Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Session Token required when using Temporary Credentials #63

Open
realcbnewham opened this issue Mar 25, 2024 · 0 comments
Open

Session Token required when using Temporary Credentials #63

realcbnewham opened this issue Mar 25, 2024 · 0 comments

Comments

@realcbnewham
Copy link

When using generatePresignedUrl(), if temporary credentials are used the resulting URL does not have the required X-Amz-Security-Token parameter (the Session Token from generated credentials). AWS will report that the URL has a missing or invalid token. Note that a session token is not required when using normal key and secret credentials and the generatePresignedUrl() works as expected.

If the token is uuencoded and is manually appended to the generated URL then the AWS server accepts it but complains that the signature is not correct.

My guess is that the token needs to be given as part of the credentials for setting up the client. This would then produce the correct URL with token and signature (here's a Java version I have in another project I worked on):

credentials = BasicSessionCredentials(
currentCredentials.accessKey,
currentCredentials.secretAccessKey,
currentCredentials.sessionToken
)

s3Client = AmazonS3Client(credentials, Region.getRegion(AWS_REGION), config)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@realcbnewham