为验证 AWS S3 REST API 调用生成 V4 授权标头和预签名 URL
如果您正在使用 Vapor,请查看 VaporS3Signer。
- 纯 Swift
- 自动生成所有必需的标头
- V4 授权标头
- V4 预签名 URL
- 支持 DELETE/GET/HEAD/PUT/POST
- 单块上传
- 多块上传
Swift 包管理器
要使用 Swift 包管理器安装,请将包添加到您的 Package.swift 文件中
Import PackageDescription
let package = Package(
name: "Your_Project_Name",
targets: [],
dependencies: [
.package(url: "https://github.com/JustinM1/S3SignerAWS.git", from: "4.0.0")
]
)
关于负载的说明
请求可以具有签名负载或未签名负载。
-
如果您知道请求将没有负载,请将 Payload 属性设置为 none。 这会告诉 S3,签名是在没有预期负载的情况下创建的
-
如果您不确定确切的负载会是什么,请将 payload 属性设置为 unsigned。 这会告诉 S3,在您创建签名时,可能存在负载,但您不确定将上传哪个特定对象。
-
Payload枚举public enum Payload { case data(Data) case none case unsigned }
要开始使用 S3SignerAWS 类,请初始化一个类似于下面示例的实例
let s3Signer = S3SignerAWS(accessKey: "YOUR_AWS_PUBLIC_KEY", secretKey: "YOUR_AWS_SECRET_KEY", region: .usStandard_usEast1)
注意 - 出于安全原因,不建议在客户端上硬编码密钥。
对于 V4 授权标头和预签名 URL,您可以根据您的特定用例添加其他标头。
GET
do {
guard let url = URL(string: "https://s3.amazonaws.com/bucketName/testUploadImage.png") else { throw someError }
let headers = try s3Signer.authHeaderV4(httpMethod: .get, urlString: url.absoluteString, headers: [:], payload: .none)
var request = URLRequest(url: url)
request.httpMethod = HTTPMethod.get.rawValue
headers.forEach { request.setValue($0.key, forHTTPHeaderField: $0.value) }
// make network request
} catch {
//handle error
}
}
PUT
do {
let bytesObject = try someDataObject.makeBytes()
guard let url = URL(string: "https://s3.amazonaws.com/bucketName/testUploadImage.png") else { throw someError }
let headers = try s3Signer.authHeadersV4(httpMethod: .put, urlString: url.absoluteString, headers: [:], payload: .bytes(bytesObject))
var request = URLRequest(url: url)
request.httpMethod = HTTPMethod.put.rawValue
request.httpBody = Data(bytes: bytesObject)
headers.forEach { request.setValue($0.key, forHTTPHeaderField: $0.value) }
// make network request
} catch {
//handle error
}
}
DELETE
do {
guard let url = URL(string: "https://s3.amazonaws.com/bucketName/testUploadImage.png") else { throw someError }
let headers = try s3Signer.authHeadersV4(httpMethod: .delete, urlString: url.absoluteString, headers: [:], payload: .none)
var request = URLRequest(url: url)
request.httpMethod = HTTPMethod.delete.rawValue
headers.forEach { request.setValue($0.key, forHTTPHeaderField: $0.value) }
// make network request
} catch {
//handle error
}
}
与生成身份验证标头一样简单,要生成预签名 URL
let presignedURL = signer.presignedURLV4(httpMethod: HTTPMethod, urlString: String, expiration: TimeFromNow, headers: [String: String]) -> String