Upload objects to Google Cloud Storage

1
votes

Following the answer provided in this SO question by @brandon-yarbrough, I opted to use Signed URL to upload objects to cloud storage. I generate the signed URLs through google-cloud-storage library as follows: 

private static Storage storage = StorageOptions.getDefaultInstance().getService();

URL uploadUrl = storage.signUrl(
            BlobInfo.newBuilder(IMAGE_BUCKET, fileName).build(),
            30,
            TimeUnit.MINUTES,
            Storage.SignUrlOption.httpMethod(HttpMethod.PUT));

When I try to upload a file to the generated URL, I get the error below. 

<?xml version='1.0' encoding='UTF-8'?>
<Error>
    <Code>AccessDenied</Code>
    <Message>Access denied.</Message>
    <Details>Anonymous users does not have storage.objects.create access to bucket the-awesomest-bucket.</Details>
</Error>

My understanding of signed URL was that users don't need to be authenticated, and therefore allowing anonymous users to upload data without me having to set any special permissions on the bucket. Am I missing something?

1
javagoogle-app-enginegoogle-cloud-platformgoogle-cloud-storage
Are you sure that you're including all of the query parameters with your upload request?Brandon Yarbrough
Looks like I was sending the query incorrectly - instead of sending the request as query param, i was sending it in header. Now I'm seeing 'The request signature we calculated does not match the signature you provided. Check your Google secret key and signing method'Raunak

1 Answers

0
votes

'content-type' param is optional, however if you don't define it, then it default to 'binary/octet-stream'. When you try to upload an image with a different content type, you run into signature mismatch.