vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/obs/s3api/en-us_topic_0125560309.html
Jawei, Li 1a4c1a720a OBS s3api 2.0.38.SP5 
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: Jawei, Li <lijiawei5@huawei.com>
Co-committed-by: Jawei, Li <lijiawei5@huawei.com>
2022-11-16 14:51:13 +00:00

113 lines
10 KiB
HTML
Raw Blame History

<a name="EN-US_TOPIC_0125560309"></a><a name="EN-US_TOPIC_0125560309"></a>
<h1 class="topictitle1">V4 Browser-based Authorized POST Request</h1>
<div id="body19009700"><p id="EN-US_TOPIC_0125560309__p41062959">OBS supports browser-based <strong id="EN-US_TOPIC_0125560309__b1822695210522">POST</strong> object uploading requests. The authentication information about these requests is uploaded by a form. <a href="#EN-US_TOPIC_0125560309__table27141505">Table 1</a> lists the mandatory parameters.</p>
<div class="tablenoborder"><a name="EN-US_TOPIC_0125560309__table27141505"></a><a name="table27141505"></a><table cellpadding="4" cellspacing="0" summary="" id="EN-US_TOPIC_0125560309__table27141505" frame="border" border="1" rules="all"><caption><b>Table 1 </b>V4 POST uploading authentication parameters in the form</caption><thead align="left"><tr id="EN-US_TOPIC_0125560309__row53734669"><th align="left" class="cellrowborder" valign="top" width="35.15%" id="mcps1.3.2.2.3.1.1"><p id="EN-US_TOPIC_0125560309__p57540904">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="64.85%" id="mcps1.3.2.2.3.1.2"><p id="EN-US_TOPIC_0125560309__p30301652">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="EN-US_TOPIC_0125560309__row38514744"><td class="cellrowborder" valign="top" width="35.15%" headers="mcps1.3.2.2.3.1.1 "><p id="EN-US_TOPIC_0125560309__p32686589">Policy</p>
</td>
<td class="cellrowborder" valign="top" width="64.85%" headers="mcps1.3.2.2.3.1.2 "><p id="EN-US_TOPIC_0125560309__p30368075">The value of this parameter is a code in Base64 format. It is the code of the security policy of this request.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0125560309__row4877220"><td class="cellrowborder" valign="top" width="35.15%" headers="mcps1.3.2.2.3.1.1 "><p id="EN-US_TOPIC_0125560309__p59510545">x-amz-algorithm</p>
</td>
<td class="cellrowborder" valign="top" width="64.85%" headers="mcps1.3.2.2.3.1.2 "><p id="EN-US_TOPIC_0125560309__p55624859">Indicates a signature algorithm. For a V4 signature, the value of the parameter is fixed to <strong id="EN-US_TOPIC_0125560309__b30861686">AWS4-HMAC-SHA256</strong>.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0125560309__row9319721"><td class="cellrowborder" valign="top" width="35.15%" headers="mcps1.3.2.2.3.1.1 "><p id="EN-US_TOPIC_0125560309__p16699940">x-amz-credential</p>
</td>
<td class="cellrowborder" valign="top" width="64.85%" headers="mcps1.3.2.2.3.1.2 "><p id="EN-US_TOPIC_0125560309__p10517875">In addition to the <strong id="EN-US_TOPIC_0125560309__b27552014">access key ID</strong>, region and service information must be provided. The information must be the same as that used to calculate the <strong id="EN-US_TOPIC_0125560309__b4466122517520">Signing Key</strong>. The value of this parameter is expressed in the following format:</p>
<p id="EN-US_TOPIC_0125560309__p17120631">&lt;your-access-key-id&gt;/&lt;date&gt;/&lt;AWS-region&gt;/&lt;AWS-service&gt;/aws4_request.OBS region</p>
<p id="EN-US_TOPIC_0125560309__p19867951">The value is the same as that used for common authentication.</p>
<p id="EN-US_TOPIC_0125560309__p44593832">Example:</p>
