I am trying to upload a image file to amazon s3. The setup is as follows:
Web server: golang
Front-end: simple html form for testing
In reference with this document : http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-post-example.html
I referred to the example provided in the above document and tried this:
http://play.golang.org/p/3zn5fSDasK
package main
import "fmt"
import "encoding/base64"
func main() {
bytePolicy := []byte(`{
"expiration": "2013-08-06T12:00:00.000Z",
"conditions": [
{"bucket": "examplebucket"},
["starts-with", "$key", "user/user1/"],
{"acl": "public-read"},
{"success_action_redirect": "http://acl6.s3.amazonaws.com/successful_upload.html"},
["starts-with", "$Content-Type", "image/"],
{"x-amz-meta-uuid": "14365123651274"},
["starts-with", "$x-amz-meta-tag", ""],
{"x-amz-credential":"AKIAIOSFODNN7EXAMPLE/20130806/us-east-1/s3/aws4_request"},
{"x-amz-algorithm": "AWS4-HMAC-SHA256"},
{"x-amz-date": "20130806T000000Z" }
]
}`)
fmt.Println(base64.StdEncoding.EncodeToString(bytePolicy))
}
The result I got with this
eyAKICAgICAgICAgICAgICAgICAgICAgICAgImV4cGlyYXRpb24iOiAiMjAxMy0wOC0wNlQxMjowMDowMC4wMDBaIiwKICAgICAgICAgICAgICAgICAgICAgICAgImNvbmRpdGlvbnMiOiBbCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHsiYnVja2V0IjogImV4YW1wbGVidWNrZXQifSwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBbInN0YXJ0cy13aXRoIiwgIiRrZXkiLCAidXNlci91c2VyMS8iXSwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgeyJhY2wiOiAicHVibGljLXJlYWQifSwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgeyJzdWNjZXNzX2FjdGlvbl9yZWRpcmVjdCI6ICJodHRwOi8vYWNsNi5zMy5hbWF6b25hd3MuY29tL3N1Y2Nlc3NmdWxfdXBsb2FkLmh0bWwifSwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBbInN0YXJ0cy13aXRoIiwgIiRDb250ZW50LVR5cGUiLCAiaW1hZ2UvIl0sCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgeyJ4LWFtei1tZXRhLXV1aWQiOiAiMTQzNjUxMjM2NTEyNzQifSwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBbInN0YXJ0cy13aXRoIiwgIiR4LWFtei1tZXRhLXRhZyIsICIiXSwKCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgeyJ4LWFtei1jcmVkZW50aWFsIjoiQUtJQUlPU0ZPRE5ON0VYQU1QTEUvMjAxMzA4MDYvdXMtZWFzdC0xL3MzL2F3czRfcmVxdWVzdCJ9LAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHsieC1hbXotYWxnb3JpdGhtIjogIkFXUzQtSE1BQy1TSEEyNTYifSwKICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIHsieC1hbXotZGF0ZSI6ICIyMDEzMDgwNlQwMDAwMDBaIiB9CiAgICAgICAgICAgICAgICAgICAgICAgICAgXQogICAgICAgICAgICAgICAgICAgIH0=
The base 64 encoded policy which is on link of amazon tutorial:
eyAiZXhwaXJhdGlvbiI6ICIyMDEzLTA4LTA3VDEyOjAwOjAwLjAwMFoiLA0KICAiY29uZGl0aW9ucyI6IFsNCiAgICB7ImJ1Y2tldCI6ICJleGFtcGxlYnVja2V0In0sDQogICAgWyJzdGFydHMtd2l0aCIsICIka2V5IiwgInVzZXIvdXNlcjEvIl0sDQogICAgeyJhY2wiOiAicHVibGljLXJlYWQifSwNCiAgICB7InN1Y2Nlc3NfYWN0aW9uX3JlZGlyZWN0IjogImh0dHA6Ly9leGFtcGxlYnVja2V0LnMzLmFtYXpvbmF3cy5jb20vc3VjY2Vzc2Z1bF91cGxvYWQuaHRtbCJ9LA0KICAgIFsic3RhcnRzLXdpdGgiLCAiJENvbnRlbnQtVHlwZSIsICJpbWFnZS8iXSwNCiAgICB7IngtYW16LW1ldGEtdXVpZCI6ICIxNDM2NTEyMzY1MTI3NCJ9LA0KICAgIFsic3RhcnRzLXdpdGgiLCAiJHgtYW16LW1ldGEtdGFnIiwgIiJdLA0KDQogICAgeyJ4LWFtei1jcmVkZW50aWFsIjogIkFLSUFJT1NGT0ROTjdFWEFNUExFLzIwMTMwODA2L3VzLWVhc3QtMS9zMy9hd3M0X3JlcXVlc3QifSwNCiAgICB7IngtYW16LWFsZ29yaXRobSI6ICJBV1M0LUhNQUMtU0hBMjU2In0sDQogICAgeyJ4LWFtei1kYXRlIjogIjIwMTMwODA2VDAwMDAwMFoiIH0NCiAgXQ0KfQ==
Why my base64 encoded policy doesn't match with that of Amazon's?
Simply because the 2 JSON source texts which produce those base64 strings have different indentation and different content as seen below (they are not equal char-by-char).
Decode both of the base64 strings, and you will see the differences. You can do that either with a program (not necessarily Go), or simply use an online service like this one.
You shouldn't worry about indentation, it doesn't matter in JSON. But when you encode a text using Base64, that encodes all characters of the source including spaces and tabs used to indent, so different indentation will result in different Base64 encoded forms.
But comparing the 2 decoded JSON, there are also other differences:
First one:
"expiration": "2013-08-06T12:00:00.000Z"
"success_action_redirect": "http://acl6.s3.amazonaws.com/successful_upload.html"
2nd one:
"expiration": "2013-08-07T12:00:00.000Z"
"success_action_redirect": "http://examplebucket.s3.amazonaws.com/successful_upload.html"
The complete decoded JSON texts:
The first one:
{
"expiration": "2013-08-06T12:00:00.000Z",
"conditions": [
{"bucket": "examplebucket"},
["starts-with", "$key", "user/user1/"],
{"acl": "public-read"},
{"success_action_redirect": "http://acl6.s3.amazonaws.com/successful_upload.html"},
["starts-with", "$Content-Type", "image/"],
{"x-amz-meta-uuid": "14365123651274"},
["starts-with", "$x-amz-meta-tag", ""],
{"x-amz-credential":"AKIAIOSFODNN7EXAMPLE/20130806/us-east-1/s3/aws4_request"},
{"x-amz-algorithm": "AWS4-HMAC-SHA256"},
{"x-amz-date": "20130806T000000Z" }
]
}
And the 2nd one:
{ "expiration": "2013-08-07T12:00:00.000Z",
"conditions": [
{"bucket": "examplebucket"},
["starts-with", "$key", "user/user1/"],
{"acl": "public-read"},
{"success_action_redirect": "http://examplebucket.s3.amazonaws.com/successful_upload.html"},
["starts-with", "$Content-Type", "image/"],
{"x-amz-meta-uuid": "14365123651274"},
["starts-with", "$x-amz-meta-tag", ""],
{"x-amz-credential": "AKIAIOSFODNN7EXAMPLE/20130806/us-east-1/s3/aws4_request"},
{"x-amz-algorithm": "AWS4-HMAC-SHA256"},
{"x-amz-date": "20130806T000000Z" }
]
}