Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

wasabisys throws a 403 with latest [workaround included] #1184

Open
mfrederico opened this issue Feb 12, 2022 · 5 comments
Open

wasabisys throws a 403 with latest [workaround included] #1184

mfrederico opened this issue Feb 12, 2022 · 5 comments

Comments

@mfrederico
Copy link

Summary:

For wasabisys - Apparently there are breaking changes as far back as 1.1.0 .. so only 1.0.0 works.
I'm still digging into this issue, maybe someone has further light and knowledge to assist on helping this over the line?

Problem:

`PHP Fatal error:  Uncaught AsyncAws\Core\Exception\Http\ClientException: HTTP 403 returned for "https://s3.us-west-1.wasabisys.com/ ... `

Code:    InvalidAccessKeyId
Message: The AWS Access Key Id you provided does not exist in our records.
Type:
Detail:
 in /var/www/html/default/swimwms/vendor/async-aws/core/src/Response.php:406
Stack trace:
#0 /var/www/html/default/swimwms/vendor/async-aws/core/src/Response.php(423): AsyncAws\Core\Response::AsyncAws\Core\{closure}()
#1 /var/www/html/default/swimwms/vendor/async-aws/core/src/Response.php(160): AsyncAws\Core\Response->getResolveStatus()
#2 /var/www/html/default/swimwms/vendor/async-aws/core/src/Response.php(105): AsyncAws\Core\Response->resolve()
#3 [internal function]: AsyncAws\Core\Response->__destruct()
#4 {main}
  thrown in /var/www/html/default/swimwms/vendor/async-aws/core/src/Response.php on line 406

Resolution:

So those of you who experience technical difficulties uploading to wasabi here is a non-ideal workaround:
composer --ignore-platform-reqs require async-aws/s3 -v 1.0.0

  • So far this appears okay with PHP 8.1
@mfrederico
Copy link
Author

Side note: I'd be willing to provide a key and ARN to a wasabi s3 bucket for testing if necessary.

@mfrederico
Copy link
Author

mfrederico commented Feb 12, 2022
edited

Looking at the diffs between
1.1.0 (fcf78eb936632d66215c6b8019c6c71ee224454a) and 1.0.0 (5f49759b8bf284027981b9a3a03564b51deaaf42)

  • It does appear that the addition of the chunked stream is new. I'm curious if this is an incompatibility on the wasabi side?

I did find this from a java client:
https://wasabi-support.zendesk.com/hc/en-us/articles/360003523031-How-do-I-use-AWS-Signature-Version-4-with-Wasabi-

I found this on their API website:
https://wasabi.com/wp-content/themes/wasabi/docs/API_Guide/index.html#t=topics%2FOperations_on_Objects_Not_Supported_in_Wasabi.htm

@jderusse
Copy link
Member

could you give a try and disable this option https://async-aws.com/clients/s3.html#chunked-body ?

@mfrederico
Copy link
Author

mfrederico commented Feb 12, 2022
edited

Hmm.. that doesn't seem to do it either .. I did also find this sad-fact with wasabi:
https://wasabi.com/wp-content/themes/wasabi/docs/API_Guide/index.html#t=topics%2FAuthenticating_Requests.htm

Apparently if it's a AWS4 version signature, it ALWAYS has to go to us-east-1?

[EDIT]

I updated my ARN / endpoints / etc to us-east-1 and it still fails.

@mfrederico
Copy link
Author

a blank s3bucket.ini (parsed from script) fill in your details - if you need a wasabi ARN / key secret for testing I can give you one offline.

accessKey=
secretKey=
endpoint='https://s3.us-west-1.wasabisys.com'
roleArn=''
region='us-west-1'

Here is my script I am using (commandline)

#!/usr/bin/php -q
<?php
        require('../vendor/autoload.php');
        //use AsyncAws\Core\Configuration;
        use AsyncAws\S3\S3Client;

if (!empty($argv[1]) && !empty($argv[2])) {
        $file   = $argv[1];
        $uri    = $argv[2];

        // get my bucket and folder from argv[2]
        list($bucket, $folder) = explode('/',$uri,2);

        if (file_exists($file)) {

        // ini file with my s3 bucket data in it
                $data = parse_ini_file('../s3bucket.ini');

                $config = [
                        'region'            => $data['region'],
                        'endpoint'          => $data['endpoint'],
                        'roleArn'           => $data['roleArn'],
                        'accessKeyId'       => $data['accessKey'],
                        'accessKeySecret'   => $data['secretKey'],
                        'pathStyleEndpoint' => true,
                        'sendChunkedBody'   => false,
                ];

                $s3 = new S3Client($config);
                try {
                        $file_name  = basename($file);
                        print "- Attempting to upload: {$file} as {$data['endpoint']}/{$bucket}/{$folder}/{$file_name}\n";
                        $info       = $s3->PutObject( ['Bucket'=>$bucket,'Key'=>$folder.'/'.$file_name,'Body'=>\fopen($file,'r') ]);
                }
                catch (Exception $e) {
                        print_r($e->getMessage());
                }
                print "URL: {$data['endpoint']}/{$bucket}/{$folder}/$file_name\n";
        }
        else {
                print "File does not exist: {$file}\n";
                die();
        }
}
else {
        print "Usage: {$argv[0]} LocalFileName bucketUri\n";
        die("Please specify a filename and bucket to upload to.\n");
};

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mfrederico @jderusse