热门标签
热门文章
- 1深信服PT2 笔试题库 ,实验,面试题库_深信服pt2sstp考试题库带答案
- 2Python+tkinter限制文本框中只能使用英文输入法
- 3FPGA DDR3学习笔记(一)_ddr容量大小怎么看
- 4【目标检测】VOC数据集介绍
- 5设计模式七大原则:单一职责原则_设计模式单一职责原则
- 6vivado SRIO 学习
- 7win10+黑苹果 单硬盘 双系统 超简单安装 一看就会_苹果双系统怎么安装win10
- 8深度学习:GAN 对抗网络原理详细解析(零基础必看)_gan网络
- 9天津工业大学计算机专业好考,天津工业大学(专业学位)计算机技术考研难吗
- 10AssertionError:torch not compiled with cuda enabled_assertionerror: torch not compiled with cuda enabl
当前位置: article > 正文
AWS APIGW Signature使用示例代码_aws-sdk-auth-signer
作者:AllinToyou | 2024-06-12 07:30:05
赞
踩
aws-sdk-auth-signer
1. 引入SDK依赖包
- <dependency>
- <groupId>org.apache.httpcomponents</groupId>
- <artifactId>httpclient</artifactId>
- <version>4.5.12</version>
- </dependency>
- <!-- AWS SDK for Java Signing -->
- <dependency>
- <groupId>software.amazon.awssdk</groupId>
- <artifactId>signer</artifactId>
- <version>2.17.35</version>
- </dependency>
2. 调用请求Demo
- import org.apache.http.HttpHeaders;
- import org.apache.http.HttpResponse;
- import org.apache.http.client.HttpClient;
- import org.apache.http.client.methods.HttpPost;
- import org.apache.http.entity.StringEntity;
- import org.apache.http.impl.client.DefaultHttpRequestRetryHandler;
- import org.apache.http.impl.client.HttpClientBuilder;
- import software.amazon.awssdk.auth.credentials.AwsBasicCredentials;
- import software.amazon.awssdk.auth.signer.Aws4Signer;
- import software.amazon.awssdk.auth.signer.params.Aws4SignerParams;
- import software.amazon.awssdk.core.SdkBytes;
- import software.amazon.awssdk.http.SdkHttpFullRequest;
- import software.amazon.awssdk.http.SdkHttpMethod;
- import software.amazon.awssdk.regions.Region;
-
- import java.net.URI;
- import java.nio.charset.StandardCharsets;
- import java.time.Instant;
-
- public class Aws4SignerDemo {
- private static final String HOST = "https://your-apigw-domain";
- private static final String REGION = "cn-northwest-1";
- private static final String AK = "BKBA4WFLST4Cd5O7WE3Pc";
- private static final String SK = "AmslC6UAqe0LS0J7/773vFHl6DSt9nfV96o5eBxD";
-
- public static void main(String[] args) throws Exception {
- String path = "/v1/person/create";
- URI uri = URI.create(HOST + path);
- String requestBody = "{\"name\": \"111\",\"age\": \"22\"}"
- SdkHttpFullRequest signedRequest = getSignature(uri, requestBody);
-
- String response = doPost(uri, requestBody, signedRequest);
-
- System.out.println(response);
- }
-
- private static SdkHttpFullRequest getSignature(URI uri, String requestBody){
- Aws4Signer signer = Aws4Signer.create();
- SdkHttpFullRequest.Builder requestBuilder = SdkHttpFullRequest.builder()
- .method(SdkHttpMethod.POST)
- .uri(uri);
- requestBuilder.putHeader("Host", uri.getHost());
- requestBuilder.putHeader("X-Amz-Date", Instant.now().toString());
- byte[] payload = requestBody.getBytes();
- requestBuilder.contentStreamProvider(() -> SdkBytes.fromByteArray(payload).asInputStream());
-
- Aws4SignerParams signingParams = Aws4SignerParams.builder()
- .awsCredentials(AwsBasicCredentials.create(AK,SK))
- .signingName("execute-api")
- .signingRegion(Region.of(REGION))
- .build();
- return signer.sign(requestBuilder.build(), signingParams);
- }
-
- private static String doPost(URI uri,String requestBody, SdkHttpFullRequest signedRequest) throws Exception {
- HttpClient httpClient = HttpClientBuilder.create()
- .setRetryHandler(new DefaultHttpRequestRetryHandler(3, false))
- .build();
- HttpPost request = new HttpPost(uri);
- request.setHeader(HttpHeaders.HOST, uri.getHost());
- request.setHeader("X-Amz-Date", signedRequest.firstMatchingHeader("X-Amz-Date").orElse(null));
- request.setHeader("Authorization",signedRequest.firstMatchingHeader("Authorization").orElse(null));
- request.setHeader("Content-Type", "application/json");
- request.setEntity(new StringEntity(requestBody, StandardCharsets.UTF_8));
- String result = null;
- HttpResponse response = httpClient.execute(request);
- byte[] responseBody = response.getEntity() != null ?
- SdkBytes.fromInputStream(response.getEntity().getContent()).asByteArray() : null;
- if (responseBody != null) {
- result = new String(responseBody);
- }
- return result;
- }
-
- }
3. APIGW需要配置对应的API使用Signature鉴权
- ---
- swagger: "2.0"
- info:
- description: "test"
- host: "your-apigw-domain"
- basePath: "/v3"
- schemes:
- - "https"
- paths:
- /person/create:
- post:
- produces:
- - "application/json"
- security:
- - sigv4: []
- x-amazon-apigateway-request-validator: "Validate body"
- securityDefinitions:
- sigv4:
- type: "apiKey"
- name: "Authorization"
- in: "header"
- x-amazon-apigateway-authtype: "awsSigv4"
- x-amazon-apigateway-policy:
- Version: "2012-10-17"
- Statement:
- - Sid: "abcv1"
- Effect: "Allow"
- Principal:
- AWS: "arn:aws-cn:iam::172238194437:user/username"
- Action: "execute-api:Invoke"
- Resource:
- - "arn:aws-cn:execute-api:cn-northwest-1:172238194437:11qx76lfea/v1/POST/person/create"
- Condition:
- IpAddress:
- aws:SourceIp:
- - "0.0.0.0/0"
- x-amazon-apigateway-request-validators:
- Validate body:
- validateRequestParameters: false
- validateRequestBody: true
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/AllinToyou/article/detail/707026
推荐阅读
相关标签
