调试此错误的方法是什么?我正在尝试调用具有IAM角色的资源策略的api网关。
The Canonical String for this request should have been
'GET
/Prod/creeks/finbi_ldap
group_name=AWS-FINBI-APPS&login=bonneyv
content-length:
content-type:application/json
host:ipcd849p1c.execute-api.us-west-2.amazonaws.com
x-amz-date:20210409T052446Z
x-amz-security-token:IQoJb3JpZ2luX2VjEBUaCXVzLWVhc3QtM6w==
content-length;content-type;host;x-amz-date;x-amz-security-token
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855'
以下是我如何签署请求?
const headers = originalRequest.data === undefined ? {} :
{'Content-Type': 'application/json'};
const requestToBeSigned = {
body: JSON.stringify(originalRequest.data),
headers: Object.assign(headers, originalRequest.headers),
host: apiUrl.host,
method: originalRequest.method || 'GET',
path: `${apiUrl.pathname}${originalRequest.path || '/'}`,
};
const accessKeyId: string | undefined = credentials.accessKeyId;
const secretAccessKey: string = credentials.secretAccessKey;
const sessionToken: string | undefined = credentials.sessionToken;
return aws4.sign(requestToBeSigned, {
accessKeyId,
secretAccessKey,
sessionToken
});
除了在浏览器上看到的以外,我看不到任何方法可以查看我发送的请求是什么。
这些错误中的大多数都很难调试。以下是最终对我有效的签名。
- 知道是否包含
body - 对
body进行排序 - 构建
queryString - 知道是否包含
queryString
const headers = originalRequest.data === undefined ? {} : {'Content-Type': 'application/json'};
const path = `${apiUrl.pathname}`;
const method = originalRequest.method || 'GET';
const isPost = originalRequest.method === 'POST';
const requesting = isPost ? originalRequest.data : originalRequest.params;
const sortedBody = isPost ? sortRequestData(requesting) : requesting;
const queryString = buildQueryString(sortedBody);
const requestOptions = {
body: isPost ? JSON.stringify(sortedBody) : '',
data: isPost ? sortedBody : null,
headers: headers,
host: apiUrl.host,
method: method,
path: !isPost ? `${path}${queryString}` : `${path}`,
params: isPost ? null : requesting,
};
const buildQueryString = (obj: any) => {
// If input is not a key value store
if (!obj || Object.entries(obj).length === 0 || obj.constructor !== Object) {
return ''
}
return '?' + Object.entries(obj)
.map(([key, val]) => `${key}=${val}`)
.join('&')
};
const sortRequestData = (obj: any) => {
// If input is not a key value store
if (!obj || Object.entries(obj).length === 0 || obj.constructor !== Object) {
return ''
}
const keys = Object.keys(obj);
keys.sort();
let sortedObj: any = {};
keys.forEach((k: string) => sortedObj[k] = obj[k]);
return sortedObj
};