使用Typescript访问S3多区域访问点MRAP时,Lambda@Edge的SigV4Asymmetric签名问题。
0
【以下的问题经过翻译处理】 你好,
我之前通过编号为12004513771的支持提交了一个问题,但是他们无法为我解决一个自定义代码问题。
我想在Typescript中复制S3 MRAP签名,基于这篇文章: https://aws.amazon.com/blogs/storage/building-an-active-active-latency-based-application-across-multiple-regions/
我遇到的具体问题是,在AWS SDK for node ‘aws-crt’ 1.15.9和nodejs16.x中:
import { auth } from 'aws-crt';
import { HttpHeaders, HttpRequest } from "aws-crt/dist/native/http";
.....
const httpRequest = new HttpRequest(method, endpoint, headers);
const signedHttpRequest: HttpRequest = await auth.aws_sign_request(httpRequest, config);
但是我遇到的问题是上述两个调用都返回一个空对象{}
Typescript代码:
签名函数:
async function sigV4ASignBasic(method: string, endpoint: string, headers: HttpHeaders, service: string): Promise<HttpHeaders> {
const httpRequest = new HttpRequest(method, endpoint, headers);
console.log('httpRequest: ' + JSON.stringify(httpRequest))
const config: AwsSigningConfig = {
service: service,
region: "*",
algorithm: auth.AwsSigningAlgorithm.SigV4Asymmetric,
signature_type: auth.AwsSignatureType.HttpRequestViaHeaders,
signed_body_header: auth.AwsSignedBodyHeaderType.XAmzContentSha256,
provider: auth.AwsCredentialsProvider.newDefault()
};
console.log('config: ' + JSON.stringify(config))
const signedHttpRequest: HttpRequest = await auth.aws_sign_request(httpRequest, config);
console.log('signedHttpRequest: ' + JSON.stringify(signedHttpRequest))
return signedHttpRequest.headers;
}
从中调用:
console.log('method: %s, endpoint: %s, cfReadOnlyHeaders with X-Amz-Cf-Id: %s, service: %s', method, endpoint, JSON.stringify(cfReadOnlyHeaders), service)
// # Sign the request with Signature Version 4A (SigV4A).
const authHeaders: HttpHeaders = await sigV4ASignBasic(method, endpoint, cfReadOnlyHeaders, service)
以上日志:
2023-02-14T10:58:06.610Z 4b78c29a-a348-4415-bf7b-533bb4cc0734 INFO method: GET, endpoint: https://xxxxxxxxxxxx.mrap.accesspoint.s3-global.amazonaws.com/favicon.ico, cfReadOnlyHeaders with X-Amz-Cf-Id: { "X-Amz-Cf-Id": "LTMHFCMnnmxohWwJpJHoUNfWR0_gZtk_9InF14ToRrKjpWtjwDiPlA==" } , service: s3
1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
0
【以下的回答经过翻译处理】 你好,
祝您今天过得愉快!感谢您联系AWS。
我已经查看了提到的支持案例。
我发现当调用“new HttpRequest(method, endpoint, headers)”或“await auth.aws_sign_request(httpRequest,config);”时会返回一个空对象。
请注意,由于问题出现在sigV4a签名代码的位置,我请求您向Github寻求更多有关如何规避此问题的信息。
Relevanter Inhalt
AWS OFFICIALAktualisiert vor 2 Jahren- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor einem Jahr