1. 首頁
  2. 問答
  3. 訪問私人S3存儲文件

訪問私人S3存儲文件

2016-11-05 232 views
3

我從PHP文件上傳到S3 bucket.its成功上傳但是當我檢索圖像我得到以下錯誤訪問私人S3存儲文件

<Error> 
<Code>AccessDenied</Code> 
<Message>Access Denied</Message> 
<Expires>2006-03-09T07:25:20Z</Expires> 
<ServerTime>2016-11-05T04:38:24Z</ServerTime>

如果我設置公共上傳文件的時候,然後我可以找回,但我想防止未經授權的用戶。

上傳文件代碼

try{ 
    $s3 = \Storage::disk('s3'); 
    $filePath = $file->getClientOriginalName(); 
    $s3->put($filePath, file_get_contents($val), 'private'); 

    } catch (Aws\Exception\S3Exception $e) { 
     echo "There was an error uploading the file.\n"+$e; 
    }

之前問的問題,我已審閱許多網站,但它並沒有幫助我

Amazon S3 see private files

PHP Amazon S3 access private files through URL

How to access Amazon s3 private bucket object through Zend_Service_Amazon_S3

第三個鏈接正在爲我工​​作,但

1.is它是安全的在URL中傳遞訪問密鑰?

2.is是否可以查看該文件以認證用戶?

public function get_s3_signed_url($bucket, $resource, $AWS_S3_KEY, $AWS_s3_secret_key, $expire_seconds) { 
    $expires = time()+$expire_seconds; 
    // S3 Signed URL creation 
    $string_to_sign = "GET\n\n\n{$expires}\n/".str_replace(".s3.amazonAWS.com","", $bucket)."/$resource"; 
    $signature = urlencode(base64_encode((hash_hmac("sha1", utf8_encode($string_to_sign), $AWS_s3_secret_key, TRUE)))); 

    $authentication_params = "AWSAccessKeyId=".$AWS_S3_KEY; 
    $authentication_params.= "&Expires={$expires}"; 
    $authentication_params.= "&Signature={$signature}"; 
    return $link = "http://s3.amazonAWS.com/{$bucket}/{$resource}?{$authentication_params}"; 
}

來源

2016-11-05 iCoders

+0

那麼,你說,上傳工作正常,但無法訪問該對象之後?你使用什麼憑證來訪問上傳的對象?他們是否有權從桶中讀取對象?哦,是的,使用預先簽名的URL是完全可以的 - 儘管它顯示了訪問密鑰,但這是可接受的公共知識,因爲簽名是基於密鑰和哈希算法生成的。 –

+0

@ JohnRotenstein.using get_s3_signed_url方法我可以訪問文件,但問題是我的訪問密鑰對公衆可見,並在過期之前URL未經過身份驗證的用戶可以看到該圖像或文件。正如你所說的訪問密鑰是好的。關於已驗證的用戶 – iCoders

+0

@JohnRotenstein 。感謝info.no​​w我只有認證用戶的問題 – iCoders

回答

1

這裏get_s3_signed_url函數返回具有訪問鍵的url,不推薦使用。創建一個函數,從桶中獲取私有對象對象,並在服務器本地創建一個文件/圖像。使用新建圖像的路徑並在完成後刪除圖像。

代碼中的Zend:

require_once('Zend/Service/Amazon/S3.php'); 

$awsKey = 'your-key'; 
$awsSecretKey = 'your-secret-key'; 

$s3 = new Zend_Service_Amazon_S3($awsKey, $awsSecretKey); 

$bucketName = 'your-bucket-name'; 
$objectName = $bucketName . '/image.jpg'; //image path 

$info = $s3->getInfo($objectName); 

if (is_array($info)) { 
    header('Content-type: ' . $info['type']); 
    header('Content-length: ' . $info['size']); 

    file_put_contents('image.jpg', file_get_contents($s3->getObject($objectName))); 

    header('Content-Description: File Transfer'); 
    header("Content-Disposition: attachment; filename=\"image.jpg\""); 
    header('Content-Transfer-Encoding: binary'); 
    header('Cache-Control: must-revalidate'); 
    header('Pragma: public'); 
    header('Expires: 0'); 
    ob_clean(); 
    flush(); 
    readfile('image.jpg'); 
    unlink('image.jpg'); 
} else { 
    header('HTTP/1.0 404 Not Found'); 
}


代碼在PHP核心:

require_once('S3.php'); 

$awsKey = 'your-key'; 
$awsSecretKey = 'your-secret-key'; 

$s3 = new S3($awsKey, $awsSecretKey); 

$bucketName = 'your-bucket-name'; 


** To store/download one image at a time** 

$objectName = "image.jpg"; //s3 image path 
$tempFile = "image.jpg"; //temporary/local image path 

$s3->getObject($bucketName, $objectName, $tempFile); //stores the image 

if (filesize($tempFile)) { 
    header('Content-Description: File Transfer'); 
    header('Content-Type: image/png'); 
    header("Content-Disposition: attachment; filename=\"" . $tempFile . "\""); 
    header('Content-Transfer-Encoding: binary'); 
    header('Cache-Control: must-revalidate'); 
    header('Pragma: public'); 
    header('Expires: 0'); 
    header('Content-Length: ' . filesize($tempFile)); 
    ob_clean(); 
    flush(); 
    readfile($tempFile); //downloads the image 
    unlink($tempFile); //deletes the image from local 
} 

**To store/download 'n' images at a time** 

$s3ImagesFolder = 'all_images/'; //folder where all the images are 

$bucketContents = $s3->getBucket($bucketName); 

foreach ($bucketContents as $file) { 

if ((strpos($file['name'], $s3ImagesFolder) > -1)) { 
    $tempFile = end(explode("/", $file['name'])); 
    $s3->getObject($bucketName, $file['name'], $tempFile); // to store 

    //to download 
    if ($file['size']) { 
     header('Content-Description: File Transfer'); 
     header('Content-Type: image/png'); 
     header("Content-Disposition: attachment; filename=\"" . $tempFile . "\""); 
     header('Content-Transfer-Encoding: binary'); 
     header('Cache-Control: must-revalidate'); 
     header('Pragma: public'); 
     header('Expires: 0'); 
     header('Content-Length: ' . $file['size']); 
     ob_clean(); 
     flush(); 
     readfile($tempFile); //downloads the image 
     unlink($tempFile); //deletes the image from local 
    } 
    } 
}

來源

2016-11-05 05:05:23 MurthyAdapa

+0

@ Murthy.Thanks.can你提供的編碼部分 – iCoders

+0

@ Murthy.i我使用的核心PHP不是zend framework.anyway謝謝,如果你有核心的PHP代碼,然後共享,並在一次我retreiving 200+圖像friom s3 bucket.Thanks – iCoders

相關問題

 相關問題