S3 uploads

[Nando Breiter]

I'm looking at using fileupload() to place resources on S3

http://www.luceedocs.org/function/fileupload

What I need to do is make the file publically available and set the storage class to reduced redundancy. 

Is that, or how is that possible with the acl attribute of fileUpload()?

On a more basic level, how does authenticate work? Anyone have an example?

Thanks for the help.

Nando

Aria Media Sagl
Via Rompada 40
6987 Caslano
Switzerland

+41 (0)91 600 9601
+41 (0)76 303 4477 cell
skype: ariamedia

[Jean Moniatte]

Hello Nando,

here is a quick copy/paste of code that has been working for us :

<cffile action="readBinary" file="#arguments.sourceFile#" variable="local.binaryFileData">

<cfset local.destinationFile = urlEncodedFormat(arguments.destinationFile,'utf-8')>

<cfset local.cs = "PUT\n\n#local.contentType#\n#local.dateTimeString#\nx-amz-acl:#arguments.acl#\nx-amz-storage-class:STANDARD\n/#application.conf.s3.bucket#/#local.destinationFile#">

<cfset local.signature = _createSignature(local.cs)>

<cfhttp method="PUT" url="http://#application.conf.s3.host#/#application.conf.s3.bucket#/#local.destinationFile#" timeout="#arguments.timeout#">

<cfhttpparam type="header" name="Authorization" value="AWS #application.conf.s3.accessKeyId#:#local.signature#">

<cfhttpparam type="header" name="Content-Type" value="#local.contentType#">

<cfhttpparam type="header" name="Date" value="#local.dateTimeString#">

<cfhttpparam type="header" name="x-amz-acl" value="#arguments.acl#">

<cfhttpparam type="header" name="x-amz-storage-class" value="STANDARD">

<cfhttpparam type="body" value="#local.binaryFileData#">

</cfhttp>

And for the signature, here is what we use (not my code) :

<cffunction name="_createSignature" returntype="string" access="public" output="false">

  <cfargument name="stringIn" type="string" required="true" />

  <cfset var local = structNew()>

<cfset local.fixedData = replace(arguments.stringIn,"\n","#chr(10)#","all")>

<cfset local.digest = _HMAC_SHA1(application.conf.s3.secretKey,local.fixedData)>

<cfset local.signature = toBase64("#local.digest#")>

<cfreturn local.signature>

</cffunction>

<cffunction name="_HMAC_SHA1" returntype="binary" access="private" output="false" hint="NSA SHA-1 Algorithm">

  <cfargument name="signKey" type="string" required="true" />

  <cfargument name="signMessage" type="string" required="true" />

  <cfset var jMsg = JavaCast("string",arguments.signMessage).getBytes("iso-8859-1") />

  <cfset var jKey = JavaCast("string",arguments.signKey).getBytes("iso-8859-1") />

  <cfset var key = createObject("java","javax.crypto.spec.SecretKeySpec") />

  <cfset var mac = createObject("java","javax.crypto.Mac") />

  <cfset key = key.init(jKey,"HmacSHA1") />

  <cfset mac = mac.getInstance(key.getAlgorithm()) />

  <cfset mac.init(key) />

  <cfset mac.update(jMsg) />

  <cfreturn mac.doFinal() />

</cffunction>

Hope it helps

Thanks,

Jean

--

Jean Moniatte

UGAL

je...@ugal.com

http://www.ugal.com

--
You received this message because you are subscribed to the Google Groups "Lucee" group.
To unsubscribe from this group and stop receiving emails from it, send an email to lucee+un...@googlegroups.com.
To post to this group, send email to lu...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/CAGHrs%3D9Wp7%2Bn5-KSjx3F9FhT-7KoyVGRwoJOQkZsq1chHqFW2Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Jeremy R DeYoung]

couldn't you use the ACL struct to specify public?

Jeremy R. DeYoung (615) 261-8201 | fax (615) 680-0870 What is Your Next Step.com?

--

[Terry Whitney]

In my tests with s3, I found it easier to just use something like fuse.sf.net to mount the s3 bucket as standard file system, then apply permissions as such.

[Pete Freitag]

Hi Nando, 

This approach here may also work for you: http://www.petefreitag.com/item/833.cfm instead of uploading the file to your server, and then to S3, you can simply generate a policy on the server, sign it, and then have the user upload the file directly to S3. 

In my example I have the public-read flag set. For reduced redundancy I think you can just set the bucket to default to it.

--

Pete Freitag
http://foundeo.com/ - ColdFusion Consulting & Products
http://hackmycf.com - Is your ColdFusion Server Secure?

http://www.youtube.com/watch?v=ubESB87vl5U - FuseGuard your CFML in 10 minutes

--

[Jeremy R DeYoung]

I'm not sure the fileUpload or fileWrite can handle the reduce redundancy option. It can however handle permissions.

file action="write" file="s3:\\#accesskey#:#secretKey#@#bucket#\#filename#" output="myData" storeacl=[{group="all", permission="READ"}];

If you need more control - check out http://www.coldbox.org/forgebox/view/Amazon-S3

However both methods require accepting the file locally and then uploading to S3. Pete's code provides a way to upload directly to S3 I believe.

Jeremy R. DeYoung (615) 261-8201 | fax (615) 680-0870 What is Your Next Step.com?

--

You received this message because you are subscribed to the Google Groups "Lucee" group.
To unsubscribe from this group and stop receiving emails from it, send an email to lucee+un...@googlegroups.com.
To post to this group, send email to lu...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/b63d7c67-cb10-4abb-8813-e7b5e39b954d%40googlegroups.com.

[Nando Breiter]

Thanks for all the feedback. It is very much appreciated and I think I have a decent handle now on how to approach this.

Aria Media Sagl
Via Rompada 40
6987 Caslano
Switzerland

+41 (0)91 600 9601
+41 (0)76 303 4477 cell
skype: ariamedia

To view this discussion on the web visit https://groups.google.com/d/msgid/lucee/CAFy17u%3DX6vYfwi1eehAwHBiqAra%3Dprqcya4Tjo_frbD78r6vhA%40mail.gmail.com.

[Adam Chapman]

I use this simple wrapper CFC

http://amazons3.riaforge.org/

Hope this helps,
Adam