使用策略文档无法正常工作的基于表单的上传到Google云端存储

Question

我试图按照https://cloud.google.com/storage/docs/xml-api/post-object#policydocument上的示例进行操作。

而且我正在计算引擎上使用Java servlet，并希望用户浏览servlet页面并允许他们将上传图像导向到Google云端存储。

但返回的谷歌云存储服务器：HTTP 400错误的请求

 // Upload     
     String googleCloudStorageBucketFullPath = "http://" + m_bucketName + ".storage.googleapis.com"; 
     String googleAccessIdString = "XXXXXXX-compute@developer.gserviceaccount.com"; 
     String uploadObjectName = ""; 

     String policyDocumentString =     
      "{" + 
       "\"expiration\": \"2017-06-16T11:11:11Z\"," + 
       "\"conditions\": " + 
       "[" + 
        "[\"starts-with\", \"$key\", \"" + uploadObjectName + "\" ]," + 
        "{\"acl\": \"bucket-owner-read\" }," + 
        "{\"bucket\": \"" + m_bucketName + "\"}," + 
        //"{\"success_action_redirect\": \"http://www.example.com/success_notification.html\" }," + 
        "[\"eq\", \"$Content-Type\", \"image/jpeg\" ]," + 
        "[\"content-length-range\", 0, 1000000]" + //1 MB max. 
       "]" + 
      "}";    

     byte[] signedBase64EncodedPolicyDocumentBytes = null; 
     String base64EncodedSignedBase64EncodedPolicyDocumentString = ""; 

     //Create private key. 
     FileInputStream privateKeyInputStream = new FileInputStream(p12PKFullPath); 
     try 
     { 
      String privateKeyPassword = "notasecret"; 
      KeyStore keystore = KeyStore.getInstance("PKCS12"); 
      keystore.load(privateKeyInputStream, privateKeyPassword.toCharArray()); 

      //Sign the policy document using private key. 
      PrivateKey privateKey = (PrivateKey) keystore.getKey("privatekey", privateKeyPassword.toCharArray());       
      Signature signature = Signature.getInstance("SHA256withRSA"); 
      signature.initSign(privateKey); 
      signature.update(base64EncodedPolicyDocumentString.getBytes()); 
      signedBase64EncodedPolicyDocumentBytes = signature.sign();     
     } 
     catch(Exception ex) 
     { 
      out.write("<br>Exception=" + ex.getMessage() + "<br>");    
     } 
     finally 
     { 
      if(privateKeyInputStream != null) 
      { 
       privateKeyInputStream.close(); 
       privateKeyInputStream = null; 
      } 
     } 

     base64EncodedSignedBase64EncodedPolicyDocumentString = new String(Base64.encodeBase64(signedBase64EncodedPolicyDocumentBytes)); 

     //Create the html form 
     String htmlFormString = 
       "<form action=\"" + googleCloudStorageBucketFullPath +"\" method=\"post\" enctype=\"multipart/form-data\" accept-charset=\"UTF-8\">" + 
       "<input type=\"hidden\" name=\"key\" value=\"" + uploadObjectName + "\">" + 
       "<input type=\"hidden\" name=\"bucket\" value=\"" + m_bucketName + "\">" + 
       "<input type=\"hidden\" name=\"Content-Type\" value=\"image/jpeg\">" + 
       "<input type=\"hidden\" name=\"GoogleAccessId\" value=\"" + googleAccessIdString + "\">" + 
       "<input type=\"hidden\" name=\"acl\" value=\"bucket-owner-read\">" + 
       //"<input type=\"hidden\" name=\"success_action_redirect\" value=\"http://www.example.com/success_notification.html\">" + 
       "<input type=\"hidden\" name=\"policy\" value=\"" + base64EncodedPolicyDocumentString + "\">" + 
       "<input type=\"hidden\" name=\"signature\" value=\"" + base64EncodedSignedBase64EncodedPolicyDocumentString + "\">" + 

       "<input name=\"file\" type=\"file\">" + 
       "<input type=\"submit\" value=\"Upload\">" + 
       "</form>"; 

     out.write("<br>signature=" + base64EncodedSignedBase64EncodedPolicyDocumentString + "<br>"); 
     out.write(htmlFormString); 

Answer 1

最后，我发现这个问题是，上传的对象名称缺失，但https://cloud.google.com/storage/docs/xml-api/post-object，不提供对象名称，所以我不知道为什么示例代码不提供上传对象的名称和作品..