AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관

generate a presigned URL with aws-iot-device-sdk-embedded-C

0

Is is possible somehow to generate a presigned URL with the aws-iot-device-sdk-embedded-C?

I've been looking at the demo http_demo_s3_download which I can run successfully.

I tried to add in http_demo_s3_download.c, just after

    if( returnStatus == true )
    {
        LogInfo( ( "The file is %d bytes long.", ( int32_t ) *pFileSize ) );

The following code:

        char ota_temp_url[2048] = "https://" \
                                  AWS_S3_ENDPOINT \
                                  AWS_S3_URI_PATH \
                                  "?response-content-disposition=inline";
        strcat(ota_temp_url, "&X-Amz-Security-Token=");
        strncat(ota_temp_url, pSecurityToken, securityTokenLen);
        strcat(ota_temp_url, "&X-Amz-Algorithm=");
        strcat(ota_temp_url, SIGV4_AWS4_HMAC_SHA256);
        strcat(ota_temp_url, "&X-Amz-Date=");
        strncat(ota_temp_url, pDateISO8601, SIGV4_ISO_STRING_LEN);
        strcat(ota_temp_url, "&X-Amz-SignedHeaders=host");
        strcat(ota_temp_url, "&X-Amz-Expires=3600");
        strcat(ota_temp_url, "&X-Amz-Credential=");
        {
            char* pchar_start = strstr(pSigv4Auth, " Credential=");
            if (pchar_start) {
                char* pchar_end = strstr(pchar_start, ",");
                if (pchar_end) {
                    strncat(ota_temp_url, pchar_start+12, pchar_end-pchar_start-12);
                }
            }
        }
        strcat(ota_temp_url, "&X-Amz-Signature=");
        strncat(ota_temp_url, signature, signatureLen);
        LogInfo( ( "ota_temp_url=%s", ota_temp_url ) );

This is generating a URL with the correct syntax but I'm failing to understand what's wrong as the answer I get is:

<Error>
<Code>InvalidToken</Code>
<Message>The provided token is malformed or otherwise invalid.</Message>
<Token-0>IQoJb3JpZ2luX2VjEMb//////////wEaDGV1LWNlbnRyYWwtMSJGMEQCIBrv7gABmZniPAwon17t1bJQP7f7QilcTJU3QM0 XKVAiBEs/69RoSRWLOlM3uwtIhQA7kz8rnJmOzREgCzyumHiyrnAwi///////////8BEAAaDDM0NjQ0NDczNTIyNiIM08c2idyZjLoTyrxEKrsDSqeQAZ// oou4ENh2LylLXIVS9tlsB82Jg96 v2a jtM81N fXia5DD9v/IthIJrm8E TDkmkg09L7nwpgyB5ombnXfiv6jNaZTjR W3GR/NGh33nLCh9eywgfovbf2BD8TKgBU6ke74TGuxm3phFzW2K1OgCtP4oDUq94e432SKaZJsiD97jA20MX8IfVwD6xwBX0N25RHilQDipgl/DqeR3hvZqlZmIzIvzNvJ6OStuhMIGX5uKg4Dy4/zwNWfIGGr6AhR6XT9e3qESihLXWapMb0kVVxupVOteqdgbGpl3NbmJdBWVQ1YhKfVhXCXo8fWdHtFomCxJfu15o4YKMWwLPWPADu/TTI2DXdcCYY32cyVy54DjmEQnL5kXI7QOv3c3mS1FE56XlUK8eoR4rwXL9cUXsNrbCTPFOeasxlohZ4e jVASLl RQx3Xh2v1dvPKCGtywBgc0MLXvPiAWxnpnraGrpsksXXY6DsWYbIsnHBuomblCzF5N1T85EBP2VQbsUo1U9ez xL8WVgKZqUaF4kxTwZEBF5FaZelFY9Lle ActCn2C41yRJ0XSSWrdasSI t77YOcww7bbqAY6mwGn6MspGaXNR AWi5qQbcH6Hxee4s L74ZEcGrnK91IcuJ djHfLhLRUJIEUJLruGnkgqdP9DZmcv1TmLrr2vByWkFG867SSF2slWzbtwWIrML/7jxI KTSou5wPHQC3fvjFboQ5f0ub5wUott/bmneKo7Np2QtjmpiKQi7JHazcP2vRxBmzQ6JpLBXWsXuDVzeYLfsIgvPV/mG0A==</Token-0>
<RequestId>EE873P33F22DW1K6</RequestId>
<HostId>cljT52u0sAuOuzSohPGVOW9hxaCMuHd/hOEEkCMj8hTWf9guhbDzwC4J5W49QTQeww3kgrB2e3Yeax5ieI2MCw==</HostId>
</Error>

Can anybody help me?

profile picture
질문됨 일 년 전532회 조회
2개 답변
1
수락된 답변

Hi,

Can you compare the URL that you create to the one generated by 'aws s3 presign' with same input parameters?
See https://awscli.amazonaws.com/v2/documentation/api/latest/reference/s3/presign.html

That should help determine where your problem is. (it's very often in the signature)

Best,

Didier

profile pictureAWS
전문가
답변함 일 년 전
  • You were actually right Didier, I had an issue with the signature that I could adjust comparing with 'aws s3 presign'. Unfortunately now it complains about the (temporary) AccessKeyId that I get in the same demo, which does allow me to download the file but apparently is not allowed to generate a presigned URL. <Code>InvalidAccessKeyId</Code> <Message>The AWS Access Key Id you provided does not exist in our records.</Message>

1

Hi Giuseppe.

Is is possible somehow to generate a presigned URL with the aws-iot-device-sdk-embedded-C?

This SDK has no specific support for that. It's not something a constrained device that uses this SDK would typically do. A more common workflow is for the cloud to generate the presigned URL and send it to the device over MQTT. The following blog shows this kind of workflow for the case of S3 upload, but a similar workflow for download could be used: https://aws.amazon.com/blogs/iot/securely-ingesting-large-sized-payloads-from-iot-devices-to-the-aws-cloud/

Likewise, AWS IoT Jobs includes support for presigned URLs in job documents: https://docs.aws.amazon.com/iot/latest/developerguide/create-manage-jobs.html#create-manage-jobs-presigned-URLs. This demo uses this functionality: https://github.com/aws/aws-iot-device-sdk-embedded-C/blob/main/demos/ota/ota_demo_core_http/ota_demo_core_http.c

profile pictureAWS
전문가
답변함 일 년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