Pre-Signed URL (AWS)

Pre-Signed URL (AWS)

AWS

 

Pre-Signed URL (AWS)

pre-signed URL  is URL  which   is used  to give   access to person for some time with authentication token /Signature  and expiry  on.it  . The user  need not  have the AWS console Sign in credentials .This URL  has Following format  query string with

Http url resource + AWSAccessKeyId+ Expires+Signature

AWSAccessKeyId=ACCESSKEYXXXX&Expires=1459944479&Signature=vba%2BH0F0p9b02n2qyhTFY4Bxjkg%3D

Example

https://my-first-s3-bucket-e3ee683e-b260-4aad-923b-31fa838c6a2e.s3.amazonaws.com/PresignedUrlAndUploadObject.txt?AWSAccessKeyId=ACCESSKEYXXXX&Expires=1459897385&Signature=zJhX0CfSnD6QFgD6fzOlfqk%2FsxM%3D

https://my-first-s3-bucket-e3ee683e-b260-4aad-923b-31fa838c6a2e.s3.amazonaws.com/MyObjectKey?AWSAccessKeyId=ACCESSKEYXXXX&Expires=1459879476&Signature=5Bh1AUuF3U5Vjw0Ah7EdojE9XDY%3D

https://my-first-s3-bucket-63529645-5e01-4406-bf85-75ffc0fd00b1.s3.amazonaws.com/PresignedUrlAndUploadObject.txt?AWSAccessKeyId=ACCESSKEYXXXX&Expires=1459879632&Signature=ypaabCtSnztLp%2FpzxjT2ZvMxhkg%3D

https://my-first-s3-bucket-63529645-5e01-4406-bf85-75ffc0fd00b1.s3.amazonaws.com/PresignedUrlAndUploadObject.txt?AWSAccessKeyId=ACCESSKEYXXXX&Expires=1459883171&Signature=VvcDoikAKnnMWAPuVIg18bG3FcE%3D

https://my-first-s3-bucket-e3ee683e-b260-4aad-923b-31fa838c6a2e.s3.amazonaws.com/PresignedUrlAndUploadObject.txt?AWSAccessKeyId=ACCESSKEYXXXX&Expires=1459897385&Signature=zJhX0CfSnD6QFgD6fzOlfqk%2FsxM%3D

 

Sometime Pre-Signed URL gives error downloading the file  with below mentioned Message.

<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message>

 

The  error is when you send a presigned url which  has been  created for HTTP PUT to upload a file and you are  trying to view the file  via Browser .

URL are different for PUT .GET ,….other DELETE etc VERBS

generatePresignedUrlRequest.setMethod(HttpMethod.PUT);  This Line has different HttpMethod verbs

So make sure  the URL  youa re using is  for  right Verb

To generate a  URL  for  download via browser  you  have to comment this   line

//generatePresignedUrlRequest.setMethod(HttpMethod.PUT);

Aa We   knoe  pre-signed URL gives you access to the object identified in the URL, provided that the creator of the pre-signed URL has permissions to access that object.

A pre-signed URL  can be made for HTTP PUT  get or download via browser and all may  have different urls

generatePresignedUrlRequest.setMethod(HttpMethod.PUT);  This Line has different HttpMethod verbs

where PUT is used to upload file via url  HTTP PUT method.

 

So Its not mandatory to  upload  an object to get a pre-signed url .

We can get  pre-signed url    for existing object also in S3 to send it to user to download files from S3 so that they can download file from browser .

It is Something similar to google drive where  user shares a link and the link owner can  see the File even he does not have google account. GOOGLE DRIVE get shareable link

 

Example code for generating pre-signed url    for existing object also in S3

 

Create an instance of the AmazonS3 class.
Generate a pre-signed URL by executing the AmazonS3.generatePresignedUrl method.

You provide a bucket name, an object key, and an expiration date by creating an instance of the GeneratePresignedUrlRequest class. You don’t have  to  specify the HTTP verb PUT when creating this URL as you are not  upload an object.
Anyone with the pre-signed URL can upload an object.

The upload creates an object or replaces any existing object with the same key that is specified in the pre-signed URL.

 

 

public static String generatepreassignedkeyforexistingfile (String bucketName ,String objectKey) {

AmazonS3 s3client = new AmazonS3Client(new ProfileCredentialsProvider());

Region usWest2 =  Region.getRegion( Regions.US_WEST_2

);

s3client.setRegion(usWest2);

URL url = null;

try {

System.out.println(“Generating pre-signed URL.”);

java.util.Date expiration = new java.util.Date();

long milliSeconds = expiration.getTime();

milliSeconds += 1000 * 60 * 60; // Add 1 hour.

expiration.setTime(milliSeconds);

 

GeneratePresignedUrlRequest generatePresignedUrlRequest =

new GeneratePresignedUrlRequest(bucketName, objectKey);

//generatePresignedUrlRequest.setMethod(HttpMethod.PUT);

generatePresignedUrlRequest.setExpiration(expiration);

 

url = s3client.generatePresignedUrl(generatePresignedUrlRequest);

 

 

 

