[英]How to access API from AWS API Gateway with PHP SDK 3
Can anyone help figure out how to use AWS Signature, AWS Credentials and PHP SDK 3 to access an API Gateway API?谁能帮助弄清楚如何使用 AWS Signature、AWS Credentials 和 PHP SDK 3 来访问 API Gateway API? It seems like AWS Signature does not actually attach headers to a Guzzle request.似乎 AWS 签名实际上并未将标头附加到 Guzzle 请求。
Here is my code:这是我的代码:
<?php
require 'vendor/autoload.php';
use Aws\Credentials\Credentials;
use GuzzleHttp\Client;
use GuzzleHttp\Psr7\Request;
use Aws\Signature\SignatureV4;
$access_key = '<access_key>';
$secret_key = '<secret_key>';
$url = 'https://<api-id>.execute-api.us-east-1.amazonaws.com/v1/camel?q=*';
$region = 'us-east-1';
$credentials = new Credentials($access_key, $secret_key);
var_dump($credentials);
$client = new Client();
$request = new Request('GET', $url);
var_dump($request);
$s4 = new SignatureV4("execute-api", $region);
$s4 = new SignatureV4("execute-api", "us-east-1");
$s4->signRequest($request, $credentials);
var_dump($s4);
var_dump($request);
$response = $client->send($request);
And the error I'm getting is:我得到的错误是:
( ! ) Fatal error: Uncaught exception
'GuzzleHttp\Exception\ClientException' with message ' in
/path/to/vendor/guzzlehttp/guzzle/src/Exception/RequestException.php on
line 113
( ! ) GuzzleHttp\Exception\ClientException: Client error: `GET
https://<api-id>.execute-api.us-east-1.amazonaws.com/v1/camel?q=*`
resulted in a `403 Forbidden` response: {"message":"Missing
Authentication Token"} in
/path/to/vendor/guzzlehttp/guzzle/src/Exception/RequestException.php on
line 113
Call Stack
# Time Memory Function Location
1 0.0002 234048 {main}( ) ../access.php:0
2 0.2801 486272 GuzzleHttp\Client->send( ) ../access.php:29
3 0.3787 574224 GuzzleHttp\Promise\Promise->wait( ) ../Client.php:106
Line 29 of access.php is: access.php 的第 29 行是:
$response = $client->send($request);
It doesn't appear from the var_dumps that any headers are being added.从 var_dumps 中看不到正在添加任何标头。 I am able to successfully test this endpoint in the API Gateway and in Postman.我能够在 API Gateway 和 Postman 中成功测试此端点。 Enabling CORS does not appear to make a difference.启用 CORS 似乎没有什么区别。
Has anyone solved this issue yet?有没有人解决过这个问题?
This issue is also covered at https://forums.aws.amazon.com/post!reply.jspa?messageID=795522 and https://forums.aws.amazon.com/thread.jspa?messageID=774631&tstart=0 but there are no solutions there. https://forums.aws.amazon.com/post!reply.jspa?messageID=795522和https://forums.aws.amazon.com/thread.jspa?messageID=774631&tstart=0也涵盖了这个问题,但是那里没有解决方案。
Thanks, Michael, for your help above.谢谢,迈克尔,你在上面的帮助。
You have to use the return from new SignatureV4, which is a modified request.您必须使用 new SignatureV4 的返回值,这是一个修改后的请求。
$s4 = new SignatureV4("execute-api", $region);
$signedrequest = $s4->signRequest($request, $credentials);
$response = $client->send($signedrequest);
echo $response->getBody();
Below code should work if you just want to query API GW services from php如果您只想从 php 查询 API GW 服务,下面的代码应该可以工作
<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "https://<endpoint>.execute-api.us-east-1.amazonaws.com/<service>",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "{}",
CURLOPT_HTTPHEADER => array(
"Authorization: AWS4-HMAC-SHA256 Credential=<credentials>/20180705/us-east-1/execute-api/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date, Signature=<signature>",
"Cache-Control: no-cache",
"Content-Type: application/json",
),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
?>
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.