<p id="EN-US_TOPIC_0125560309__p65800171">AKIAIOSFODNN7EXAMPLE/20150721/region-1/s3/aws4_request.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0125560309__row55330634"><td class="cellrowborder" valign="top" width="35.15%" headers="mcps1.3.2.2.3.1.1 "><p id="EN-US_TOPIC_0125560309__p52596356">x-amz-date</p>
</td>
<td class="cellrowborder" valign="top" width="64.85%" headers="mcps1.3.2.2.3.1.2 "><p id="EN-US_TOPIC_0125560309__p32446463">Indicates the request generation time. It is in the ISO 8601 format. The value must be the same as that of the <strong id="EN-US_TOPIC_0125560309__b15530630185218">x-am-date</strong> field in the policy.</p>
<p id="EN-US_TOPIC_0125560309__p10917859">Example:</p>
<p id="EN-US_TOPIC_0125560309__p31151867">20150721T201207Z.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0125560309__row11931350"><td class="cellrowborder" valign="top" width="35.15%" headers="mcps1.3.2.2.3.1.1 "><p id="EN-US_TOPIC_0125560309__p26915331">x-amz-signature</p>
</td>
<td class="cellrowborder" valign="top" width="64.85%" headers="mcps1.3.2.2.3.1.2 "><p id="EN-US_TOPIC_0125560309__p32658192">Indicates the HMAC-SHA256 hash value of the policy in V4.</p>
</td>
</tr>
</tbody>
</table>
</div>
<p id="EN-US_TOPIC_0125560309__p37765421"></p>
<p id="EN-US_TOPIC_0125560309__p18790652153320">Policy is a character string in JSON format and consists of two parts:<strong id="EN-US_TOPIC_0125560309__b87891652103320"></strong></p>
<ul id="EN-US_TOPIC_0125560309__ul13156185443311"><li id="EN-US_TOPIC_0125560309__li11545116342"><strong id="EN-US_TOPIC_0125560309__b715481153416">expiration</strong> (indicates the request expiration time).</li><li id="EN-US_TOPIC_0125560309__li197722010123412"><strong id="EN-US_TOPIC_0125560309__b37721310183413">conditions</strong> (indicates parameter restrictions in the form).</li></ul>
<p id="EN-US_TOPIC_0125560309__p484171210347">An example is as follows:</p>
<pre class="screen" id="EN-US_TOPIC_0125560309__screen29909685121539">{
"expiration": "2015-08-06T12:00:00.000Z",
"conditions": [
{"bucket": "bucketname"},
["starts-with", "$key", "user/user1/"],
{"acl": "public-read"},
{"success_action_redirect":
"http://acl6.obs.example.com/successful_upload.html"},
["starts-with", "$Content-Type", "image/"],
{"x-amz-meta-uuid": "14365123651274"},
["starts-with", "$x-amz-meta-tag", ""],
{"x-amz-credential": "AKIAIOSFODNN7EXAMPLE/20150806/region-1/s3/aws4_request"},
{"x-amz-algorithm": "AWS4-HMAC-SHA256"},
{"x-amz-date": "20150806T000000Z" }
]
}</pre>
<p id="EN-US_TOPIC_0125560309__p38884035"><a href="#EN-US_TOPIC_0125560309__table42946954">Table 2</a> lists the mandatory parameters of Policy.</p>
<div class="tablenoborder"><a name="EN-US_TOPIC_0125560309__table42946954"></a><a name="table42946954"></a><table cellpadding="4" cellspacing="0" summary="" id="EN-US_TOPIC_0125560309__table42946954" frame="border" border="1" rules="all"><caption><b>Table 2 </b>Mandatory parameters of Policy in V4 POST uploading requests</caption><thead align="left"><tr id="EN-US_TOPIC_0125560309__row63147504"><th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.9.2.3.1.1"><p id="EN-US_TOPIC_0125560309__p14674162">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="50%" id="mcps1.3.9.2.3.1.2"><p id="EN-US_TOPIC_0125560309__p47756489">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="EN-US_TOPIC_0125560309__row43070429"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.9.2.3.1.1 "><p id="EN-US_TOPIC_0125560309__p66152725">x-amz-algorithm</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.9.2.3.1.2 "><p id="EN-US_TOPIC_0125560309__p56770522">Indicates the used signature algorithm. In V4, the value of the parameter is <strong id="EN-US_TOPIC_0125560309__b41172652">AWS4-HMAC-SHA256</strong>.