Uploaded image for project: 'jclouds'
  1. jclouds
  2. JCLOUDS-1400

GCS's presigned url requires blank Content-Type

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.1.0
    • Fix Version/s: 2.2.0, 2.1.1
    • Component/s: jclouds-blobstore
    • Labels:
      None

      Description

      I am trying to signPutBlob for google cloud storage.

      1)

      BlobStoreContext context = ContextBuilder.newBuilder("google-cloud-storage")
          .credentials(GOOGLE_ACCESS_KEY, GOOGLE_SECRET_KEY)
          .buildView(BlobStoreContext.class);
      
      BlobStore blobStore = context.getBlobStore();
      
      Blob blob = blobStore
          .blobBuilder("3.png")
          .forSigning()
          .contentLength(20493)
          .contentType(MediaType.PNG)   // setting contentType
          .build();
      
      HttpRequest httpRequest = context
          .getSigner()
          .signPutBlob("cs-29337eeb-27c1-4dbc-805c-f01ba1744eb1", blob, 3600);
      

      2)

      PUT http://storage.googleapis.com/cs-29337eeb-27c1-4dbc-805c-f01ba1744eb1/3.png?Expires=1523454042&GoogleAccessId=access-s3%40storage-app-199609.iam.gserviceaccount.com&Signature=Aoam8qw0NYIDGDKBW4PpJXPklchTndaFwk4syrw0/K4c50hrDZFKG/oARWn1nSEKqRZlBuh2BBQtRSRNNH7Ol6Qhybo%2BX1hst7PxkaUue2iQwR%2B/t8p4izl%2BTGEJ99x2KdYsZb3Q7CmJvWkPlJ27KUGdVyJf/tTDGYwtE2uekXFxMu9r355N5RsBWBftW8kKnOaZBFsjO/q25bYs%2BAa/gQ01HfoQdDSPCYZ5QZST5G1vXYLuRcxYs3Hb33N3s5hq07/Nnopoai7CtrPKR1iSm766fzMaqZaSihXAQzCge5F25esML0kUkKvK%2BQBdFESD433Y1%2B33vg%2BZ9xvVlV3UlA%3D%3D HTTP/1.1
      
      Headers:
      Content-Type: image/png

       

      Response:

      <?xml version='1.0' encoding='UTF-8'?>
      <Error>
      <Code>SignatureDoesNotMatch</Code>
      <Message>The request signature we calculated does not match the signature you provided. Check your Google secret key and signing method.</Message>
      <StringToSign>PUT
      
      image/png
      1523454042
      /cs-29337eeb-27c1-4dbc-805c-f01ba1744eb1/3.png</StringToSign>
      </Error>
      

       

      3) With no passed content-type it becomes text/plain

      <?xml version='1.0' encoding='UTF-8'?>
      <Error>
      <Code>SignatureDoesNotMatch</Code>
      <Message>The request signature we calculated does not match the signature you provided. Check your Google secret key and signing method.</Message>
      <StringToSign>PUT
      
      text/plain
      1523454042
      /cs-29337eeb-27c1-4dbc-805c-f01ba1744eb1/3.png</StringToSign>
      </Error>
      

       

       

      4) And with passed Content-Type: "" it's okay.

       

      5) GoogleCloudStorageBlobRequestSigner.java

      @Override
      public HttpRequest signPutBlob(String container, Blob blob, long timeInSeconds) {
          return sign("PUT", container, blob.getMetadata().getName(), GetOptions.NONE, timestamp.get() + timeInSeconds, null);
      }
      
      private HttpRequest sign(String method, String container, String name, GetOptions options, long expires, String contentType) {
          checkNotNull(container, "container");
          checkNotNull(name, "name");
          ...
      }
      

      Why is the last parameter "contentType" always null? We could read it from the blob, from

      blob.getMetadata().getContentMetadata().getContentType();

       

        Attachments

          Activity

            People

            • Assignee:
              gaul Andrew Gaul
              Reporter:
              enflout Ivan Orlov
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: