热门标签
热门文章
- 1SQL Server 常用函数_sql server 常见函数
- 2PyTorch、TensorFlow 和 NumPy三者之间的区别与联系是什么?_tensorflow和pytorch numpy
- 3基于51单片机的儿童安全座椅设计
- 4vue实现Element-ui省市区三级联动+市辖区修改_element-china-area-data json
- 5如何用人工智能高效选研究题目?
- 6Mybatis3.3.x技术内幕(十五):Mybatis之foreach批量insert,返回主键id列表(修复Mybatis返回null的bug)...
- 7(PYTHON)selenium+post请求批量获取小红书图片并备注_selenium 小红书
- 8html5电路模拟器,eda仿真软件
- 9助力工业产品质检,基于YOLOv5全系列参数模型【n/s/m/l/x】开发构建智能PCB电路板质检分析系统_yolo工业质检
- 10前后端分离CRUD_前后端分离列表遍历
当前位置: article > 正文
AWS APIGW Signature使用示例代码_aws-sdk-auth-signer
作者:AllinToyou | 2024-06-12 07:30:05
赞
踩
aws-sdk-auth-signer
1. 引入SDK依赖包
- <dependency>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpclient</artifactId>
- <version>4.5.12</version>
- </dependency>
- <!-- AWS SDK for Java Signing -->
- <dependency>
- <groupId>software.amazon.awssdk</groupId>
- <artifactId>signer</artifactId>
- <version>2.17.35</version>
- </dependency>
2. 调用请求Demo
- import org.apache.http.HttpHeaders;
- import org.apache.http.HttpResponse;
- import org.apache.http.client.HttpClient;
- import org.apache.http.client.methods.HttpPost;
- import org.apache.http.entity.StringEntity;
- import org.apache.http.impl.client.DefaultHttpRequestRetryHandler;
- import org.apache.http.impl.client.HttpClientBuilder;
- import software.amazon.awssdk.auth.credentials.AwsBasicCredentials;
- import software.amazon.awssdk.auth.signer.Aws4Signer;
- import software.amazon.awssdk.auth.signer.params.Aws4SignerParams;
- import software.amazon.awssdk.core.SdkBytes;
- import software.amazon.awssdk.http.SdkHttpFullRequest;
- import software.amazon.awssdk.http.SdkHttpMethod;
- import software.amazon.awssdk.regions.Region;
-
- import java.net.URI;
- import java.nio.charset.StandardCharsets;
- import java.time.Instant;
-
- public class Aws4SignerDemo {
- private static final String HOST = "https://your-apigw-domain";
- private static final String REGION = "cn-northwest-1";
- private static final String AK = "BKBA4WFLST4Cd5O7WE3Pc";
- private static final String SK = "AmslC6UAqe0LS0J7/773vFHl6DSt9nfV96o5eBxD";
-
- public static void main(String[] args) throws Exception {
- String path = "/v1/person/create";
- URI uri = URI.create(HOST + path);
- String requestBody = "{\"name\": \"111\",\"age\": \"22\"}"
- SdkHttpFullRequest signedRequest = getSignature(uri, requestBody);
-
- String response = doPost(uri, requestBody, signedRequest);
-
- System.out.println(response);
- }
-
- private static SdkHttpFullRequest getSignature(URI uri, String requestBody){
- Aws4Signer signer = Aws4Signer.create();
- SdkHttpFullRequest.Builder requestBuilder = SdkHttpFullRequest.builder()
- .method(SdkHttpMethod.POST)
- .uri(uri);
- requestBuilder.putHeader("Host", uri.getHost());
- requestBuilder.putHeader("X-Amz-Date", Instant.now().toString());
- byte[] payload = requestBody.getBytes();
- requestBuilder.contentStreamProvider(() -> SdkBytes.fromByteArray(payload).asInputStream());
-
- Aws4SignerParams signingParams = Aws4SignerParams.builder()
- .awsCredentials(AwsBasicCredentials.create(AK,SK))
- .signingName("execute-api")
- .signingRegion(Region.of(REGION))
- .build();
- return signer.sign(requestBuilder.build(), signingParams);
- }
-
- private static String doPost(URI uri,String requestBody, SdkHttpFullRequest signedRequest) throws Exception {
- HttpClient httpClient = HttpClientBuilder.create()
- .setRetryHandler(new DefaultHttpRequestRetryHandler(3, false))
- .build();
- HttpPost request = new HttpPost(uri);
- request.setHeader(HttpHeaders.HOST, uri.getHost());
- request.setHeader("X-Amz-Date", signedRequest.firstMatchingHeader("X-Amz-Date").orElse(null));
- request.setHeader("Authorization",signedRequest.firstMatchingHeader("Authorization").orElse(null));
- request.setHeader("Content-Type", "application/json");
- request.setEntity(new StringEntity(requestBody, StandardCharsets.UTF_8));
- String result = null;
- HttpResponse response = httpClient.execute(request);
- byte[] responseBody = response.getEntity() != null ?
- SdkBytes.fromInputStream(response.getEntity().getContent()).asByteArray() : null;
- if (responseBody != null) {
- result = new String(responseBody);
- }
- return result;
- }
-
- }
3. APIGW需要配置对应的API使用Signature鉴权
- ---
- swagger: "2.0"
- info:
- description: "test"
- host: "your-apigw-domain"
- basePath: "/v3"
- schemes:
- - "https"
- paths:
- /person/create:
- post:
- produces:
- - "application/json"
- security:
- - sigv4: []
- x-amazon-apigateway-request-validator: "Validate body"
- securityDefinitions:
- sigv4:
- type: "apiKey"
- name: "Authorization"
- in: "header"
- x-amazon-apigateway-authtype: "awsSigv4"
- x-amazon-apigateway-policy:
- Version: "2012-10-17"
- Statement:
- - Sid: "abcv1"
- Effect: "Allow"
- Principal:
- AWS: "arn:aws-cn:iam::172238194437:user/username"
- Action: "execute-api:Invoke"
- Resource:
- - "arn:aws-cn:execute-api:cn-northwest-1:172238194437:11qx76lfea/v1/POST/person/create"
- Condition:
- IpAddress:
- aws:SourceIp:
- - "0.0.0.0/0"
- x-amazon-apigateway-request-validators:
- Validate body:
- validateRequestParameters: false
- validateRequestBody: true
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/AllinToyou/article/detail/707026
推荐阅读
相关标签
