Network.request headers and S3 auth strangeness

Solar2D Network
#1

So I’m trying to download files from S3 using their AWS4-HMAC-SHA256 auth.  I generate all the header values and signature in Corona but heres the thing, it doesn’t seem to work with network.request.

Using network.request in Corona I always get ‘The request signature we calculated does not match the signature you provided. Check your key and signing method.’

I can verify it is all correct by copying the corona generated header values into Postman/Advanced REST Client/resttesttest.com/

So I’m not sure what is going on behind the scenes with the headers?

Headers I am using are:

Content-Type

Host

X-Amz-Content-Sha256

X-Amz-Date

Authorization

The host one I am suspicious of, none of the other clients seem to care if it’s there or not. Like I say though all the others check out if I copy over to another REST client. I need to use it to generate the signature for the message though.

Any ideas anyone?

#2

Had an idea to try Lua’s http request:

local http = require("socket.http") local r, c, h = http.request { method = "GET", url = "https://s3.us-east-2.amazonaws.com/xxxxxx", headers = getHeaders(url, method) }

Returns 200 every time, so is this some bug with network.request? 

I don’t really want to use the Lua http.request because its blocking

#3

Hi,

The S3-lite plugin uses network.request (https://marketplace.coronalabs.com/plugin/s3-lite), so I don’t think that is the issue.

-dev

#4

You using the same auth and headers?

#5

Hi,

It’s using the AWS Signature Version 4 headers and signature scheme.

-dev

#6

Is there more information you can share? Put together a test project that fails? There really isn’t enough here for me to take to engineering.

Rob

#7

Hi Rob, I have a working project I can send over, can you PM me so I can send it in the reply?

EDIT - Solved: Big thanks to Develephant for the help on this, needed to exclude the ‘Content-Type’ header from the request and signing and it suddenly sprung into life!  Don’t waste time like me, just buy the s3 plugin  :lol:

#8

Glad you solved it.

Rob

#9

Yes, Develephant’s 'Amazon S3 Lite/ plugin in the Corona Marketplace did the job for me. I recommend it

#10

Had an idea to try Lua’s http request:

local http = require("socket.http") local r, c, h = http.request { method = "GET", url = "https://s3.us-east-2.amazonaws.com/xxxxxx", headers = getHeaders(url, method) }

Returns 200 every time, so is this some bug with network.request? 

I don’t really want to use the Lua http.request because its blocking

#11

Hi,

The S3-lite plugin uses network.request (https://marketplace.coronalabs.com/plugin/s3-lite), so I don’t think that is the issue.

-dev

#12

You using the same auth and headers?

#13

Hi,

It’s using the AWS Signature Version 4 headers and signature scheme.

-dev

#14

Is there more information you can share? Put together a test project that fails? There really isn’t enough here for me to take to engineering.

Rob

#15

Hi Rob, I have a working project I can send over, can you PM me so I can send it in the reply?

EDIT - Solved: Big thanks to Develephant for the help on this, needed to exclude the ‘Content-Type’ header from the request and signing and it suddenly sprung into life!  Don’t waste time like me, just buy the s3 plugin  :lol:

#16

Glad you solved it.

Rob

#17

Yes, Develephant’s 'Amazon S3 Lite/ plugin in the Corona Marketplace did the job for me. I recommend it