本文介紹了調(diào)用AWS API-Signature,Authentication Header-在Android中使用OkHTTP的處理方法,對大家解決問題具有一定的參考價值,需要的朋友們下面隨著小編來一起學習吧!
問題描述
我正在嘗試使用OkHTTP對Android中的AWS API的HTTP請求進行簽名。我使用了這個Question中的代碼。AWS的文檔一點幫助都沒有。我很困惑。這是我到目前為止找到的唯一易于理解和實現(xiàn)的代碼。但它也不能解決我的問題。我沒有使用API傳遞任何數(shù)據(jù),它只是我必須調(diào)用并接收消息的簡單API。
我的代碼
AWSCredentials credentials = new BasicAWSCredentials(access_key_id.trim(), secret_access_key.trim());
String API_GATEWAY_SERVICE_NAME = "execute-api";
Request requestAws = new DefaultRequest(API_GATEWAY_SERVICE_NAME);
URI uri = URI.create(url);
requestAws.setEndpoint(uri);
requestAws.setResourcePath(url);
requestAws.setHttpMethod(HttpMethodName.POST);
AWS4Signer signer = new AWS4Signer();
signer.setServiceName(API_GATEWAY_SERVICE_NAME);
signer.setRegionName("us-east-2");
signer.sign(requestAws, credentials);
OkHttpClient httpClient = new OkHttpClient();
Map<String, String> headers = requestAws.getHeaders();
List<String> key = new ArrayList<String>();
List<String> value = new ArrayList<String>();
for (Map.Entry<String, String> entry : headers.entrySet()) {
key.add(entry.getKey());
value.add(entry.getValue());
}
okhttp3.Request request = new okhttp3.Request.Builder()
.url(url)
.addHeader(key.get(0), value.get(0))
.addHeader(key.get(1), value.get(1))
.addHeader(key.get(2), value.get(2))
.build();
Response response = httpClient.newCall(request).execute();
收到錯誤
{"message":"The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
The Canonical String for this request should have been
'GET
/**2nd last part of url ***/**last part of url ***/
host:***.execute-api.us-east-2.amazonaws.com
x-amz-date:20210306T082609Z
host;x-amz-date***signature***'
The String-to-Sign should have been
'AWS4-HMAC-SHA256
20210306T082609Z
20210306/us-east-2/execute-api/aws4_request
***signature***'
"}
這是一個簡單的代碼,但我找不到任何問題。服務(wù)器錯誤也沒有幫助。
在服務(wù)器端,我沒有使用任何內(nèi)容類型,這就是為什么我沒有在頭中傳遞它的原因。這會是個問題嗎?我還認為我的requesAws有問題。
這批貨可能有問題。我不知道這到底是什么意思,所以我在其中傳遞了與引用代碼中相同的API url。
requestAws.setResourcePath(url);
推薦答案
我不推薦編寫您自己的SigV4簽名器。相反,請嘗試將其中一個作為庫依賴項拉入。
嘗試babbel’s OkHttp signer:
dependencies {
implementation 'com.github.babbel:okhttp-aws-signer:1.0.1'
}
val signer = OkHttpAwsV4Signer("us-east-1", "execute-api")
val client = OkHttpClient.Builder()
.addInterceptor { chain ->
val original = chain.request()
val signed = signer.sign(original, accessKeyId, accessKey)
chain.proceed(signed)
}
.build()
或Ghedeon’s:
repositories {
maven {
url "http://dl.bintray.com/ghedeon/maven"
}
}
...
dependencies {
implementation 'com.ghedeon:aws-interceptor:0.6'
}
val interceptor = AwsInterceptor(credentialsProvider, serviceName, region)
val okHttpClient = new OkHttpClient.Builder()
.addInterceptor(interceptor)
.build()
后者uses the AWS Android SDK under the hood。如果您使用的是Amazon Cognito,則可以為credentialsProvider參數(shù)提供AWSMobileClient.getInstance()。
val okHttpClient = new OkHttpClient.Builder()
.addInterceptor(AwsInterceptor(
AWSMobileClient.getInstance(), "execute-api", "us-east-1"
))
.build()
這篇關(guān)于調(diào)用AWS API-Signature,Authentication Header-在Android中使用OkHTTP的文章就介紹到這了,希望我們推薦的答案對大家有所幫助,
