错误 x-amzn-errortype:对 API 网关的 DELETE 请求出现 InvalidSignatureException
Error x-amzn-errortype: InvalidSignatureException on DELETE request to API gateway
我正在尝试构建一个 javascript 应用程序。
我无法获得通过 IAM 验证的 DELETE 请求。
API 网关删除路由已配置为使用 AWS_IAM 身份验证。 Cognito 用户组附加了一个角色,该角色授予调用删除路由的权限。
我已经使用 AWS.Signers.V4
签署了请求
var httpRequest = new AWS.HttpRequest("https://bo5o2odxxx.execute-api.ap-south-1.amazonaws.com/wrhprod/"+uri, "ap-south-1");
httpRequest.headers.host = "https://bo5o2odxxx.execute-api.ap-south-1.amazonaws.com";
httpRequest.headers['Content-Type'] = "application/json";
httpRequest.method = method;
var v4signer = new AWS.Signers.V4(httpRequest, "execute-api", true);
v4signer.addAuthorization(awsCredentials, AWS.util.date.getDate());
delete httpRequest.headers['host']
delete httpRequest.headers['X-Amz-User-Agent']
我正在使用axios发送删除请求:
axios.delete('/events/2017/1523502329582',
{ headers: httpRequest.headers})
.then(response => {
//success
})
.catch(error => {
//fail
});
这是我的要求Header:
:authority: bo5o2odxxx.execute-api.ap-south-1.amazonaws.com
:method: DELETE
:path: /wrhprod/events/2017/1523502329582
:scheme: https
accept: application/json, text/plain, /
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
authorization: AWS4-HMAC-SHA256 Credential=ASIAIGIXC2II7KWVVUVA/20180413/ap-south-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token;x-amz-user-agent, Signature=f1b12cf3c1a3693f259e2f0079231974d6de0e4225bca0af3754a32eecf95277
origin: http://localhost:3000
referer: http://localhost:3000/events
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
x-amz-date: 20180413T071741Z
x-amz-security-token: AgoGb3JpZ2luEAwaCmFwLXNvdXRoLTEigAIBwvwgU/vlYPZI1+XYbJUieH7lQB1XI32w08GaX0MjobxyfhFK7J3md5GaKlPdO3I+fqjYpBWOlrqNNllgjKTLZwNOx7SxrVq5T57qk27nq6kp1Y5nSDTy+wj6pHVbSmzRgrfqvOgsgWrU6NsB41taHLaN3sjQaneSC7/phQ3+UvdjQrEI7egI7TikiUs/DW6oQWMupW/75c9GEVnoA2RRdYmVqVh//OmbWdG6DMk09ritP6eLpUYvWHGrMNniGnT2Rj+3kbOgSst0JrKLwssOsO3lIm+iDxSk3NGoKRUX4iB/Lnv7XQnUaFoK2PC0DNyj9XnJVn0RXoXCPOOwPf9wKqwFCEAQABoMMTQ0MTUzMjMxNzA0Igwr7GTDa3MwS/6L7RIqiQU4WK45J//oxnc98LgRZOApKGYPyRfiDgd+LHG006GHDJTodDTysv1YIkLbOq6Da1d6ENpwdkW7h8OgtR4r+BoOPeP7h+vV55LJHexPGAGC8GKimK8iKFLjvyy1ArGWGb9FEbYtsJkjjxFZw2uZJ3ex3YWQk5UiBDkuJd8paU8rqSctcF/0SLFZyK77AndiLs7Ir3AwBvlQvOh+J3Q8MCfAuRLGOAT1VTYOMis/ZL7cczi1YRWK+7jlRdeoeQu/aP9Y07SbxRxzIh7YyhFBilLXUslRiyeKiehYK6ufI/czC2bDipegBmCAFiEff/PKvBinSUJRTkSJODmh6E25OVerbbSBgI1aCGj+b3bRiBiMwu+kIF77czK18jBfE5OeexKfh+r1w2puyYDwPgQMz9ki5BdQtHvzm0/p8W88+tPGNB0EO7E4TyWtfJ0HyLU6wgVpf4LB9YPDeUxoR8JdB+QLCXNDPdFEuWPQRgm4MgngAyHwVn+NnFsBk1U/GNHabWeX0k+PsxNn5LJ6u4RQCDP0YDsGrQmIO6DIrUWidBZ00XMeaJXWrsgHb/6qINijvg3sk1y9P7kxEZyfarotDEjqLRjpyUBufRfiCVccQ5bF0MeOxxMN4ZFC7mX7xtaSQKcmv2sG1uJus9d7yyd3phQ4FluiI77UE5CVx3bkdRlEObRXB/DyCv+gfk3VfouIchF8xNpMU1jmaHN5+rB0/lbTMxVmEX8qYc6UdZXIIWRm2spB2YwnacBhC0Q36CnCwU1hcRo7YhcminiCPQy6+7OrOTLLXKAenRjNIuPYGAaZQl1MgPMBwFpPGAdbrJG/iWleNf5fN+dettOD18VT8jrmdQ0jRM5N9OjEMJqvwdYF
这是 AWS 响应 header:
content-length: 192
content-type: application/json
date: Fri, 13 Apr 2018 07:17:41 GMT
status: 403
x-amz-apigw-id: FRLvXEDeBcwFuLQ=
x-amzn-errortype: InvalidSignatureException
x-amzn-requestid: c0f040c3-3eea-11e8-bd7a-dd445896cd03
我已经为此花费了数小时,但仍未找到解决方案,如果我可以提供任何其他信息来帮助解决问题,请告诉我。
这个 API 正在使用 cognito 作为 API 网关授权方,我切换到 IAM 以便我可以对 cognito 用户进行更精细的控制。
我无法让 AWS.Signers.V4 工作。根据我的阅读,这个 API 还不是 public。
我能够使用自定义客户端签署请求来让我的应用程序正常工作。可供下载 Here
我正在尝试构建一个 javascript 应用程序。 我无法获得通过 IAM 验证的 DELETE 请求。
API 网关删除路由已配置为使用 AWS_IAM 身份验证。 Cognito 用户组附加了一个角色,该角色授予调用删除路由的权限。
我已经使用 AWS.Signers.V4
签署了请求var httpRequest = new AWS.HttpRequest("https://bo5o2odxxx.execute-api.ap-south-1.amazonaws.com/wrhprod/"+uri, "ap-south-1");
httpRequest.headers.host = "https://bo5o2odxxx.execute-api.ap-south-1.amazonaws.com";
httpRequest.headers['Content-Type'] = "application/json";
httpRequest.method = method;
var v4signer = new AWS.Signers.V4(httpRequest, "execute-api", true);
v4signer.addAuthorization(awsCredentials, AWS.util.date.getDate());
delete httpRequest.headers['host']
delete httpRequest.headers['X-Amz-User-Agent']
我正在使用axios发送删除请求:
axios.delete('/events/2017/1523502329582',
{ headers: httpRequest.headers})
.then(response => {
//success
})
.catch(error => {
//fail
});
这是我的要求Header:
:authority: bo5o2odxxx.execute-api.ap-south-1.amazonaws.com
:method: DELETE
:path: /wrhprod/events/2017/1523502329582
:scheme: https
accept: application/json, text/plain, /
