AWS api 网关在响应正文中返回令牌
[英]AWS api gateway returning token in the response body
问题描述
I noticed something weird when calling my service on a URL like this
在这样的 URL 上调用我的服务时,我发现有些奇怪
GET https://myservice.com//someresource
--header 'Content-Type: application/json' \
--header 'x-api-key:<somekey>' \
--header 'Authorization: Bearer <sometoken>
When I do this, I get a response from AWS gateway that includes in the response body当我这样做时,我会收到来自 AWS 网关的响应,该响应包含在响应正文中
< HTTP/2 403
< content-type: application/json
< content-length: 3222
< x-amzn-requestid: 348fab78-b84d-4af9-88v9-e1e6effc487b
< x-amzn-errortype: IncompleteSignatureException
< x-amz-apigw-id: dgYbMFbhliAFv8w=
<
* Connection #0 to host api-aws-tst.reprisk.com left intact
{"message":"<sometoken>"}
Calling https://myservice.com/someresource , without the extra slash, works ok.调用https://myservice.com/someresource ,没有额外的斜线,工作正常。 I know that // is not a correct path but I would like that the response message reflect the fact that the path is wrong instead of returning my token in a 403 response.我知道 // 不是正确的路径,但我希望响应消息反映路径错误的事实,而不是在 403 响应中返回我的令牌。 Is there any setting to configure this behaviour?是否有任何设置来配置此行为?
1 个解决方案
解决方案1
0 2022-12-22 13:18:48
Is there any setting to configure this behavior?
Yes.是的。 You can set up integration response mappings to modify the responses of API Gateway.您可以设置集成响应映射来修改 API 网关的响应。 In your case you need to have an integration response mapping for HTTP 403.在您的情况下,您需要具有 HTTP 403 的集成响应映射。
These docs explain how the mapping works and how to set them:这些文档解释了映射的工作原理以及如何设置它们:
Set up an integration response in API Gateway 在 API Gateway 中设置集成响应
Use a mapping template to override an API's request and response parameters and status codes 使用映射模板覆盖 API 的请求和响应参数以及状态代码
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.