本文介紹了調(diào)用AWS API-Signature,Authentication Header-在Android中使用OkHTTP的處理方法,對(duì)大家解決問(wèn)題具有一定的參考價(jià)值,需要的朋友們下面隨著小編來(lái)一起學(xué)習(xí)吧!
問(wèn)題描述
我正在嘗試使用OkHTTP對(duì)Android中的AWS API的HTTP請(qǐng)求進(jìn)行簽名。我使用了這個(gè)Question中的代碼。AWS的文檔一點(diǎn)幫助都沒(méi)有。我很困惑。這是我到目前為止找到的唯一易于理解和實(shí)現(xiàn)的代碼。但它也不能解決我的問(wèn)題。我沒(méi)有使用API傳遞任何數(shù)據(jù),它只是我必須調(diào)用并接收消息的簡(jiǎn)單API。
我的代碼
AWSCredentials credentials = new BasicAWSCredentials(access_key_id.trim(), secret_access_key.trim());
String API_GATEWAY_SERVICE_NAME = "execute-api";
Request requestAws = new DefaultRequest(API_GATEWAY_SERVICE_NAME);
URI uri = URI.create(url);
requestAws.setEndpoint(uri);
requestAws.setResourcePath(url);
requestAws.setHttpMethod(HttpMethodName.POST);
AWS4Signer signer = new AWS4Signer();
signer.setServiceName(API_GATEWAY_SERVICE_NAME);
signer.setRegionName("us-east-2");
signer.sign(requestAws, credentials);
OkHttpClient httpClient = new OkHttpClient();
Map<String, String> headers = requestAws.getHeaders();
List<String> key = new ArrayList<String>();
List<String> value = new ArrayList<String>();
for (Map.Entry<String, String> entry : headers.entrySet()) {
key.add(entry.getKey());
value.add(entry.getValue());
}
okhttp3.Request request = new okhttp3.Request.Builder()
.url(url)
.addHeader(key.get(0), value.get(0))
.addHeader(key.get(1), value.get(1))
.addHeader(key.get(2), value.get(2))
.build();
Response response = httpClient.newCall(request).execute();
收到錯(cuò)誤
{"message":"The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
The Canonical String for this request should have been
'GET
/**2nd last part of url ***/**last part of url ***/
host:***.execute-api.us-east-2.amazonaws.com
x-amz-date:20210306T082609Z
host;x-amz-date***signature***'
The String-to-Sign should have been
'AWS4-HMAC-SHA256
20210306T082609Z
20210306/us-east-2/execute-api/aws4_request
***signature***'
"}
這是一個(gè)簡(jiǎn)單的代碼,但我找不到任何問(wèn)題。服務(wù)器錯(cuò)誤也沒(méi)有幫助。
在服務(wù)器端,我沒(méi)有使用任何內(nèi)容類型,這就是為什么我沒(méi)有在頭中傳遞它的原因。這會(huì)是個(gè)問(wèn)題嗎?我還認(rèn)為我的requesAws有問(wèn)題。
這批貨可能有問(wèn)題。我不知道這到底是什么意思,所以我在其中傳遞了與引用代碼中相同的API url。
requestAws.setResourcePath(url);
推薦答案
我不推薦編寫(xiě)您自己的SigV4簽名器。相反,請(qǐng)嘗試將其中一個(gè)作為庫(kù)依賴項(xiàng)拉入。
嘗試babbel’s OkHttp signer:
dependencies {
implementation 'com.github.babbel:okhttp-aws-signer:1.0.1'
}
val signer = OkHttpAwsV4Signer("us-east-1", "execute-api")
val client = OkHttpClient.Builder()
.addInterceptor { chain ->
val original = chain.request()
val signed = signer.sign(original, accessKeyId, accessKey)
chain.proceed(signed)
}
.build()
或Ghedeon’s:
repositories {
maven {
url "http://dl.bintray.com/ghedeon/maven"
}
}
...
dependencies {
implementation 'com.ghedeon:aws-interceptor:0.6'
}
val interceptor = AwsInterceptor(credentialsProvider, serviceName, region)
val okHttpClient = new OkHttpClient.Builder()
.addInterceptor(interceptor)
.build()
后者uses the AWS Android SDK under the hood。如果您使用的是Amazon Cognito,則可以為credentialsProvider
參數(shù)提供AWSMobileClient.getInstance()
。
val okHttpClient = new OkHttpClient.Builder()
.addInterceptor(AwsInterceptor(
AWSMobileClient.getInstance(), "execute-api", "us-east-1"
))
.build()
這篇關(guān)于調(diào)用AWS API-Signature,Authentication Header-在Android中使用OkHTTP的文章就介紹到這了,希望我們推薦的答案對(duì)大家有所幫助,