whodat
November 9, 2021, 11:36am
1
I’m attempting to connect my Backblaze B2 account with the cloud settings within the app - but the Authentication keeps failing. I go to:
Settings → Cloud Connections → S3 → “+”
Then input:
Display name (not important)
Access Key (backblaze application key)
Secret key (backblaze secret key)
Existing Bucket (backblaze bucket ID)
Endpoint (full domain provided by backblaze)
Region (shortened as per backblaze instructions)
What am I missing? It keeps returning authentication failed.
Thank you for any help.
1 Like
Hey and welcome to the Cryptomator Community ,
Maybe you run into the following issue which is still not enhanced :
Hey,
The “Display Name” is only the name of the cloud connection to identify it again. In S3 there it is not possible to use an email and URL combination or something like that. That’s why the user need to specify a name which identifies this cloud connection but it is only stored in the local database and not used for something else. That means your “Display Name” isn’t related to this problem.
Currently we still need the “Allow List All Bucket Names” scope, maybe this isn’t granted to this c…
whodat
November 9, 2021, 6:08pm
3
Hello SailReal,
I understand that, which is why I left those details out. I could make up any name correct? For example “XYZ” because that is reference name to the saved config for the app correct?
At one point I had it working, however the update removed that connection. Do I have the other details correct?
Could you give me an example of what a working S3 connection to backblaze looks like? I want to eliminate any chances of user error before moving to debug process.
Thank you for the help!
Yes, the display-name is completely irrelevant for the connection, it is only used for us humans to identify the cloud connection again. But I posted the link above regarding the “Allow List All Bucket Names” permission, is this granted for those access credentials?
As you wrote that it worked with the previous version, maybe you run also into this issue:
opened 09:58PM - 24 Oct 21 UTC
closed 09:59PM - 24 Oct 21 UTC
type:upstream-bug
state:wont-fix
storage:s3
### Please agree to the following
- [X] I have searched [existing issues](htt… ps://github.com/cryptomator/android/issues?q=) for duplicates
- [X] I agree to follow this project's [Code of Conduct](https://github.com/cryptomator/android/blob/develop/.github/CODE_OF_CONDUCT.md)
### Summary
Bucket names that does not follow Amazon S3 standards cannot be used since Cryptomator version 1.6.0
### System Setup
```markdown
- Android: X
- Cryptomator: 1.6.0
```
### Cloud Type
S3
### Steps to Reproduce
1. Use a vault stored in a bucket with the name `fooBar` in Cryptomator for Android version 1.5.x
2. Update to Cryptomator for Android version 1.6.x
### Expected Behavior
Vault can be still accessed
### Actual Behavior
Using 1.6.0 the communicate fail with an `java.lang.IllegalArgumentException: fooBar` due to `bucket name does not follow Amazon S3 standards. For more information refer http://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html
at io.minio.BucketArgs$Builder.validateBucketName(BucketArgs.java:57)`
### Reproducibility
Always
### Relevant Log Output
```shell
D ActivityLifecycle onResumeFragments org.cryptomator.presentation.ui.activity.S3AddOrChangeActivity@8e664a3
D PresenterLifecycle resume org.cryptomator.presentation.presenter.S3AddOrChangePresenter@9e88cbb
V Progress AUTHENTICATION -1%
D ConnectToS3UseCase started 3421f045
D ConnectToS3UseCase failed 3421f045
V Progress COMPLETED -1%
D ExceptionHandler Unexpected error
java.lang.IllegalArgumentException: fooBar : bucket name does not follow Amazon S3 standards. For more information refer http://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html
at io.minio.BucketArgs$Builder.validateBucketName(BucketArgs.java:57)
at io.minio.BucketArgs$Builder.bucket(BucketArgs.java:72)
at org.cryptomator.data.cloud.s3.S3Impl.checkAuthentication(S3Impl.kt:342)
at org.cryptomator.data.cloud.s3.S3CloudContentRepository$Intercepted.checkAuthenticationAndRetrieveCurrentAccount(S3CloudContentRepository.kt:167)
at org.cryptomator.data.cloud.s3.S3CloudContentRepository$Intercepted.checkAuthenticationAndRetrieveCurrentAccount(S3CloudContentRepository.kt:62)
at org.cryptomator.data.cloud.InterceptingCloudContentRepository.checkAuthenticationAndRetrieveCurrentAccount(InterceptingCloudContentRepository.kt:194)
at org.cryptomator.data.repository.DispatchingCloudContentRepository.checkAuthenticationAndRetrieveCurrentAccount(DispatchingCloudContentRepository.kt:182)
at org.cryptomator.domain.usecases.cloud.ConnectToS3.execute(ConnectToS3.java:21)
at org.cryptomator.domain.usecases.cloud.ConnectToS3UseCase$Launcher$2.call(ConnectToS3UseCase.java:92)
at io.reactivex.internal.operators.flowable.FlowableFromCallable.subscribeActual(FlowableFromCallable.java:39)
at io.reactivex.Flowable.subscribe(Flowable.java:14935)
at io.reactivex.Flowable.subscribe(Flowable.java:14882)
at io.reactivex.internal.operators.flowable.FlowableSubscribeOn$SubscribeOnSubscriber.run(FlowableSubscribeOn.java:82)
at io.reactivex.internal.schedulers.ExecutorScheduler$ExecutorWorker$BooleanRunnable.run(ExecutorScheduler.java:288)
at io.reactivex.internal.schedulers.ExecutorScheduler$ExecutorWorker.run(ExecutorScheduler.java:253)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
at java.lang.Thread.run(Thread.java:929)
ErrorCode: R99J:U8K1
```
### Anything else?
The "problem" is due to the switch from Amazon's `aws-sdk-android` lib to the `minio-java` from minio. Surprisingly, minio enforce naming conventions from Amazon that Amazon itself does not require in its own lib :swea.
### Workaround
Rename bucket to apply those conventions
Please verify that the bucked name is valid against the following rules: Bucket naming rules - Amazon Simple Storage Service
whodat
November 9, 2021, 10:30pm
5
The bucket name meets those criteria, it is randomly generated all lower case letters no special characters, spaces or numbers.
Does the “exisiting bucket” field need the bucket title name in backblaze or the full bucket ID (long generated string of numbers and characters)?
While creating the bucket, it is the Bucket Unique Name
(the name you specified, not the bucked ID).
Just created a test account myself and what worked was:
Access Key
= keyID
Secrect Key
= applicationKey
While creating the application key I enabled Allow List All Bucket Names
whodat
November 10, 2021, 6:19pm
7
This was exactly the problem causing my issues. The screenshot should help anyone else in the future!
Thank you again SailReal!
whodat
November 10, 2021, 8:55pm
8
Connection was authenticated, so at least it is connected now.
Any idea why I’m unable to create a new vault within the cloud bucket?
I’m getting “an error occurred”
Are you sure you enabled write access for this Access Key
? If you did, please enable debug mode, reproduce the problem and send us the log file: How do I enable debug mode on Android?
e95v5s
December 5, 2021, 11:21am
10
I pinpointed the exact place when it breaks.
Cryptomator works if during Backblaze’s “Add Application Key” I select “Allow access to Bucket(s):” to “All”
and cryptomator stops working if I limit the key to a specific bucket regardless if I select “Allow List All Bucket Names:” checkbox or not.