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0125560309__row35009555"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.9.2.3.1.1 "><p id="EN-US_TOPIC_0125560309__p17201705">x-amz-credential</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.9.2.3.1.2 "><p id="EN-US_TOPIC_0125560309__p51160835">In addition to the <strong id="EN-US_TOPIC_0125560309__b57794333">access key ID</strong>, region and service information must be provided. The information must be the same as that used to calculate the <strong id="EN-US_TOPIC_0125560309__b50386953">Signing Key</strong>. The value of this parameter is expressed in the following format:</p>
<p id="EN-US_TOPIC_0125560309__p50829401">&lt;your-access-key-id&gt;/&lt;date&gt;/&lt;AWS-region&gt;/&lt;AWS-service&gt;/aws4_request.</p>
<p id="EN-US_TOPIC_0125560309__p54811429">Example:</p>
<p id="EN-US_TOPIC_0125560309__p23540813">AKIAIOSFODNN7EXAMPLE/20150721/region-1/s3/aws4_request.</p>
</td>
</tr>
<tr id="EN-US_TOPIC_0125560309__row10540732"><td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.9.2.3.1.1 "><p id="EN-US_TOPIC_0125560309__p48492984">x-amz-date</p>
</td>
<td class="cellrowborder" valign="top" width="50%" headers="mcps1.3.9.2.3.1.2 "><p id="EN-US_TOPIC_0125560309__p35617665">Indicates the Start time of the validity period of <strong id="EN-US_TOPIC_0125560309__b52123534">Signing Key</strong>. The value is expressed in ISO 8601 format. The value must be the same as that of the <strong id="EN-US_TOPIC_0125560309__b66458622">x-am-date</strong> field in the Signing Key.</p>
<p id="EN-US_TOPIC_0125560309__p61256692">Example:</p>
<p id="EN-US_TOPIC_0125560309__p14439320">20150721T201207Z</p>
</td>
</tr>
</tbody>
</table>
</div>
<p id="EN-US_TOPIC_0125560309__p62599163"></p>
<p id="EN-US_TOPIC_0125560309__p26521557">The signature calculation process of V4 POST uploading requests is similar to that of V4 common requests. The only difference lies in the <strong id="EN-US_TOPIC_0125560309__b36981836195210">Policy</strong> in the request used by <strong id="EN-US_TOPIC_0125560309__b57281770">StringToSign</strong> in V4. The <strong id="EN-US_TOPIC_0125560309__b45773889">Policy</strong> is obtained by Base64 encoding based on the original <strong id="EN-US_TOPIC_0125560309__b9311818">Policy</strong> character string. <a href="#EN-US_TOPIC_0125560309__fig1971331315531">Figure 1</a> shows the computing process.</p>
<div class="fignone" id="EN-US_TOPIC_0125560309__fig1971331315531"><a name="EN-US_TOPIC_0125560309__fig1971331315531"></a><a name="fig1971331315531"></a><span class="figcap"><b>Figure 1 </b>Signature calculation process of objects uploaded using V4 POST uploading requests</span><br><span><img id="EN-US_TOPIC_0125560309__image19713141365314" src="en-us_image_0125560298.png" title="Click to enlarge" class="imgResize"></span></div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="en-us_topic_0125560435.html">Authenticating a Request</a></div>
</div>
</div>
<script language="JavaScript">
<!--
image_size('.imgResize');
var msg_imageMax = "view original image";
var msg_imageClose = "close";
//--></script>
View Git Blame Copy Permalink