个人中心
gpt4 book ai didi

amazon-web-services - 在Lambda中手动签名AppSync URL会导致严重的签名错误

转载 作者:行者123 更新时间:2023-12-04 00:14:34 25 4
gpt4 key购买 nike

在Lambda中,我想用AppSync标记我的aws-signature-v4端点,以便将其用于突变。

生成的URL似乎可以,但是尝试时会出现以下错误:

{
"errors" : [ {
"errorType" : "InvalidSignatureException",
"message" : "The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details. etc...
} ]
}


这是我的lambda函数

import { Context, Callback } from 'aws-lambda';
import { GraphQLClient } from 'graphql-request';

const v4 = require('aws-signature-v4');

export async function handle(event: any, context: Context, callback: Callback) {
  context.callbackWaitsForEmptyEventLoop = false;

  const url = v4.createPresignedURL(
    'POST',
    'xxxxxxxxxxxxxxxxx.appsync-api.eu-west-1.amazonaws.com',
    '/graphql',
    'appsync',
    'UNSIGNED-PAYLOAD',
    {
      key: 'yyyyyyyyyyyyyyyyyyyy',
      secret: 'zzzzzzzzzzzzzzzzzzzzz',
      region: 'eu-west-1'
    }
  );

  const mutation = `{
    FAKEviewProduct(title: "Inception") {
      productId
    }
  }`;

  const client = new GraphQLClient(url, {
    headers: {
      'Content-Type': 'application/graphql',
      action: 'GetDataSource',
      version: '2017-07-25'
    }
  });

  try {
    await client.request(mutation, { productId: 'jfsjfksldjfsdkjfsl' });
  } catch (err) {
    console.log(err);
    callback(Error());
  }

  callback(null, {});
}




我通过创建一个新用户并 keysecret操作来获得 Allowingappsync:GraphQL

我究竟做错了什么?

最佳答案

这就是我通过使用axios进行简单的HTTP请求来触发AppSync突变的方式。

const AWS = require('aws-sdk');
const axios = require('axios');

exports.handler = async (event) => {    
    let result.data = await updateDb(event);

    return result.data;
};

function updateDb({ owner, thingName, key }){
    let req = new AWS.HttpRequest('https://xxxxxxxxxxx.appsync-api.eu-central-1.amazonaws.com/graphql', 'eu-central-1');
    req.method = 'POST';
    req.headers.host = 'xxxxxxxxxxx.appsync-api.eu-central-1.amazonaws.com';
    req.headers['Content-Type'] = 'multipart/form-data';
    req.body = JSON.stringify({
        "query":"mutation ($input: UpdateUsersCamsInput!) { updateUsersCams(input: $input){ latestImage uid name } }",
        "variables": {
            "input": {
                "uid": owner,
                "name": thingName,
                "latestImage": key
            }
        }
    });

    let signer = new AWS.Signers.V4(req, 'appsync', true);
    signer.addAuthorization(AWS.config.credentials, AWS.util.date.getDate());

    return axios({
        method: 'post',
        url: 'https://xxxxxxxxxxx.appsync-api.eu-central-1.amazonaws.com/graphql',
        data: req.body,
        headers: req.headers
    });
}


确保为您的Lambda函数以 appsync:GraphQL的权限运行给IAM角色。

关于amazon-web-services - 在Lambda中手动签名AppSync URL会导致严重的签名错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/50957895/

25 4 0
文章推荐: amazon-web-services - AWS lambda : No module named 'cfnresponse'
文章推荐: amazon-web-services - 如何在运行Windows的ElasticBeanstalk环境中启用CloudWatchLogs?
文章推荐: amazon-web-services - AWS Lambda 链接最佳实践
文章推荐: wolfram-mathematica - 从 Palette 操作获取包时出现阴影问题
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com