Amazon S3 Signed URL in PHP

Question

This is the function pulled out of an old WP plugin for returning a signed Amazon S3 URL, but I can't get it to work! When I visit the signed URL it returns, I get this:

The request signature we calculated does not match the signature you provided. Check your key and signing method.

function s3Url($text) {
    $AWS_S3_KEY = 'KEY';
    $AWS_S3_SECRET = 'SECRET';
    $tag_pattern = '/(\[S3 bucket\=(.*?)\ text\=(.*?)\](.*?)\[\/S3\])/i';

    define("AWS_S3_KEY", $AWS_S3_KEY); // replace this with your AWS S3 key
    define("AWS_S3_SECRET", $AWS_S3_SECRET); // replace this with your secret key.
    $expires = time()+get_option('expire_seconds');

    if (preg_match_all ($tag_pattern, $text, $matches)) {

        for ($m=0; $m<count($matches[0]); $m++) {
            $bucket = $matches[2][$m];
            $link_text = $matches[3][$m];
            $resource = $matches[4][$m];

          $string_to_sign = "GET\n\n\n$expires\n/".str_replace(".s3.amazonaws.com","",$bucket)."/$resource";

            //$string_to_sign = "GET\n\n\n{$expires}\n/{$bucket}/{$resource}"; 
            $signature = urlencode(base64_encode((hash_hmac("sha1", utf8_encode($string_to_sign), AWS_S3_SECRET, TRUE))));

            $authentication_params = "AWSAccessKeyId=".AWS_S3_KEY;
            $authentication_params.= "&Expires={$expires}";
            $authentication_params.= "&Signature={$signature}";

            $tag_pattern_match = "/(\[S3 bucket\=(.*?)\ text\={$link_text}\]{$resource}\[\/S3\])/i";

            if(strlen($link_text) == 0)
            {
                $link = "http://{$bucket}/{$resource}?{$authentication_params}";
            }
            else
            {
                $link = "<a href='http://{$bucket}/{$resource}?{$authentication_params}'>{$link_text}</a>";
            }

            $text = preg_replace($tag_pattern_match,$link,$text);
        }
    }

    return $text;
}

Answer 1

The example provided in the Amazon AWS PHP SDK: sdk-latest\sdk-1.3.5\sdk-1.3.5\_samples\cli-s3_get_urls_for_uploads.php the following code works quite well:

        /* Execute our queue of batched requests. This may take a few seconds to a
       few minutes depending on the size of the files and how fast your upload
       speeds are. */
    $file_upload_response = $s3->batch()->send();

    /* Since a batch of requests will return multiple responses, let's
       make sure they ALL came back successfully using `areOK()` (singular
       responses use `isOK()`). */
    if ($file_upload_response->areOK())
    {
        // Loop through the individual filenames
        foreach ($individual_filenames as $filename)
        {
            /* Display a URL for each of the files we uploaded. Since uploads default to
               private (you can choose to override this setting when uploading), we'll
               pre-authenticate the file URL for the next 5 minutes. */
            echo $s3->get_object_url($bucket, $filename, '5 minutes') . PHP_EOL . PHP_EOL;
        }
    }