1. 首页
  2. 问答
  3. AWS APigateway JS SDK + IAM + PUT + Body =错误

AWS APigateway JS SDK + IAM + PUT + Body =错误

2017-06-20 39 views
0

美好的一天。AWS APigateway JS SDK + IAM + PUT + Body =错误

我正在使用AWS APIGateway的自动生成的JS SDK来执行PUT请求。我有一个身份池,因此在PUT方法上启用了IAM身份验证。

我必须使用IAM权威性的工作就好了一个GET请求(apigClient.userProfileGet),所以我不怀疑这是我的策略配置。

我面临的问题是,只要我将身体添加到请求中,我就会得到非常模糊的The request signature we calculated does not match the signature you provided错误消息。

我的代码样本如下:

apigClient = apigClientFactory.newClient({ 
    accessKey: AWS.config.credentials.accessKeyId, 
    secretKey: AWS.config.credentials.secretAccessKey, 
    sessionToken: AWS.config.credentials.sessionToken, 
    region: 'eu-west-1' 
}); 

let firstName = document.getElementById('firstName_update').value; 
let lastName = document.getElementById('lastName_update').value; 
let profilePic = document.getElementById('profilePic_update').value; 

let body = { 
    'firstName': firstName, 
    'lastName': lastName, 
    'profilePic': profilePic 
}; 

apigClient.userProfilePut({ 
    'cognito-id-token': session.getIdToken().getJwtToken(), 
    'g-id-token': null, 
    'fb-access-token': null 
}, body).then(data => { 
    console.log(data); 
});

如果我删除IAM身份验证,该方法执行罚款,我得到我从后端期待的回应。

如果我离开IAM认证,但删除身体,该方法执行,我得到我期望从我的后端的错误响应(如“错误,参数身体缺失”)。

很显然,我需要能够发送请求体..

我在做什么错?

非常感谢

编辑:

我的要求的身体模型,如下所示:

{ 
    "$schema" : "http://json-schema.org/draft-04/schema#", 
    "title" : "UserDataUpdateRequest", 
    "type" : "object", 
    "properties" : { 
    "firstName": { "type": "string"}, 
    "lastName": { "type": "string" }, 
    "profilePic": { "type": "string" } 
    }, 
    "required": [ "firstName", "lastName", "profilePic" ] 
}

来源

2017-06-20 LukeStoneHm

回答

0

所以我花了8小时试图弄清楚这一点。

的问题如下:

这是请求的规范化字符串这是预计AWS APIGateway:

PUT 
/Development/user/profile 

accept:*/* 
cognito-id-token:eyJraWQiOiIyRFN2VlFNUWZ6c051emxBVWxqRksyd0J4SzdiZ2JiU01SZjlKU1l5NWpzPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJjMWY4MWJhZS0xOWZiLTRiYjEtOGI3Ni1kZDE3ZDJjYzVmNjQiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImlzcyI6Imh0dHBzOlwvXC9jb2duaXRvLWlkcC5ldS13ZXN0LTEuYW1hem9uYXdzLmNvbVwvZXUtd2VzdC0xX2x0WFNaSGFndiIsInBob25lX251bWJlcl92ZXJpZmllZCI6ZmFsc2UsImNvZ25pdG86dXNlcm5hbWUiOiJsdWtlQHRvdWNoZm91bmRyeS5jby56YSIsImF1ZCI6IjIwczY1bjMyYzJucGM5NmE0MHIxNjM4NmJvIiwidXBkYXRlZF9hdCI6MTQ5NjMyOTQwOTMxNSwidG9rZW5fdXNlIjoiaWQiLCJhdXRoX3RpbWUiOjE0OTc5NjI3NDksIm5hbWUiOiJMdWtlIiwicGhvbmVfbnVtYmVyIjoiKzI3ODQ4MTcwMDEyIiwiZXhwIjoxNDk3OTY2MzQ5LCJpYXQiOjE0OTc5NjI3NDksImZhbWlseV9uYW1lIjoiSm9obnN0b25lIiwiZW1haWwiOiJsdWtlQHRvdWNoZm91bmRyeS5jby56YSJ9.bXuKyQ-dpU9A4jI-1cViUH_1mV68qObyCREUKwLfzYyBrpNgE_z9YMGpz0uRR7UbgvVMd2LkesXqileZ-H_Gai8M5vqodKQJG2gOOyKPCEvW2G4ieMQgPrkeeWdV77JF4tixdzksJbi4cS78jCgYLgPDp_cn-vOrnkwqSxsu7KUnr3aMoZKvNH7A4mtiJxcLoC-esFdFx1BUzV69NwzX1HOWXk99d3x01Cjes08SBzxTOr3bbEhC0Z0VP0p7sXBL9SSgaecijDIgo9Sa_yKE9amx0Q4jRgf45-NCe2FgRZlpBaouz7blGlt_RUvUACYfgCyBe3LtPDZa3dG5tEhtbg 
content-type:application/json 
fb-access-token:null 
g-id-token:null 
host:488s00ffrd.execute-api.eu-west-1.amazonaws.com 
x-amz-date:20170620T133151Z 

