Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

PUT files to Google Cloud Storage (GCS) via Signed URLs

Tags:

java

google-cloud-storage

I am trying to use "signed URLs" to access/upload files to Google Cloud Storage (GCS).

Followed the instructions at https://developers.google.com/storage/docs/accesscontrol#Signing-Strings

What I did:

  • Registered a "Web Application" at Google Cloud Console.
  • Generated new private key using the "Generate New Key" at the "Certificate" section of the registered web application screen.
  • Created my string to be signed and sign it using the sample code provided by "How to Sign" section of the page (just minor tweaks to hardcode values for the Java main program). Update: Created a gist for GcsSigner.java.
  • Ensure that the signed string is URL encoded.
  • HTTP headers specified: x-goog-api-version, x-goog-project-id, Content-Type.
  • URL Parameters specified: GoogleAccessId, Signature, Expires.
  • Use Postman (a Chrome extension) to simulate PUT request.

However, I am still getting this (Status: 403 Forbidden):

<?xml version='1.0' encoding='UTF-8'?>
<Error>
    <Code>SignatureDoesNotMatch</Code>
    <Message>The request signature we calculated does not match the signature you provided. Check your Google secret key and signing method.</Message>
    <StringToSign>PUT

text/plain
1384084959392
x-goog-api-version:2
x-goog-project-id:99999
/mybucket/myfile.txt</StringToSign>
</Error>

Even when I retry by signing the string based on values in "StringToSign", I still get the same error.

Read various related postings here but could not find any solution and most of it refers to x-goog-api-version:1 while i am using version 2.

What am i missing? Any help would be greatly appreciated.

like image 638
kctang Avatar asked Nov 10 '13 13:11

kctang

2 Answers

Finally managed to PUT files to Google Cloud Storage using signed URLs. This was done by creating a simple Java program to simulate:

  • Server to sign & encode a string as signature.
  • Uploader as an unauthenticated user submitting the PUT request using only the signature provided by Server. Browser is simulated using Apache's HTTP Client library.

You can see the demo app here.

I do not really understand why it did not work when I submitted through Chrome's Postman extension.

like image 104
kctang Avatar answered Oct 09 '22 22:10

kctang

Though the doc says Content-Type is optional, it actually means you must set correct content-Type correspond to your http request header.

In this case, your must add content-type: text/plain in the signing string.

https://cloud.google.com/storage/docs/access-control/create-signed-urls-program

like image 26
gaga5lala Avatar answered Oct 10 '22 00:10

gaga5lala
Sign in to Comment

Related questions

Monospaced font/symbols for JTextPane
How to build a distributed java application?
Convert a byte or int to bitset
Pass parameters to Spring MethodInvokingFactoryBean arguments list
Server Name Indication (SNI) on Java
Criteria eager fetch-joined collection to avoid n+1 selects
How to remotely profile a web application with JProfiler?
Is there an XML tag that is equivalent to `ListView.addHeaderView'?
Mysterious milliseconds number found in Java Date/Calendar object
How to set up maven 3 local plugin repository
The flush method of OutputStream does nothing?
Convert a classpath filename to a real filename
How to extract values from bundle in Android
Selenium WebDriver and HTML Window location by using Java
WordNet Java API [closed]
Troubleshooting 'Too many files open' with lsof
JSON and Generics in Java - Type safety warning
How to make Apache Tomcat accept DELETE method
Hibernate Criteria: distinct entities and then limit
Java String.split() sometimes giving blank strings

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!