我要建一个Mac应用程序和不可以使用AWS的iOS SDK。 GET请求，我试图建立应遵循这种一般格式为：

I'm building a mac application and not using the AWS iOS SDK. The GET request I'm trying to build should follow this general format:

授权：AWS+ AWSAccessKeyId +：+的base64（HMAC-SHA1（动词+\ N                                  +内容-MD5 +\ N                                  +内容类型+\ N                                  +日期+\ N                                  + CanonicalizedAmzHeaders +\ N                                  + CanonicalizedResource））

"Authorization: AWS " + AWSAccessKeyId + ":" + base64(hmac-sha1(VERB + "\n" + CONTENT-MD5 + "\n" + CONTENT-TYPE + "\n" + DATE + "\n" + CanonicalizedAmzHeaders + "\n" + CanonicalizedResource))

由于在的亚马逊的文档。我一直在寻找全国各地的澄清，似乎照了很多人，很多为Base64哈希的领域都是可选的。

As provided as "pseudo syntax" in the Amazon docs. I've been searching all over for clarification and it seems that according to a lot of people, many of the fields in the base64 hash are optional.

下面是我想出了这么远。但我得到的回应是AWS说：不支持的授权类型并参考了授权字段中的头一个错误。我越来越真的在这里难住了。任何深入了解如何调试和解决这个问题？

Below is what I came up with so far. But the response I get is an error from AWS saying "Unsupported Authorization Type" making reference to the 'Authorization' field in the header. I'm getting really stumped here. Any insight into how to debug or fix this?

是否有任何其他的方式去产生pre-签订的URL的OBJ下S3？

Is there any other way to go about generating pre-signed urls in Obj C for S3?

-(NSURLRequest*) requestWithURL: (NSString*) reqURL

{

NSMutableURLRequest *mutableRequest = [[NSMutableURLRequest alloc] initWithURL:[NSURL URLWithString:reqURL]];
NSString* headerField = @"Authorization: ";
NSString* stringToSign = @"GET\n\n\n\n\n";

NSString* hash = [self hmacsha1:stringToSign key:SECRET_KEY];
NSString *authHeader = [NSString stringWithFormat: @"AWS%@:%@", ACCESS_KEY_ID, hash];
NSURLResponse *resp = nil;
NSError *error = nil;


[mutableRequest addValue:authHeader forHTTPHeaderField:headerField];
NSData *response = [NSURLConnection sendSynchronousRequest: mutableRequest returningResponse: &resp error: &error];
NSString *responseString = [[NSString alloc] initWithData:response encoding:NSUTF8StringEncoding];


return (NSURLRequest*) mutableRequest;

}

- (NSString *)hmacsha1:(NSString *)text key:(NSString *)secret {
    NSData *secretData = [secret dataUsingEncoding:NSUTF8StringEncoding];
    NSData *clearTextData = [text dataUsingEncoding:NSUTF8StringEncoding];
    unsigned char result[20];
    CCHmac(kCCHmacAlgSHA1, [secretData bytes], [secretData length], [clearTextData bytes], [clearTextData length], result);

    char base64Result[32];
    size_t theResultLength = 32;
    NSData *theData = [NSData dataWithBytes:base64Result length:theResultLength];
    NSString* encodedData = [NSString stringWithFormat:@"%@",[theData base64Encoding]];

    return encodedData;
}

base64编码是通过从的这个帖子

推荐答案

要验证你需要连接code中的stringToSign查询字符串：

To authenticate the query string you need to encode the stringToSign:

Signature = URL-Encode( Base64( HMAC-SHA1( YourSecretAccessKeyID, UTF-8-Encoding-Of( StringToSign ) ) ) );

StringToSign = HTTP-VERB + "\n" +
        Content-MD5 + "\n" +
        Content-Type + "\n" +
        Expires + "\n" +
        CanonicalizedAmzHeaders +
        CanonicalizedResource;

当一个浏览器发出GET请求，也不会提供一个内容MD5或一个Content-Type头，也不会在设置任何的x amz-标头，所以StringToSign的那些部分留为空白。

When a browser makes the GET request, it won't provide a Content-MD5 or a Content-Type header, nor will it set any x-amz- headers, so those parts of the StringToSign are left blank.

您需要签署以下

GET\n
\n
\n
1175139620\n

/johnsmith/photos/puppy.jpg

和浏览器会发送请求是：

And the request that the browser will send is:

GET /photos/puppy.jpg?AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&
    Signature=NpgCjnDzrM%2BWFzoENXmpNDUsSn8%3D&
    Expires=1175139620 HTTP/1.1

Host: johnsmith.s3.amazonaws.com

注意，内容类型可同时从请求和stringToSign，但 \ñ省略保持在stringToSign它。其余的相同的选的部位。

Note that the Content-Type is omitted from both the request and the stringToSign, but \n remains in the stringToSign for it. The same of the rest of the optional parts.

请参阅在验证例子

为您在 AWS单证