S3 Query String Authentication Generator

2008 August 14
tags: , ,
by George

I was trying out a feature of S3, called query string authentication today. It basically means that you can access a file on S3 that wouldn’t normally be accessible to the public by providing s3 with a cocktail of encrypted information so it can decide that it’s you (or someone you allowed to use the file).

Or, more accurately, I was trying too. You see, to access it like that you need to generate a certificate, which is really complicated. I couldn’t find anything on the developer website documenting this. So, naturally, I made my own.

I should note at this point that I took one that wasn’t working and fixed it, made sure it didn’t send my details anywhere, and added a bit of authentication and security to it.

The new script will take your information, and form a perfect URL for accessing any file you can find on your S3 account. It requires your S3 public and private keys, though - that’s how you encrypt the information you send. In essence, you access the script like this:

s3querystringauthentication.php?key=key&path=directory/anotherdir/filename

Where the key is a predefined checkword you put into the script so it doesn’t just generate for anyone, and path is the relative address to the file inside your bucket. For instance, my file is gsp.s3.amazonaws.com/directory/file.jpg. The path is directory/file.jpg.

And it gives you a link that you can use to access it. And that link expires after about a year (modifyable in the script). I made it so I could give clients access to their work while it was still safe online.

Okay, onwards. To configure the script, you open it up, edit the two s3 key values near the top, set the authentication key to whatever you want (right at the top) and input your bucket name. Then you’re ready to go, load it on any php server* and it’ll run.

* - The server must be able to run hash_hmac. You should ask your host about this.

Some Important Notes:

This script is released under the GNU GPL license. I’m not liable for anything that happens either directly or indirectly because of it’s use, but look at it this way- I use it for my work.

You should store the script somewhere that the general public won’t see it, or are unlikely to go. LIke yourdomain/589523478092/adjdsalfkf/3824935/somename.php . Just in case :)

If you have any problems, hit the contact button on this site, and I’ll do my best to help out.

DOWNLOAD!

from → Code

2 Comments leave one →
2008 August 16
Donace permalink

sounds cool man; so cool in fact that I already hav a request for you.
most likely if I use this script it would be in conjuncture with wordpress, so a plugin that can access the scrript and creat masked urls to use on the wp site would be great.

one other feature is moving the main part of the script above public level and have a loginform of sorts to access it from public level.

i’ll think of more later :p

2008 October 15
Matt permalink

Just wanted to say thanks for this, works like a charm. Was struggeling a little to get something like this working myself and the script you provide here is perfect. I never usually comment on these things but really wanted to say a big thanks!

Leave A Comment

Note: You can use basic XHTML in your comments. Your email address will never be published.

Subscribe to this comment feed via RSS