Skip to content

Instantly share code, notes, and snippets.

@stefanneculai

stefanneculai/AWS_CONFIG.rb

Last active June 26, 2019 05:29
Show Gist options
  • Save stefanneculai/deed108fad534d0db3ff to your computer and use it in GitHub Desktop.
Save stefanneculai/deed108fad534d0db3ff to your computer and use it in GitHub Desktop.
Download ZIP
Amazon Signature Ruby
Raw
amazon_signature.rb
module AmazonSignature
extend self
def signature
Base64.encode64(
OpenSSL::HMAC.digest(
OpenSSL::Digest.new('sha1'),
AWS_CONFIG['secret_access_key'], self.policy
)
).gsub("\n", "")
end
def policy
Base64.encode64(self.policy_data.to_json).gsub("\n", "")
end
def policy_data
{
expiration: 10.hours.from_now.utc.iso8601,
conditions: [
["starts-with", "$key", AWS_CONFIG['key_start']],
["starts-with", "$x-requested-with", "xhr"],
["content-length-range", 0, 20.megabytes],
["starts-with", "$content-type", ""],
{bucket: AWS_CONFIG['bucket']},
{acl: AWS_CONFIG['acl']},
{success_action_status: "201"}
]
}
end
def data_hash
{
:bucket => AWS_CONFIG['bucket'],
:region => AWS_CONFIG['region'],
:keyStart => AWS_CONFIG['key_start'],
:params => {
:acl => AWS_CONFIG['acl'],
:AWSAccessKeyId => ENV['access_key_id'],
:signature => self.signature,
:policy => self.policy
}
}
end
end
Raw
AWS_CONFIG.rb
AWS_CONFIG = {
'access_key_id' => YOUR_ACCESS_KEY,
'secret_access_key' => YOUR_SECRET_ACCESS_KEY,
'bucket' => 'froala',
'acl' => 'public-read',
'key_start' => 'uploads/',
'region' => 's3' # For other regions than us-east-1, use s3-region. E.g.: s3-eu-west-1
}
Raw
CORS file
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>REPLACE_THIS_WITH_THE_URL_OF_THE_PAGE_WHERE_YOU_USE_THE_EDITOR</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
@mszyndel
Copy link

mszyndel commented Jul 22, 2015

For newer regions (for example Frankfurt - eu-central-1) you need to use following signing method:

def getSignatureKey key, dateStamp, regionName, serviceName
    kDate    = OpenSSL::HMAC.digest('sha256', "AWS4" + key, dateStamp)
    kRegion  = OpenSSL::HMAC.digest('sha256', kDate, regionName)
    kService = OpenSSL::HMAC.digest('sha256', kRegion, serviceName)
    kSigning = OpenSSL::HMAC.digest('sha256', kService, "aws4_request")

    kSigning
end

via http://docs.aws.amazon.com/general/latest/gr/signature-v4-examples.html#signature-v4-examples-ruby

@austinwang
Copy link

austinwang commented Dec 3, 2015

You sir, are a saint.

@kaitlynhova
Copy link

kaitlynhova commented Feb 24, 2016

I'm still getting an error in my console that is -->

 No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access. The response had HTTP status code 403.

Do you have any ideas?

@JoelBeasley
Copy link

JoelBeasley commented Mar 22, 2016

@kaitlynhova did you resolve this? I'm getting the same message

@catalin88
Copy link

catalin88 commented Mar 29, 2016

I would very much appreciate if anyone could help with amazon signature version 4, which is the only one allowed for newer regions.

I found this example but it's for the 'iam' service so some adaptation is needed: https://gist.github.com/blelump/9e6880a87fefa6397032

A few more examples: here http://docs.aws.amazon.com/general/latest/gr/sigv4-signed-request-examples.html#sig-v4-examples-post

@dodontommy
Copy link

dodontommy commented Apr 15, 2016

@kaitlynhova +1 I am getting the same thing

@Sashkan
Copy link

Sashkan commented May 30, 2016

@kaitlynhova did you manage to fix the error ?

@nicooprat
Copy link

nicooprat commented Jul 6, 2016

Did you correctly replaced this line?

<AllowedOrigin>http://localhost:3000</AllowedOrigin>

@mikelim098098
Copy link

mikelim098098 commented Nov 23, 2016

Hello everyone,

I am seeing this error in my console:

screen shot 2016-11-23 at 4 01 19 am

I'm having the same problem as the last several individuals were having above trying to upload images to S3 and I have no clue as to where i need to look next. I am using the imageUploadToS3 option.

And here is my CORS setting on Amazon:

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
    <CORSRule>
        <AllowedOrigin>http://localhost:3000</AllowedOrigin>
        <AllowedMethod>GET</AllowedMethod>
        <AllowedMethod>POST</AllowedMethod>
        <AllowedMethod>PUT</AllowedMethod>
        <MaxAgeSeconds>3000</MaxAgeSeconds>
        <AllowedHeader>*</AllowedHeader>
    </CORSRule>
</CORSConfiguration>

Any advice toward any direction would be greatly appreciated!

Copy link

ghost commented Jan 17, 2017

How to fix the "preflight request" error -

Change:

region: 's3', // Change the region if it is different

To your region, which for me was:

region: 's3-us-west-2', // Change the region if it is different

To find the correct region, since I tried just "us-west-2" which didn't work, I had to look at URL for a previously uploaded image in that bucket, where I found the full region name; "s3-us-west-2"

Hope that helps!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment