For files less than 5mb my configuration is working to upload. For files larger than 5mb they always fail with Post response from AWS:
<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message>..
I am using NodeJS, with the relevant functions from the demo s3handler.js unchanged eg: the signRestRequest() function appears to be working as expected per this documentation:
For files less than 5mb with this configuration, resume works if the connection is closed and then re-open automatically. I am hosting the page and NodeJS in the same local Ubuntu VM. My browser side configuration:
$('#fineUploader').fineUploaderS3({
request: {
endpoint: "https://s3-us-west-2.amazonaws.com/bucket-name-redacted/",
accessKey: "keyredacted",
},
signature: {
endpoint: "http://192.168.1.203:8000/s3handler"
},
uploadSuccess: {
endpoint: "http://192.168.1.203:8000/s3UploadSuccess"
},
retry: {
enableAuto: true
},
chunking: {
enabled: true //not working
},
resume: {
enabled: true
}
});
This is the response before it is SHA1 HMac encoded, then base64 encoded:
POST
application/pdf
x-amz-acl:private
x-amz-date:Fri, 05 Jun 2015 19:26:17 GMT
x-amz-meta-qqfilename:filename.pdf
/bucket-name/13af5c15-ba04-4375-a6f9-25c2691ed827.pdf?uploads
My temporary test S3 Bucket CORS configuration:
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>DELETE</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<ExposeHeader>ETag</ExposeHeader>
<AllowedHeader>x-amz-acl</AllowedHeader>
<AllowedHeader>x-amz-meta-qqfilename</AllowedHeader>
<AllowedHeader>x-amz-date</AllowedHeader>
<AllowedHeader>x-amz-server-side-encryption</AllowedHeader>
<AllowedHeader>authorization</AllowedHeader>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
I can provide any additional information as required and have purchased a license. Thanks!!
This is the header sent to the AWS post for a multi-part upload:
If AWS reports that your signature is incorrect, then the issue is with your signature generation code. As documented, chunked requests (by default files greater than 5 MB) use S3's multipart upload API, and the signature requirements are different.
The following is from Fine Uploader's documentation, specific to chunked uploads:
Chunked Uploads
Fine Uploader S3 uses Amazon S3's REST API to initiate, upload, complete, and abort multipart uploads. The REST API handles authentication by signing canonically formatted headers. This signing is something you need to implement server-side. All your server needs to do to authenticate and supported chunked uploads direct to Amazon S3 is sign a string representing the headers of the request that Fine Uploader sends to S3. This string is found in the payload of the signature request:
{ "headers": /* string to sign */ }
The precense of this property indicates to your sever that this is, in fact, a request to sign a REST/multipart request and not a policy document.
This signature for the headers string differs slightly from the policy document signature. You should NOT base64 encode the headers string before signing it. All you must do, server-side, is generate an HMAC SHA1 signature of the string using your AWS secret key and then base64 encode the result. Your server should respond with the following in the body of an 'application/json' response:
{ "signature": /* signed headers string */ }