System.out.println(“Pre-Signed URL = ” + url.toString());

} catch (AmazonServiceException exception) {

System.out.println(“Caught an AmazonServiceException, ” +

“which means your request made it ” +

“to Amazon S3, but was rejected with an error response ” +

“for some reason.”);

System.out.println(“Error Message: ” + exception.getMessage());

System.out.println(“HTTP  Code: ”    + exception.getStatusCode());

System.out.println(“AWS Error Code:” + exception.getErrorCode());

System.out.println(“Error Type:    ” + exception.getErrorType());

System.out.println(“Request ID:    ” + exception.getRequestId());

} catch (AmazonClientException ace) {

System.out.println(“Caught an AmazonClientException, ” +

“which means the client encountered ” +

“an internal error while trying to communicate” +

” with S3, ” +

“such as not being able to access the network.”);

System.out.println(“Error Message: ” + ace.getMessage());

} catch (Exception e) {

// TODO Auto-generated catch block

e.printStackTrace();

}

return “Pre-Signed URL = ” + url.toString();

}

Lets  see  what can  we do from Eclipse UI

so in order to use Eclispe  we have to  install new software

http://aws.amazon.com/eclipse – http://aws.amazon.com/eclipse

 

installamazonsdktoeclipse

 

Once you finish this step

you can  install explorer view  to see s3 bucket and files

Go to explorer view by Show AWS explorer view in AWS toolbar icon

installamazonsdktoeclipse1

It will ask you for credential for aws console   once you place those credentials  you can choose your region

and see all your AWS resource

So here we are   just talking about S3  but same can be use to create table, Query for Dynamodb also .

So right click  on S3 node gives  you menu to create new  bucket Delete  etc

 

 

now in this screenshot  you can see  i went  to bucket screen

On click bucket

installamazonsdktoeclipse2

Developer can open  contents of bucket in Open in bucket editor screen

We have another option  to upload file

Just drag the file  from desktop to the  screen and you will see file is getting uploaded to s3 bucket which was mentioned in bucket editor screen

its asking for objectkey  wich is filename in this context  and it will upload a file

 

installamazonsdktoeclipse3

In java  you can upload file  via these 3 lines

System.out.println(“Uploading a new object to S3 from a file\n”);
s3.putObject(new PutObjectRequest(bucketName, key, SampleFile));

SampleFileis a File object

and

S3 is  AmazonS3Client

AmazonS3 s3 = new AmazonS3Client(credentials);

Some code fragments to  loop the s3  file and summary are mentioned below to do

the process in java

AWSCredentials credentials = null;
try {
credentials = new ProfileCredentialsProvider(“default”).getCredentials();
} catch (Exception e) {
throw new AmazonClientException(
“Cannot load the credentials from the credential profiles file. ” +
“Please make sure that your credentials file is at the correct ” +
“location (C:\\Users\\Jitender.Thakur\\.aws\\credentials), and is in valid format.”,
e);
}

AmazonS3 s3 = new AmazonS3Client(credentials);
Region usWest2 =  Region.getRegion( Regions.US_WEST_2
);
s3.setRegion(usWest2);

  1. To delete  a bucket   you have to delete all files in Bucket first .When  bucket is Empty delete Bucket

 

System.out.println(“Listing objects”);
ObjectListing objectListing = s3.listObjects(new ListObjectsRequest()
.withBucketName(bucketName)
);
for (S3ObjectSummary objectSummary : objectListing.getObjectSummaries()) {
System.out.println(” – ” + objectSummary.getKey() + ”  ” +
“(size = ” + objectSummary.getSize() + “)”);
//new method
generatepreassignedkeyforexistingfile(bucketName,objectSummary.getKey()) ;
s3.deleteObject(bucketName, key);

}
System.out.println();

then

s3.deleteBucket(bucketName);

 

  • Check all buckets you have

for (Bucket bucket : s3.listBuckets()) {
System.out.println(” – ” + bucket.getName());

}

Creating bucket with check for existing bucket as bucket should be globally unique

 try {
credentials = new ProfileCredentialsProvider(“default”).getCredentials();
} catch (Exception e) {
throw new AmazonClientException(
“Cannot load the credentials from the credential profiles file. ” +
“Please make sure that your credentials file is at the correct ” +
“location (C:\\Users\\Jitender.Thakur\\.aws\\credentials), and is in valid format.”,
e);
}

AmazonS3 s3 = new AmazonS3Client(credentials);
Region usWest2 = Region.getRegion(Regions.US_WEST_2);
s3.setRegion(usWest2);
tx = new TransferManager(s3);

 private void createAmazonS3Bucket() {
try {
if (tx.getAmazonS3Client().doesBucketExist(bucketName) == false) {
tx.getAmazonS3Client().createBucket(bucketName);
}
} catch (AmazonClientException ace) {
//   JOptionPane.showMessageDialog(frame, “Unable to create a new Amazon S3 bucket: ” + ace.getMessage(),
//    “Error Creating Bucket”, JOptionPane.ERROR_MESSAGE);
}
}

 

Social media & sharing icons powered by UltimatelySocial

Terms and Conditions - Privacy Policy