AnsweredAssumed Answered

NetStorage ObjectStore HTTP API - 403 Error

Question asked by Szymon Jakubowski Employee on May 18, 2017
Latest reply on May 21, 2017 by Szymon Jakubowski

Hey Folks,

 

I'm stuck with getting an 403 error all the time...

 

I've created an html page and i try to make an API call via Javascript using xmlHttpRequest.

 

i make two calls first to get Time from ../time.php:

 

<?
date_default_timezone_set("UTC");
echo time();
?>

 

and then i sent local data sign to a php script:

var data_to_sign = [upload_url, action_header_value, auth_data_value, file_type];

 

<?
$received_data = json_decode(file_get_contents('php://input'), true);
$auth_data = (string)$received_data[2];
$sign_string = (string)$received_data[0] . "\n" . "x-akamai-acs-action:" . (string)$received_data[1] . "\n";
$data_to_sign = $auth_data . $sign_string;
$key = "MyAPIKey";
$signature = base64_encode(hash_hmac("sha256",$data_to_sign,$key,true));

echo $signature;
?>

 

There is also a file verification part i've cut out for now (doing both client and server side).

 

Now after i get all the data the following Request is being sent (created in Javascript using xmlHttpRequest)

 

PUT /{CP_CODE}/Upload/Akamai_Logo.png HTTP/1.1
Host: {my domain}-nsu.akamaihd.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Akamai-ACS-Action: version=1&action=upload
X-Akamai-ACS-Auth-Data: 5, 0.0.0.0, 0.0.0.0, 1495139216, 419238365, {my-user-name}
X-Akamai-ACS-Auth-Sign: 54ac7VqFhGXOlrFobje6eeG6YNWKIv/cq8OsaGN6pSU=
Referer: https://publish.sjakubowski.com/publish.html
Content-Length: 14486
Content-Type: image/png
Origin: https://publish.sjakubowski.com
Connection: keep-alive
‰PNG (File Data).

The CP Code is correct, the API key is correct, the Path exists, the upload account has full read/write permission to this cp code/ directoryI've tried adding the time via javascript ( var time = new Date(getTime());) but no change.

I've tried modifying the Accept-Encoding with Modify HTTP Headers plugin to set it to Identity but that didn't help in any way.

 

If i compare the time it seems ok:

 

Time in request: 1495139216 -> Thu, 18 May 2017 20:26:56 GMT

Server: Date: Thu, 18 May 2017 20:26:58 GMT

 

I keep getting 403 Forbidden:

 

HTTP/1.1 403 Forbidden
Content-Length: 0
Expires: Thu, 18 May 2017 20:26:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 18 May 2017 20:26:58 GMT
Connection: close
Access-Control-Allow-Headers:
Access-Control-Allow-Methods: PUT,POST,GET,HEAD,OPTIONS
Access-Control-Max-Age: 600
Access-Control-Expose-Headers: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Origin: https://publish.sjakubowski.com

 

To compare (using all the same variables) a successful output from a python script:

 

PUT /569131/Upload/Akamai_Logo.png HTTP/1.1

Host: {hostname}-nsu.akamaihd.net

Connection: keep-alive

ccept-Encoding: identity

Accept: */*

User-Agent: NetStorageKit-Python

X-Akamai-ACS-Auth-Data: 5, 0.0.0.0, 0.0.0.0, 1495140582, 1649600254, {my_username}

X-Akamai-ACS-Auth-Sign: Q4UzBhjSQUZ9cnv4FD51JNoDcag5MK6cW7H3Cu9g7Vc=

X-Akamai-ACS-Action: version=1&action=upload

Content-Length: 14486

 

200 OK and i can see the file on NetStorage.

 

Any idea's? Your help would be much appreciated!

 

Thanks!

Outcomes