.net - Cloudflare R2 Access Denied and Signature v2-v4 Problem - Stack Overflow

admin管理员组

文章数量:1122846

I am trying to use the AWS SDK for the Cloudflare R2. Here are my constructor codes and logs still I get the signature problem for POST requests.

I also can't able to GET any of my buckets. "Access Denied" Errors.

constructor

   public UploadHttpFileServerCommandHandler(ILogger<UploadHttpFileServerCommandHandler> logger, App.Api.HTTP api, Infrastructure.DB.Context.DefaultContext context, IHttpContextAccessor httpContextAccessor)
    {
        _logger = logger;
        _context = context;
        _api = api;

        try
        {
            // Initialize AmazonS3Client
            var credentials = new Amazon.Runtime.BasicAWSCredentials(_accessKey, _secretKey);
            var s3Config = new Amazon.S3.AmazonS3Config
            {
                ServiceURL = _serviceUrl, // Use Cloudflare R2 URL
                ForcePathStyle = true,   // Required for R2 compatibility
                SignatureVersion = "v4"
            };

            // Disable payload signing for streaming uploads
            typeof(Amazon.S3.AmazonS3Config)
                .GetProperty("DisablePayloadSigning")
                ?.SetValue(s3Config, true);

            _s3Client = new Amazon.S3.AmazonS3Client(credentials, s3Config);
            
            _logger.LogInformation($"Amazon S3 Config - ServiceURL: {_serviceUrl}, SignatureVersion: {s3Config.SignatureVersion}");

            _logger.LogInformation("Amazon S3 client initialized successfully.");
        }
        catch (Exception ex)
        {
            _logger.LogError(ex, "Failed to initialize Amazon S3 client.");
            throw; // Ensure the exception is propagated if initialization fails
        }

    }

presignedurl method

   private string GeneratePreSignedURL(string fileKey)
    {
        
        var request = new Amazon.S3.Model.GetPreSignedUrlRequest
        {
            BucketName = _bucketName,
            Key = fileKey,
            Expires = DateTime.UtcNow.AddMinutes(30), // URL expiration time
            Verb = Amazon.S3.HttpVerb.PUT
        };

        var preSignedUrl = _s3Client.GetPreSignedURL(request);
        _logger.LogInformation($"Generated PreSigned URL: {preSignedUrl}");
        return preSignedUrl;
    }

Here is my uplaod POST response

{ "filePaths": [], "error": "Error uploading file. Failed to upload file. Status code: Unauthorized" }

even that I see that I convert from S2 to S4 signature the log of post (upload) is:

Amazon S3 client initialized successfully. [10:58:11 INF] Generated PreSigned URL:

Failed to upload file. Status code: Unauthorized, Response: UnauthorizedSigV2 authorization is not supported. Please use SigV4 instead. [10:58:12 ERR] Error processing file System.InvalidOperationException: Failed to upload file. Status code: Unauthorized

the log of get (list) is:

response:

{ "buckets": [], "error": "Error: Access Denied" }

[10:59:54 INF] Amazon S3 client initialized successfully. [10:59:55 ERR] Error occurred while listing buckets. Amazon.S3.AmazonS3Exception: Access Denied Amazon.Runtime.Internal.HttpErrorResponseException: Exception of type 'Amazon.Runtime.Internal.HttpErrorResponseException' was thrown.

The CORS on the CloudFlare side

[
  {
    "AllowedOrigins": [
      "*"
    ],
    "AllowedMethods": [
      "GET",
      "POST",
      "PUT",
      "DELETE"
    ],
    "AllowedHeaders": [
      "Authorization",
      "Content-Type",
      "Accept"
    ],
    "ExposeHeaders": [
      "Authorization",
      "ETag",
      "Location"
    ],
    "MaxAgeSeconds": 86400
  }
]

本文标签： netCloudflare R2 Access Denied and Signature v2v4 ProblemStack Overflow