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
authorization: AWS4-HMAC-SHA256 Credential=ASIAIGIXC2II7KWVVUVA/20180413/ap-south-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token;x-amz-user-agent, Signature=f1b12cf3c1a3693f259e2f0079231974d6de0e4225bca0af3754a32eecf95277
origin: http://localhost:3000
referer: http://localhost:3000/events
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
x-amz-date: 20180413T071741Z
x-amz-security-token: AgoGb3JpZ2luEAwaCmFwLXNvdXRoLTEigAIBwvwgU/vlYPZI1+XYbJUieH7lQB1XI32w08GaX0MjobxyfhFK7J3md5GaKlPdO3I+fqjYpBWOlrqNNllgjKTLZwNOx7SxrVq5T57qk27nq6kp1Y5nSDTy+wj6pHVbSmzRgrfqvOgsgWrU6NsB41taHLaN3sjQaneSC7/phQ3+UvdjQrEI7egI7TikiUs/DW6oQWMupW/75c9GEVnoA2RRdYmVqVh//OmbWdG6DMk09ritP6eLpUYvWHGrMNniGnT2Rj+3kbOgSst0JrKLwssOsO3lIm+iDxSk3NGoKRUX4iB/Lnv7XQnUaFoK2PC0DNyj9XnJVn0RXoXCPOOwPf9wKqwFCEAQABoMMTQ0MTUzMjMxNzA0Igwr7GTDa3MwS/6L7RIqiQU4WK45J//oxnc98LgRZOApKGYPyRfiDgd+LHG006GHDJTodDTysv1YIkLbOq6Da1d6ENpwdkW7h8OgtR4r+BoOPeP7h+vV55LJHexPGAGC8GKimK8iKFLjvyy1ArGWGb9FEbYtsJkjjxFZw2uZJ3ex3YWQk5UiBDkuJd8paU8rqSctcF/0SLFZyK77AndiLs7Ir3AwBvlQvOh+J3Q8MCfAuRLGOAT1VTYOMis/ZL7cczi1YRWK+7jlRdeoeQu/aP9Y07SbxRxzIh7YyhFBilLXUslRiyeKiehYK6ufI/czC2bDipegBmCAFiEff/PKvBinSUJRTkSJODmh6E25OVerbbSBgI1aCGj+b3bRiBiMwu+kIF77czK18jBfE5OeexKfh+r1w2puyYDwPgQMz9ki5BdQtHvzm0/p8W88+tPGNB0EO7E4TyWtfJ0HyLU6wgVpf4LB9YPDeUxoR8JdB+QLCXNDPdFEuWPQRgm4MgngAyHwVn+NnFsBk1U/GNHabWeX0k+PsxNn5LJ6u4RQCDP0YDsGrQmIO6DIrUWidBZ00XMeaJXWrsgHb/6qINijvg3sk1y9P7kxEZyfarotDEjqLRjpyUBufRfiCVccQ5bF0MeOxxMN4ZFC7mX7xtaSQKcmv2sG1uJus9d7yyd3phQ4FluiI77UE5CVx3bkdRlEObRXB/DyCv+gfk3VfouIchF8xNpMU1jmaHN5+rB0/lbTMxVmEX8qYc6UdZXIIWRm2spB2YwnacBhC0Q36CnCwU1hcRo7YhcminiCPQy6+7OrOTLLXKAenRjNIuPYGAaZQl1MgPMBwFpPGAdbrJG/iWleNf5fN+dettOD18VT8jrmdQ0jRM5N9OjEMJqvwdYF
这是 AWS 响应 header:
content-length: 192
content-type: application/json
date: Fri, 13 Apr 2018 07:17:41 GMT
status: 403
x-amz-apigw-id: FRLvXEDeBcwFuLQ=
x-amzn-errortype: InvalidSignatureException
x-amzn-requestid: c0f040c3-3eea-11e8-bd7a-dd445896cd03
我已经为此花费了数小时,但仍未找到解决方案,如果我可以提供任何其他信息来帮助解决问题,请告诉我。
这个 API 正在使用 cognito 作为 API 网关授权方,我切换到 IAM 以便我可以对 cognito 用户进行更精细的控制。
我无法让 AWS.Signers.V4 工作。根据我的阅读,这个 API 还不是 public。
我能够使用自定义客户端签署请求来让我的应用程序正常工作。可供下载 Here