accept;cognito-id-token;content-type;fb-access-token;g-id-token;host;x-amz-date 
88e953912796feb4023a4d860ca6e03d62ace022b47a6217865323bf5c7b4b37

而这是被Javascript SDK生成的最终规范化字符串你可以在APIGateway的网站上生成:

PUT 
/Development/user/profile 

accept:*/* 
content-type:application/json 
cognito-id-token:eyJraWQiOiIyRFN2VlFNUWZ6c051emxBVWxqRksyd0J4SzdiZ2JiU01SZjlKU1l5NWpzPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJjMWY4MWJhZS0xOWZiLTRiYjEtOGI3Ni1kZDE3ZDJjYzVmNjQiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImlzcyI6Imh0dHBzOlwvXC9jb2duaXRvLWlkcC5ldS13ZXN0LTEuYW1hem9uYXdzLmNvbVwvZXUtd2VzdC0xX2x0WFNaSGFndiIsInBob25lX251bWJlcl92ZXJpZmllZCI6ZmFsc2UsImNvZ25pdG86dXNlcm5hbWUiOiJsdWtlQHRvdWNoZm91bmRyeS5jby56YSIsImF1ZCI6IjIwczY1bjMyYzJucGM5NmE0MHIxNjM4NmJvIiwidXBkYXRlZF9hdCI6MTQ5NjMyOTQwOTMxNSwidG9rZW5fdXNlIjoiaWQiLCJhdXRoX3RpbWUiOjE0OTc5NjI3NDksIm5hbWUiOiJMdWtlIiwicGhvbmVfbnVtYmVyIjoiKzI3ODQ4MTcwMDEyIiwiZXhwIjoxNDk3OTY2MzQ5LCJpYXQiOjE0OTc5NjI3NDksImZhbWlseV9uYW1lIjoiSm9obnN0b25lIiwiZW1haWwiOiJsdWtlQHRvdWNoZm91bmRyeS5jby56YSJ9.bXuKyQ-dpU9A4jI-1cViUH_1mV68qObyCREUKwLfzYyBrpNgE_z9YMGpz0uRR7UbgvVMd2LkesXqileZ-H_Gai8M5vqodKQJG2gOOyKPCEvW2G4ieMQgPrkeeWdV77JF4tixdzksJbi4cS78jCgYLgPDp_cn-vOrnkwqSxsu7KUnr3aMoZKvNH7A4mtiJxcLoC-esFdFx1BUzV69NwzX1HOWXk99d3x01Cjes08SBzxTOr3bbEhC0Z0VP0p7sXBL9SSgaecijDIgo9Sa_yKE9amx0Q4jRgf45-NCe2FgRZlpBaouz7blGlt_RUvUACYfgCyBe3LtPDZa3dG5tEhtbg 
fb-access-token:null 
g-id-token:null 
host:488s00ffrd.execute-api.eu-west-1.amazonaws.com 
x-amz-date:20170620T133151Z 

accept;cognito-id-token;content-type;fb-access-token;g-id-token;host;x-amz-date 
88e953912796feb4023a4d860ca6e03d62ace022b47a6217865323bf5c7b4b37

现在玩现货th电子差异!

我将为您节省我花费的8个小时,SDK将content-type放置在我的自定义标题cognito-id-token下面。由于这是一个普通的旧字符串比较,检查失败。

该解决方案 我重命名我的自定义标题,所有的。我给他们加上了前缀x-,现在它起作用了。

该死的很难解决..希望这可以挽救未来另一个可怜的灵魂。

来源

2017-06-20 13:49:58 LukeStoneHm

+0

非常抱歉!听起来很沮丧。感谢您记录详细的答案。 –

相关问题

 相关问题