====== Authentication with .Net/c# ======
^ Documentation ^|
^Name:| Authentication with .Net/c# |
^Description:| How to setup amazon.s3 nuget for c# to authenticate with ceph |
^Modification date :|07/11/2018|
^Owner:|dodger|
^Notify changes to:|Owner|
^Tags:| oracle, deadlocks|
^Scalate to:|DBA|
====== Instructions ======
RadosGW seems to not be happy when using AWS4 authentication method.\\
Ignore ceph's official documentation, it doesn't work.\\
Making ''radosgw'' log in ''debug level 10'' (or more):
radosgw -n client.rgw.bvmld-osgw-101 --debug-rgw=20 -f --debug_ms 20
You'll see a wonderful:
...
2018-11-07 12:19:47.943779 7f36ddffb700 20 RGWEnv::set(): HTTP_AUTHORIZATION: AWS4-HMAC-SHA256 Credential=****/20181107/us-east-1/s3/aws4_request, SignedHeaders=host;user-agent;x-amz-content-sha256;x-amz-date, Signature=*********
...
2018-11-07 12:19:29.429245 7f36ddffb700 1 ====== starting new request req=0x7f36bc011dc0 =====
2018-11-07 12:19:29.429259 7f36ddffb700 2 req 2:0.000014::GET /::initializing for trans_id = tx000000000000000000002-005be2ca41-1030-default
2018-11-07 12:19:29.429263 7f36ddffb700 10 host=bvmld-osgw-101.ciberterminal.net
2018-11-07 12:19:29.429265 7f36ddffb700 20 subdomain= domain=bvmld-osgw-101.ciberterminal.net in_hosted_domain=1
2018-11-07 12:19:29.429273 7f36ddffb700 10 meta>> HTTP_X_AMZ_CONTENT_SHA256
2018-11-07 12:19:29.429276 7f36ddffb700 10 meta>> HTTP_X_AMZ_DATE
2018-11-07 12:19:29.429281 7f36ddffb700 10 x>> x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
2018-11-07 12:19:29.429282 7f36ddffb700 10 x>> x-amz-date:20181107T111929Z
2018-11-07 12:19:29.429293 7f36ddffb700 10 s->object= s->bucket=
2018-11-07 12:19:29.429297 7f36ddffb700 2 req 2:0.000052:s3:GET /::getting op
2018-11-07 12:19:29.429298 7f36ddffb700 2 req 2:0.000054:s3:GET /:list_buckets:authorizing
2018-11-07 12:19:29.429301 7f36ddffb700 10 failed to authorize request
2018-11-07 12:19:29.429374 7f36ddffb700 2 req 2:0.000129:s3:GET /:list_buckets:http status=400
2018-11-07 12:19:29.429376 7f36ddffb700 1 ====== req done req=0x7f36bc011dc0 http_status=400 ======
As you can see: ''failed to authorize request''\\
The key option is to use an "old" version of the auth api:
config.SignatureVersion = "2";
[[https://docs.aws.amazon.com/sdkfornet/v3/apidocs/items/Runtime/TClientConfig.html|Official UN-documentation]] (there's near-to-zero information).\\
====== Sample code ======
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using Amazon;
using Amazon.S3;
using Amazon.S3.Model;
namespace ProvaS3
{
class Program
{
static void Main(string[] args)
{
string accessKey = "****";
string secretKey = "****";
AmazonS3Config config = new AmazonS3Config();
config.ServiceURL = "http://bvmld-osgw-101.ciberterminal.net";
config.UseHttp = true;
config.SignatureVersion = "2";
//config.ForcePathStyle = true;
AmazonS3Client s3Client = new AmazonS3Client(
accessKey,
secretKey,
config
);
ListObjectsRequest request = new ListObjectsRequest();
request.BucketName = "ciberpay-reporting";
ListObjectsResponse response = s3Client.ListObjects(request);
foreach (S3Object o in response.S3Objects)
{
Console.WriteLine("{0}\t{1}\t{2}", o.Key, o.Size, o.LastModified);
}
}
}
}