我正在尝试在我的 Android 应用程序中实现我的服务器 API 调用,这需要 AWS 签名标头,相同的标头与邮递员和 node.js 一起使用,但不适用于 Android 代码。我正在使用最新版本的 AWS 移动客户端,即 2.9.1。
我尝试过使用不同的标头组合,我尝试添加虚拟访问令牌、会话密钥。对于每个组合,它只返回 403。
private void startProcess(View view) {
buildRequest();
new SessionCredentialLoader().execute();
}
private void buildRequest(){
awsRequest = generateBasicRequest(URL);
Map<String, String> requestHeaders = getSignHeader(awsRequest);
okhttp3.Request.Builder builder = new okhttp3.Request.Builder().url(URL).get();
for (HashMap.Entry<String, String> entrySet : requestHeaders.entrySet()) {
String key = entrySet.getKey();
String value = entrySet.getValue();
builder.addHeader(key,value );
Log.d(TAG, "Header() "+key+" : "+value);
}
request =builder.build();
}
public Map<String, String> getSignHeader(com.amazonaws.Request request){
AWS4Signer signer = new AWS4Signer();
com.amazonaws.Request<?> aws;
aws = request;
/* AWSCredentials credentials = new BasicAWSCredentials(
*//*getAWSAccessKeyId*//* ACCESS_KEY,
*//*getAWSSecretKey*//* SECRET_KEY);*/
BasicSessionCredentials credentials = new BasicSessionCredentials(ACCESS_KEY, SECRET_KEY, SESSION_KEY);
signer.setServiceName("execute-api");
signer.setRegionName("ap-south-1");
signer.sign(aws, credentials);
Log.d(TAG, "getSignHeader() getHeaders(): "+aws.getHeaders().toString());
return aws.getHeaders();
}
public com.amazonaws.Request<?> generateBasicRequest(String url) {
//com.amazonaws.Request<?> request = new DefaultRequest<Void>("execute-api");
AmazonWebServiceRequest amazonWebServiceRequest = new AmazonWebServiceRequest() {
};
//ClientConfiguration clientConfiguration = new ClientConfiguration();
String API_GATEWAY_SERVICE_NAME = "execute-api";
com.amazonaws.Request<?> request = new DefaultRequest(amazonWebServiceRequest, API_GATEWAY_SERVICE_NAME);
request.addHeader("Content-type", "application/json");
//request.addHeader("Content-Type","application/x-www-form-urlencoded");
request.addHeader("x-api-key", XAPI_KEY);
// request.setResourcePath("/");
request.setEndpoint(URI.create(url));
request.setResourcePath(url);
request.setHttpMethod(HttpMethodName.GET);
return request;
}
private class SessionCredentialLoader extends AsyncTask<Void, Void, Boolean> {
@Override
protected Boolean doInBackground(Void... voids) {
try {
response = client.newCall(request).execute();
} catch (IOException e) {
e.printStackTrace();
}
return (response != null);
}
@Override
protected void onPostExecute(Boolean result) {
Log.d(TAG, "onPostExecute() result: "+result );
Log.d(TAG, "onPostExecute() response: "+response.toString() );
}
}
我期待 API 应该被击中,我应该从我的 CMS 中得到响应。任何人都可以让我知道,我在哪里犯了错误。这些是被添加到 http 请求中的标头:
Header() X-Amz-Date : 20181224T112843Z
Header() Host : abc.amazonaws.com
Header() x-api-key : 23423432432342XYZ
Header() Content-type : application/json
Header() x-amz-security-token : abc......xyz
Header() Authorization : AWS4-HMAC-SHA256 Credential=ACCESS_KEY/20181224/ap-south-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=85246b145dbef7b119c93ee71c9ee7dbd0f017893cc25b162234445149a91461
产生的错误:
{"message":"The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details. \n\n The Canonical String for this request should have been\n'POST\n/dev/api/client/getAllChannels\n\nhost:abc.amazonaws.com \n x-amz-date:20181225T121555Z\nx-amz-security-token:abcsessionToken'\n\n The String-to-Sign should have been\n'AWS4-HMAC-SHA256\n 20181225T121555Z\n20181225/ap-south-1/execute-api/aws4_request\signatureCode'\n"}