Help with authentication on Amazon S3

Hello, I need some help with the s3_direct_upload_aws4 project below. I am trying to use it

in a system where an Elm frontend does client-side uploads to S3 with help of
a Phoenix back end. I have the code working except for the fact that s3_direct_upload
fails because it does not use Amazon’s current signing method, AWS Signature Version 4.

For the signing process, I am using CargoSenses’ code. However, it is not passing the one test that I have
written using the example discussed in the README. If someone could help out, that would be great. The result will be a version of s3_direct_upload that others can use with AWS Signature Version 4.

Many thanks in advance, and I look forward to discussing this. Here is the code. It is very short.

The issue might be with @signature in your test.

I just added {:sigaws, "~> 0.7} to your mix.exs and included the following code fragment in your signing_key test:

{:ok, signing_key_from_sigaws} = Sigaws.Util.signing_key(
  {2015, 12, 29} |> Date.from_erl!(),
  @region,
  "s3",
  @awsSecretAccessKey
)

signature_from_sigaws = signing_key_from_sigaws
|>  Sigaws.Util.hmac([@string_to_sign])
|>  Base.encode16(case: :lower)

IO.inspect(signature, label: "signature from original test")
IO.inspect(signature_from_sigaws, label: "signature_from_sigaws")

assert signature_from_sigaws == signature

Check out sigaws lib from hex.pm. It has support for presigned urls.

1 Like

I think it must be the @signature, since you are producing the same signature as I did using both my home-brew code and that from CargoSense. But your library seems to do everything I need, so I will try using it in my app.

Thank you very much!

Hello @jxxcarlson would you be willing to share an overview of the process you used to achieve that, because I am currently trying to achive exactly that so if you have any directions that would be really helpfull because the documentation is a bit ambigous at least to me.