SignedUrl Google Cloud Storage "SignatureDoesNotMatch" error
1,419 views
Skip to first unread message
Manoj Raj
Jan 1, 2014, 1:42:16 AM1/1/14
to google-api...@googlegroups.com
I tried implementing the signedurl thing in Google Cloud storage but it gives me the error "SignatureDoesNotMatch"
Can someone please help me in this process... Is there any default acl needs to be added to the bucket on the whole to get the signature thing work?
This is my code
// Signed URL
const SERVICE_ACCOUNT_NAME = 'ararara...@developer.gserviceaccount.com';
const KEY_FILE = '../includes/privatekey.p12';
$expires = time() + 10000;
$string_to_sign = "GET\n"."\n"."\n".$expires."\n\n"."/bucketname/image.gif";
$signer = new Google_P12Signer(file_get_contents(KEY_FILE), "notasecret");
$signature_s = $signer->sign($string_to_sign);
$finalSignature = urlencode(base64_encode($signature_s));
$host = "https://storage.googleapis.com/bucketname/image.gif";
$url = $host. "?GoogleAccessId=" . SERVICE_ACCOUNT_NAME . "&Expires=" . $expires . "&Signature=".$finalSignature;
I tried changing the host to https://bucketname.commondatastorage.googleapis.com and https://livmedia.storage.googleapis.com as suggested by some online(nothing worked) -> everything throws the same error "SignatureDoesNotMatch"
Can someone please help me in this process... Is there any default acl needs to be added to the bucket on the whole to get the signature thing work?
This is my code
// Signed URL
const SERVICE_ACCOUNT_NAME = 'ararara...@developer.gserviceaccount.com';
const KEY_FILE = '../includes/privatekey.p12';
$expires = time() + 10000;
$string_to_sign = "GET\n"."\n"."\n".$expires."\n\n"."/bucketname/image.gif";
$signer = new Google_P12Signer(file_get_contents(KEY_FILE), "notasecret");
$signature_s = $signer->sign($string_to_sign);
$finalSignature = urlencode(base64_encode($signature_s));
$host = "https://storage.googleapis.com/bucketname/image.gif";
$url = $host. "?GoogleAccessId=" . SERVICE_ACCOUNT_NAME . "&Expires=" . $expires . "&Signature=".$finalSignature;
I tried changing the host to https://bucketname.commondatastorage.googleapis.com and https://livmedia.storage.googleapis.com as suggested by some online(nothing worked) -> everything throws the same error "SignatureDoesNotMatch"
Message has been deleted
Rodrigo Emygdio
Jan 23, 2014, 2:51:11 PM1/23/14
to google-api...@googlegroups.com
Hi,
Try this approach:
$expiry = time() + 3600;
$key = 'the_target_file';
$bucketName = 'bucket_name';
$accessId = 'my_access_id';
$stringPolicy = "GET\n\n\n".$expiry."\n/".$bucketName."/".$key;
$fp = fopen('gcs.pem', 'r');
$priv_key = fread($fp, 8192);
fclose($fp);
$pkeyid = openssl_get_privatekey($priv_key,"password");
if (openssl_sign( $stringPolicy, $signature, $pkeyid, 'sha256' )) {
$signature = urlencode( base64_encode( $signature ) );
echo 'https://'.$bucketName.'.commondatastorage.googleapis.com/'.
$key.'?GoogleAccessId='.$accessId.'&Expires='.$expiry.'&Signature='.$signature;
}
I found this approach on the StackOverFlow: http://stackoverflow.com/questions/20754279/creating-signed-urls-for-google-cloud-storage-using-nodejs
To generate the .pem see on this link:
Reply all
Reply to author
Forward
0 new messages