调用COS的GET Service接口报403无权限?

  • 回答 (2)
  • 关注 (0)
  • 查看 (1631)

Exception in thread "main" com.qcloud.cos.exception.CosServiceException: Access Denied. (Status Code: 403; Error Code: AccessDenied; Request ID: NTllMDg1NmRfMWViMjM1MGFfM2E5OV8zYmI3YmU=); Trace ID: OGVmYzZiMmQzYjA2OWNhODk0NTRkMTBiOWVmMDAxODc0OWRkZjk0ZDM1NmI1M2E2MTRlY2MzZDhmNmI5MWI1OTY4OGQ5OWY4YWFhNjAzOTkyNDJhZmQyOTk1YWVmOWFlNGM3NmZiOTk0OTQ4NTQyNGUzOGRjOGJkOWExNzY2ZGQ=

用户1052274用户1052274提问于
Jinqn

腾讯 · 高级工程师 (已认证)

腾讯云COS前端开发修改于
推荐

贴一下你的 AppId 和计算过程?

看了回复,是 formatUri 不应该写域名,请填 '/'

用户1052274回答于

appid:1254563210

用的你们JAVA SDK里面的计算方法,由于是get service,formatUri 我填的是“service.cos.myqcloud.com”

//我的函数调用

private static final String LIST_BUCKET_URL = "service.cos.myqcloud.com";

public List<Bucket> listBuckets()

{

CosServiceRequest cosServiceRequest = new CosServiceRequest();

CosHttpRequest<CosServiceRequest> request =new CosHttpRequest<CosServiceRequest>(cosServiceRequest);

request.setHttpMethod(HttpMethodName.GET);

request.addHeader(Headers.USER_AGENT, clientConfig.getUserAgent());

request.addHeader(Headers.HOST, LIST_BUCKET_URL);

request.setProtocol(clientConfig.getHttpProtocol());

request.setEndpoint(LIST_BUCKET_URL);

request.setResourcePath(LIST_BUCKET_URL);

return invoke(request, new Unmarshallers.ListBucketsUnmarshaller());

}

//计算的函数(sdk里面的)

public String buildAuthorizationStr(HttpMethodName methodName, String resouce_path,

Map<String, String> headerMap, Map<String, String> paramMap, COSCredentials cred) {

Map<String, String> signHeaders = buildSignHeaders(headerMap);

// 签名中的参数和http 头部 都要进行字符串排序

TreeMap<String, String> sortedSignHeaders = new TreeMap<>();

TreeMap<String, String> sortedParams = new TreeMap<>();

sortedSignHeaders.putAll(signHeaders);

sortedParams.putAll(paramMap);

String qHeaderListStr = buildSignMemberStr(sortedSignHeaders);

String qUrlParamListStr = buildSignMemberStr(sortedParams);

String qKeyTimeStr, qSignTimeStr;

qKeyTimeStr = qSignTimeStr = buildTimeStr();

String signKey = HmacUtils.hmacSha1Hex(cred.getCOSSecretKey(), qKeyTimeStr);

String formatMethod = methodName.toString().toLowerCase();

String formatUri = resouce_path;

String formatParameters = formatMapToStr(sortedParams);

String formatHeaders = formatMapToStr(sortedSignHeaders);

String formatStr = new StringBuilder().append(formatMethod).append(LINE_SEPARATOR)

.append(formatUri).append(LINE_SEPARATOR).append(formatParameters)

.append(LINE_SEPARATOR).append(formatHeaders).append(LINE_SEPARATOR).toString();

if (null ==formatUri||"".equals(formatUri))

{

formatStr = new StringBuilder().append(formatMethod)

.append(LINE_SEPARATOR)

.append(formatParameters)

.append(LINE_SEPARATOR)

.append(formatHeaders)

.append(LINE_SEPARATOR)

.toString();

}

String hashFormatStr = DigestUtils.sha1Hex(formatStr);

String stringToSign = new StringBuilder().append(Q_SIGN_ALGORITHM_VALUE)

.append(LINE_SEPARATOR).append(qSignTimeStr).append(LINE_SEPARATOR)

.append(hashFormatStr).append(LINE_SEPARATOR).toString();

String signature = HmacUtils.hmacSha1Hex(signKey, stringToSign);

String authoriationStr = new StringBuilder().append(Q_SIGN_ALGORITHM_KEY).append("=")

.append(Q_SIGN_ALGORITHM_VALUE).append("&").append(Q_AK).append("=")

.append(cred.getCOSAccessKeyId()).append("&").append(Q_SIGN_TIME).append("=")

.append(qSignTimeStr).append("&").append(Q_KEY_TIME).append("=").append(qKeyTimeStr)

.append("&").append(Q_HEADER_LIST).append("=").append(qHeaderListStr).append("&")

.append(Q_URL_PARAM_LIST).append("=").append(qUrlParamListStr).append("&")

.append(Q_SIGNATURE).append("=").append(signature).toString();

return authoriationStr;

}

所属标签

可能回答问题的人

  • 波斯狗儿

    5 粉丝0 提问28 回答
  • galenye

    腾讯 · 工程师 (已认证)

    5 粉丝0 提问29 回答
  • Jinqn

    腾讯 · 高级工程师 (已认证)

    11 粉丝0 提问51 回答
  • 杨泽华

    腾讯云 · 高级解决方案架构师 (已认证)

    14 粉丝0 提问0 回答
  • 售中交付团队

    腾讯 · 售中项目经理 (已认证)

    1 粉丝0 提问0 回答
  • Knightseal

    0 粉丝0 提问0 回答

扫码关注云+社区

领取腾讯云代金券