Problem description
The AccessKeyId field in the Authorization header is left empty.
Causes
You initiated a request that used the V2 signature, but the AccessKeyId field in the Authorization header is left empty.
Examples
The following code provides an example of a request that uses the V2 signature and the format of the Authorization header is invalid.
GET /oss.jpg HTTP/1.1
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
Date: Tue, 20 Dec 2022 08:48:18 GMT
Authorization: OSS2 AccessKeyId:,AdditionalHeaders:host,Signature:n7I**I0=The signature version and information in the Authorization header must be separated by spaces.
Signature version: Only
OSS2is supported.Signature information: The signature information is displayed in the form of key-value pairs (key:value). Separate key-value pairs with commas (,) and separate keys and values with colon (:).
The key of the signature information includes two required fields (
AccessKeyIdandSignature) and one optional field (AdditionalHeaders). In this example, the preceding fields are used as keys in the Authorization header, but theAccessKeyIdfield is left empty.
Solutions
Make sure that the format of the Authorization header in the request that uses the V2 signature meets the preceding requirements. The following code provides an example:
GET /oss.jpg HTTP/1.1
Host: oss-example.oss-cn-hangzhou.aliyuncs.com
Date: Tue, 20 Dec 2022 08:48:18 GMT
Authorization: OSS2 AccessKeyId:44**07,AdditionalHeaders:host,Signature:n7I**I0=References
If you want to use Alibaba Cloud SDKs to initiate a request that uses the V2 signature, see Overview.
Use the self-signed mode.
If you want to calculate the V2 signature, see Calculate V2 signature by using OSS SDK for Python.
If you want to specify the signature logic, see Overview.
If the server returns a response that contains the
StringToSignparameter, you can check whether the value of the StringToSign parameter on the server is the same as the string before calculation.