我正在尝试在我的Android应用程序中实现服务器API调用,这是AWS签名标头所必需的, 相同的标头适用于postman和node.js,但不适用于Android代码。 我正在使用最新版本的AWS移动客户端,即2.9.1。
我尝试使用不同的标头组合,尝试添加虚拟访问令牌,会话密钥。对于每种组合,它仅返回403。
private void startProcess(View view) {
buildRequest();
new SessionCredentialLoader().execute();
}
private void buildRequest(){
awsRequest = generateBasicRequest(URL);
Map<String, String> requestHeaders = getSignHeader(awsRequest);
okhttp3.Request.Builder builder = new okhttp3.Request.Builder().url(URL).get();
for (HashMap.Entry<String, String> entrySet : requestHeaders.entrySet()) {
String key = entrySet.getKey();
String value = entrySet.getValue();
builder.addHeader(key,value );
Log.d(TAG, "Header() "+key+" : "+value);
}
request =builder.build();
}
public Map<String, String> getSignHeader(com.amazonaws.Request request){
AWS4Signer signer = new AWS4Signer();
com.amazonaws.Request<?> aws;
aws = request;
/* AWSCredentials credentials = new BasicAWSCredentials(
*//*getAWSAccessKeyId*//* ACCESS_KEY,
*//*getAWSSecretKey*//* SECRET_KEY);*/
BasicSessionCredentials credentials = new BasicSessionCredentials(ACCESS_KEY, SECRET_KEY, SESSION_KEY);
signer.setServiceName("execute-api");
signer.setRegionName("ap-south-1");
signer.sign(aws, credentials);
Log.d(TAG, "getSignHeader() getHeaders(): "+aws.getHeaders().toString());
return aws.getHeaders();
}
public com.amazonaws.Request<?> generateBasicRequest(String url) {
//com.amazonaws.Request<?> request = new DefaultRequest<Void>("execute-api");
AmazonWebServiceRequest amazonWebServiceRequest = new AmazonWebServiceRequest() {
};
//ClientConfiguration clientConfiguration = new ClientConfiguration();
String API_GATEWAY_SERVICE_NAME = "execute-api";
com.amazonaws.Request<?> request = new DefaultRequest(amazonWebServiceRequest, API_GATEWAY_SERVICE_NAME);
request.addHeader("Content-type", "application/json");
//request.addHeader("Content-Type","application/x-www-form-urlencoded");
request.addHeader("x-api-key", XAPI_KEY);
// request.setResourcePath("/");
request.setEndpoint(URI.create(url));
request.setResourcePath(url);
request.setHttpMethod(HttpMethodName.GET);
return request;
}
private class SessionCredentialLoader extends AsyncTask<Void, Void, Boolean> {
@Override
protected Boolean doInBackground(Void... voids) {
try {
response = client.newCall(request).execute();
} catch (IOException e) {
e.printStackTrace();
}
return (response != null);
}
@Override
protected void onPostExecute(Boolean result) {
Log.d(TAG, "onPostExecute() result: "+result );
Log.d(TAG, "onPostExecute() response: "+response.toString() );
}
}
我希望API可以正常运行,并且应该从CMS得到响应。 请让我知道我在哪里犯错。 这些标头正在添加到http请求中:
Header() X-Amz-Date : 20181224T112843Z
Header() Host : abc.amazonaws.com
Header() x-api-key : 23423432432342XYZ
Header() Content-type : application/json
Header() x-amz-security-token : abc......xyz
Header() Authorization : AWS4-HMAC-SHA256 Credential=ACCESS_KEY/20181224/ap-south-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=85246b145dbef7b119c93ee71c9ee7dbd0f017893cc25b162234445149a91461
产生的错误:
{"message":"The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details. \n\n The Canonical String for this request should have been\n'POST\n/dev/api/client/getAllChannels\n\nhost:abc.amazonaws.com \n x-amz-date:20181225T121555Z\nx-amz-security-token:abcsessionToken'\n\n The String-to-Sign should have been\n'AWS4-HMAC-SHA256\n 20181225T121555Z\n20181225/ap-south-1/execute-api/aws4_request\signatureCode'\n"}