I'm trying to upload an audio file to s3. It seems like there is no straightforward approach. I found a few libraries.
https://pub.dev/packages/amazon_cognito_identity_dart
This one is incompatible with the latest dart version and there is no update information also. https://github.com/jonsaw/amazon-cognito-identity-dart/issues/27 So I couldn't use it.
https://pub.dev/packages/flutter_aws_s3_client - Got deprecated
https://pub.dev/packages/aws_s3
https://pub.dev/packages/amazon_cognito_identity_dart
https://pub.dev/packages/simple_s3-
3, 4, 5, and a few more libraries using AWS Cognito pool ID for authentication, But I found that to use the Cognito pool ID, our app user authentication should be done with this service. But In our app, authentication has already been created using the JWT token. So I couldn't AWS Cognito service. But still not sure completely as we can use Cognito pool ID with JWT token authentication.
Moreover, we can do it using the native code of iOS and Android and connect it using the flutter channel. But It seems too expensive in terms of time and complexity.
We have another way that we can send the media file to our backend server and from the server-side, we can upload it to the S3 bucket.
But I'm trying to figure out a way to do this from the frontend side itself.
Thanks for any suggestions.
Related
I've created an S3 bucket and made its access level to public. I don't have AWS Cognito configured with the project. I need to use amplify_storage_s3 to get and put files to the bucket without a cognito userpool. Is this possible?
As per the official response here, it does not support.
currently it's not possible to use S3 plugin without Cognito as it is used to sign the S3 requests. You can enable guest access while configuring Auth through CLI such that your app's users wouldn't have to sign in to use S3 resources (by using the guest access)
But I found a probably workaround here
I'm using tensorflow serving version 2.2 on Docker with the client REST on Google Cloud Run, i would like to create some authentication method to improve the security.
How can I implement TF Serving with authentication ? I don't found references.
Cloud Run currently doesn’t have builtin support end-user authentication easily. You can use something like Firebase Auth with Cloud Run to authenticate interactive (browser) users.
However, it seems you have a REST API (headless requests). If you want to built authentication/authorization you pretty much have to build something like OAuth (also explained in the same link above).
If you are trying to just authenticate yourself, you can implement HTTP Basic Authentication (username:password, passed in a header).
You can add a authentication by linux firewall......
Trying to make use of the Server to Server OAuth flow defined here:
https://developers.google.com/identity/protocols/OAuth2ServiceAccount
Since I'm running from a local dev environment, I've created a service account in GCP and downloaded the JSON file with the private key, but cannot find any Node.js code examples on how to:
1) load the json file
2) set delegated credentials (for G Suite domain-wide authorization)
Places I've looked (besides stackoverflow) are Google's git wiki for the node.js client library, which does talk about server to server auth, but seems to assume you're running from appengine or google cloud and don't need to load a key file:
https://github.com/googleapis/google-api-nodejs-client#service-to-service-authentication
The Admin SDK Activities Reports API has a Node example, but it's using the web-based flow assuming a user is present:
https://developers.google.com/admin-sdk/reports/v1/quickstart/nodejs
Buried deep in the Node.js samples is use of the Directory API, which does seem to take a keyfile as input, but when I try running locally it says getClient is not a constructor, and still this example doesn't show how to set the G Suite admin user for context (which is generally when a refresh token and access token are loaded into the app):
https://github.com/googleapis/google-api-nodejs-client/blob/master/samples/directory_v1/group-delete.js
So... does anybody have an example of this? I really don't want to switch to a Python runtime but Google seems to have left out important examples on this topic.
I am struggling to understand the documentation on how to make a request to Amazon S3 API's to retrieve a list of Objects.
The documentation doesn't show how to Authorise the request using just the access key and secret. Can someone post an example? preferably something I can use in Postman to test with.
AWS supports two signature versions: Signature Version 4 and Signature Version 2.
You should use Signature Version 4. All AWS services support Signature Version 4, except Amazon SimpleDB which requires Signature Version 2.
All AWS regions support Signature Version 4.
Here is a great article by ŁUKASZ ADAMCZAK explaining how to generate and sign the S3 request using openssl and curl:
Amazon S3 REST API with curl
The real challenge will be to do the sigv4 signing. I truly urge you to use one of the established SDKs (what language are you using??). If not wrap a call to the AWS CLI.
If you really want to implement it yourself the I urge you to open source your efforts so others can benefit.
I would start by setting up the bucket with no auth (so anyone can read from it) and determine how to make a request to S3 first. You can see some raw HTTP Request examples here: https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectGET.html#RESTObjectGET-responses-examples
Then you'll be on to the fun part, sigv4 signing the request. This is a well documented process but still a good amount of effort. https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html
I am looking to access a local instance of Couchbase Server through its REST API. The HTTP GET requests are sent from Java.
The problem I am currently running into has to do with authorization.
Specifically, I have managed to use Couchbase's Basic Authorization, but only by obtaining the hashed credentials (bG9jYWw6dHdlZXRzOnBBc3Mx in the example linked to above) by monitoring a Couchbase browser session using Chrome's developer tools and inspecting the request headers.
Now, another Couchbase article mentions that Couchbase uses SHA-1 in compliance with SCRAM. However, no mention is made of how to obtain the 'salt' and 'iterations' parameters from Couchbase. Which, I assume I need to go from the credentials to the challenge solution (i.e. hashed string)
So, the question is as follows: how to get from the credentials (user="local:tweets", pass="pAss1") (from the example of the first link) to bG9jYWw6dHdlZXRzOnBBc3Mx?
Thanks in advance,
Thomas
SCRAM SHA-1 support is only for the Data (K/V) service and only through certain Couchbase SDKs which use the memcached binary protocol. The Java SDK does have support for SCRAM SHA-1.
The REST interface you appear to be using is N1QL's API. That does not support SCRAM SHA auth.
If you're looking to give some other application HTTP access, my recommendation would be to write a small Java app with Spring Boot or the like and use the Java SDK from there. Then you have complete control over how auth is done at the REST interface. A colleague wrote one of these just the other day. Note that even in this case, the Java SDK won't be using SCRAM when running N1QL queries, but you can use that as a point of control.