Need help with @aws-sdk/cloudfront-signer library in javascript v3
0
Been stuck on this forever. essentially, configured a lambda@edge to be triggered on Viewer-request to sign the cf url headed for an s3 origin with bucket owner enforced, bucket policy governed non-public object permissions to the cf distribution through a trusted keygroup signing oac. The signed url keeps giving "Missing key-pair-id" error when of course I can see the url is being signed with it alright. Funnily enough the same keys/url etc when signed from the cli generates a signed url that works fine, making me wonder about this particular library especially from a verification of the signature standpoint.
The cloudfront-signer library generated signed url that produces missing key pair id:
https://dddddddddddd.cloudfront.net/index.html?Expires=1767225600&Key-Pair-Id=PUBLICKEYID&Signature=uLRewXnreAJtbin7KtwM6AFKUCeTrI0fh2vhOdAO09gNco0foVAUYbaB7sn3tdeP9oFqEBDRd2DiZ0vYACVExdBSNrPPc1tAnTcQdx01DAg3qxsuLjCBlSr8mhvvv0JR90iuvqLpSBQ6Al2hNnKm4sJA-CHNOHOdcz9QWsRbNTD6EhWbX-dBzfQlfNrW8ZYoWLGrOZVqp~-goWKFkLWlggxPXZ9ScNPfNh3VIU2j2HOAQNiwOy-DY92m0p-ctpKp576M4I9JTE61s9uMywmEgeqO-XxSW--jxMw1eSYlxk6KO8rCKbAMnAv7SM~KTsUfvMItOP8-M4CNdJZ7Mg__