OiO.lk Community platform!

Oio.lk is an excellent forum for developers, providing a wide range of resources, discussions, and support for those in the developer community. Join oio.lk today to connect with like-minded professionals, share insights, and stay updated on the latest trends and technologies in the development field.
  You need to log in or register to access the solved answers to this problem.
  • You have reached the maximum number of guest views allowed
  • Please register below to remove this limitation

Dockerized MinIO Presigned URL SignatureDoesNotMatch with Flask

  • Thread starter Thread starter Pedro Rossi
  • Start date Start date
P

Pedro Rossi

Guest
I have a dockerized Flask + MinIO application.

When creating the MinIO client with Flask, I use the Docker alias "minio". If I use "localhost:9000", it will fail to connect.

Code:
minio_client = Minio(
    "minio:9000",
    access_key="abc123",
    secret_key="123abc",
    secure=False
)

When I create a presigned URL to be able to access an object:

Code:
minio_client.presigned_get_object(bucket_name, file_name)

It will give me a URL like this, where I replace the "minio:9000" with "localhost:9000", but that gives me the error:

Code:
http://minio:9000/images/images.jpeg?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=...&X-Amz-Date=...&X-Amz-Expires=...&X-Amz-SignedHeaders=host&X-Amz-Signature=..."


<Code>SignatureDoesNotMatch</Code>
<Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message>

From what I've been able to tell, the issue is that my client is signing using host "minio:9000" and I am trying to acces it using "localhost:9000". I have been able to make it work by adding this line to my /etc/hosts: 127.0.0.1 minio, but I wanted a more definitive solution.

Dockerfile​


Code:
FROM python:3.9-slim

# Install dependencies for psycopg2-binary
RUN apt-get update && apt-get install -y \
    gcc \
    libpq-dev \
    && rm -rf /var/lib/apt/lists/*

WORKDIR /app

COPY . /app

RUN pip install --no-cache-dir -r requirements.txt

EXPOSE 5000

ENV FLASK_APP=server/server.py

ENV PYTHONPATH=/app

CMD ["flask", "run", "--host=0.0.0.0"]

docker-compose.yml​


Code:
version: '3.8'

services:
  flask_app:
    build:
      context: .
      dockerfile: Dockerfile
    environment:
      MINIO_ACCESS_KEY: abc123
      MINIO_SECRET_KEY: 123abc
      MINIO_BROWSER_REDIRECT_URL: localhost:9001
      MINIO_SERVER_URL: localhost:9001
    ports:
      - "5000:5000"
    depends_on:
      - minio
    volumes:
      - .:/app

  minio:
    image: minio/minio:latest
    environment:
      MINIO_ACCESS_KEY: abc123
      MINIO_SECRET_KEY: 123abc
    volumes:
      - minio-data:/data
    ports:
      - "9000:9000"
      - "9001:9001"
    command: server --address ":9000" --console-address ":9001" /data

volumes:
  minio-data:
<p>I have a dockerized Flask + MinIO application.</p>
<p>When creating the MinIO client with Flask, I use the Docker alias "<code>minio</code>". If I use "<code>localhost:9000</code>", it will fail to connect.</p>
<pre><code>minio_client = Minio(
"minio:9000",
access_key="abc123",
secret_key="123abc",
secure=False
)
</code></pre>
<p>When I create a presigned URL to be able to access an object:</p>
<pre><code>minio_client.presigned_get_object(bucket_name, file_name)
</code></pre>
<p>It will give me a URL like this, where I replace the "minio:9000" with "localhost:9000", but that gives me the error:</p>
<pre><code>http://minio:9000/images/images.jpe......&X-Amz-SignedHeaders=host&X-Amz-Signature=..."


<Code>SignatureDoesNotMatch</Code>
<Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message>
</code></pre>
<p>From what I've been able to tell, the issue is that my client is signing using host "minio:9000" and I am trying to acces it using "localhost:9000".
I have been able to make it work by adding this line to my /etc/hosts: <code>127.0.0.1 minio</code>, but I wanted a more definitive solution.</p>
<h3>Dockerfile</h3>
<pre><code>FROM python:3.9-slim

# Install dependencies for psycopg2-binary
RUN apt-get update && apt-get install -y \
gcc \
libpq-dev \
&& rm -rf /var/lib/apt/lists/*

WORKDIR /app

COPY . /app

RUN pip install --no-cache-dir -r requirements.txt

EXPOSE 5000

ENV FLASK_APP=server/server.py

ENV PYTHONPATH=/app

CMD ["flask", "run", "--host=0.0.0.0"]
</code></pre>
<h2>docker-compose.yml</h2>
<pre><code>version: '3.8'

services:
flask_app:
build:
context: .
dockerfile: Dockerfile
environment:
MINIO_ACCESS_KEY: abc123
MINIO_SECRET_KEY: 123abc
MINIO_BROWSER_REDIRECT_URL: localhost:9001
MINIO_SERVER_URL: localhost:9001
ports:
- "5000:5000"
depends_on:
- minio
volumes:
- .:/app

minio:
image: minio/minio:latest
environment:
MINIO_ACCESS_KEY: abc123
MINIO_SECRET_KEY: 123abc
volumes:
- minio-data:/data
ports:
- "9000:9000"
- "9001:9001"
command: server --address ":9000" --console-address ":9001" /data

volumes:
minio-data:
</code></pre>
 
Top