aws-sdk-php: SignatureDoesNotMatch with presigned URL

I have the following code

$client = S3Client::factory(array('region' => 'eu-west-1','key' => 'xxx','secret' => 'xxx',));

$command = $client->getCommand('PutObject', array(
    'Bucket' => 'myBucket',
    'Key' => 'testing/signed_'.time(),
    'ContentType' => 'image/jpeg',
    'Body' => 'dump' //it's mandatory, it's not needed here
));
$signedUrl = $command->createPresignedUrl('+5 minutes');
$signedUrl .= '&Content-Type=image%2Fjpeg';
echo("\n\nThe URL is: ". $signedUrl . "\n");
echo("Now run from console for upload:\ncurl -v -H \"Content-Type: image/jpeg\" -T /tmp/temp.jpg '" . $signedUrl . "'");

When trying to use curl command I’m getting and error SignatureDoesNotMatch with message The request signature we calculated does not match the signature you provided. Check your key and signing method.

The similar code in aws-sdk for Javascript is working, so I thing there is an issue in aws-sdk-php.

Please help me. It’s urgent 👍

About this issue

  • Original URL
  • State: closed
  • Created 10 years ago
  • Comments: 31 (10 by maintainers)

Most upvoted comments

Just a note that GET, POST, PUT, DELETE, and other HTTP verbs all require a different signature. If you try to use a PUT pre-signed URL to do a POST, it will (and should) fail.

I too am testing this functionality using this code

$client = S3Client::factory(array('region' => 'us-east-1','key' => 'xxx','secret' => 'xxx',));
$url = $client->getCommand('PutObject', array(
            'Bucket' => $this->getBucket(),
            'Key' => $uploadKey,
            'ContentType' => 'image/jpeg',
            'Body'        => '',
            'ContentMD5'  => false
        ))->createPresignedUrl('+5 minutes');

Which generates a URL string for me. However, I have tried sending both a POST and a PUT request to this result URL attaching an image file as binary post body data, and I get:

<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message> ...

Am I calculating the URL incorrectly or am I sending the file improperly?

In case someone else is looking at this and is in a similar situation as me, I got a similar SignatureDoesNotMatchError when my s3 bucket’s CORS Configuration did not contain <AllowedHeader>*</AllowedHeader>

I ran into this when moving from one bucket to another, copying all the settings except for the CORS Configuration.