Download from AWS S3 with Authentication

>> "Your updater application is really nice and I want to use it but I need to download updates from an AWS S3 server with authentication (access key and secret key). "

We don't support 3rd part authentication methods as part of wyUpdate. It can only download from standard methods (HTTP, HTTPS, FTP, and File). If you want to limit updates to specific users, see this: https://wyday.com/wybuild/help/limit-updates.php

>> "Also, in WyBuild the "ACL of uploaded files" dropdown will not let me keep my selection of "Authenticated Read". WyBuild just changes it to "Public Read" when i click "Apply changes". I can work around this for now but it would be nice if this feature worked."

Thanks, we'll look into that.

I have an update on the "ACL of uploaded files" issue. I'm not sure what I was doing wrong but "Authenticated Read" selection is now working. I swear that i tried setting it like 10 times and it wouldn't stick, it kept switching back to "Public Read". It is working now.

Also, I got AWS S3 authentication working with a custom version of WyUpdate. I'll post my code later for others. I'm glad i could get it working because your updater suite (WyBuild, WyUpdate and AutomaticUpdater ) is rock solid. Thanks again!

In the WyUpdate source code, here is the method I adjusted to get AWS S3 Authentication to work. Its been working great! Sorry its a messy post.

static WebRequest GetRequest(string url, string aws_key, string aws_sec){ WebRequest request;

// Authenticate AWS S3 Server // here is the basic Http Web Request string s3_url = url.ToString(); // "https://" + bucketName + ".s3.amazonaws.com/ADD_PATH_HERE"; // "https://s3.amazonaws.com"; request = WebRequest.Create(s3_url) as HttpWebRequest; request.Method = "GET"; WebHeaderCollection headers = (request as HttpWebRequest).Headers; // the canonical string combines the request's data // with the current time string httpDate = DateTime.UtcNow.ToString("ddd, dd MMM yyyy HH:mm:ss " ) + "GMT"; headers.Add("x-amz-date", httpDate); // our request is very simple, so we can hard-code the string string canonicalString = "GET\n\n\n\nx-amz-date:" + httpDate + "\n/" + System.Text.RegularExpressions.Regex.Replace(s3_url, "https://s3.amazonaws.com/", "").ToString(); // bucketName + "ADD_PATH_HERE"; // now encode the canonical string Encoding ae = new UTF8Encoding(); // create a hashing object HMACSHA1 signature = new HMACSHA1(); // secretId is the hash key signature.Key = ae.GetBytes(aws_sec); byte[] bytes = ae.GetBytes(canonicalString); byte[] moreBytes = signature.ComputeHash(bytes); // convert the hash byte array into a base64 encoding string encodedCanonical = Convert.ToBase64String(moreBytes); // finally, this is the Authorization header. headers.Add("Authorization", "AWS " + aws_key + ":" + encodedCanonical);

// Original WyUpdate Code // UriBuilder uri = new UriBuilder(url); // bool hasCredentials = !string.IsNullOrEmpty(uri.UserName) && !string.IsNullOrEmpty(uri.Password); // if (hasCredentials && (uri.Scheme == Uri.UriSchemeHttp || uri.Scheme == Uri.UriSchemeHttps)) // { // // get the URL without user/password // url = (new UriBuilder(uri.Scheme, uri.Host, uri.Port, uri.Path, uri.Fragment)).ToString(); // }

// request = WebRequest.Create(url);

// request.CachePolicy = new System.Net.Cache.RequestCachePolicy(System.Net.Cache.RequestCacheLevel.NoCacheNoStore);

// if (request is HttpWebRequest) // { // request.Credentials = hasCredentials ? new NetworkCredential(uri.UserName, uri.Password) : CredentialCache.DefaultCredentials;

// // Some servers explode if the user agent is missing. // // Some servers explode if the user agent is "non-standard" (e.g. "wyUpdate / " + VersionTools.FromExecutingAssembly())

// // Thus we're forced to mimic IE 9 User agent // ((HttpWebRequest)request).UserAgent = "Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 6.1; en-US; wyUpdate)"; // }

return request; }