVOp2LOBAhwEqiBR0XdMpaje3lRsiM6mHfjv5ULzD7GweiT9C2T0=
Content-Type application/xml
Date Sat, 24 Sep 2016 17:00:03 GMT
Server AmazonS3
Transfer-Encoding chunked
Proxy-Connection Close

PUT /my_bucket/uploads/VID_20160924_190000.mp4?Content-Type=video%252Fmp4&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJV3UP7LBEKPYMLGA%252F20160924%252Fus-west-2%252Fs3%252Faws4_request&X-Amz-Date=20160924T170002Z&X-Amz-Expires=600&X-Amz-Signature=ca3c992290bdf51e14bab6d67e4c520b280368bdd2a0274b552dc3e975f55c9d&X-Amz-SignedHeaders=host%253Bx-amz-acl&x-amz-acl=public-read HTTP/1.1
Content-Type application/octet-stream
Content-Length 56116
User-Agent Dalvik/2.1.0 (Linux; U; Android 5.0; Aquaris E5 HD Build/LRX21M)
Host s3-us-west-2.amazonaws.com
Connection Keep-Alive
Accept-Encoding gzip


Then I realiced there were 2 parameters wrong:

Content-Type: application/xml
Transfer-Encoding: chunked


As well, I've realiced about encoding. It sould be
%2F
and it's coming like
%252F
.

Which is strange because the way I'm using the params seems to be right:

options = {
fileKey: 'file',
fileName: name,
chunkedMode: false,
httpMethod: 'PUT',
mimeType: "application/octet-stream",
headers: {
"Content-Type": "application/octet-stream"
}
};

$cordovaFileTransfer.upload(server, filePath, options)
.then(function (result) {
console.log(result);
}, function (err) {
console.log(err);
}, function (progress) {
console.log(progress);
});


as well, thanks to bvakiti I've realiced there is an error message because I'm sending the video to an
https
. I'm trying
http
.

Answer

It seems that there is a conflict between the endpoint you get from AWS and the way you use $cordovaFileTransfer.

When you get the endpoint with s3.getSignedUrl in your server, only the params of the the response URL are encoded (the base URL keeps non-encoded).

When you use $cordovaFileTransfer That function encodes again the params, that's why you see that %252F which match to //.

There are 3 options:

  • Instead, before your $cordovaFileTransfer calling, decode the params

    var host = server.split('?')[0] + '?' + decodeURIComponent(server.split('?')[1]);
    
  • Use options.params as described in the documentation

The option encodeURI: false suggested in other help comments didn't work for me

Hope it helps.