在Java中使用访问和密钥调用AWS API网关
我正在尝试使用Java调用具有访问权限和密钥的AWSAPI网关端点。使用邮递员可以很好地工作。下面是我的邮递员输入在Java中使用访问和密钥调用AWS API网关,java,amazon-web-services,api,aws-api-gateway,Java,Amazon Web Services,Api,Aws Api Gateway,我正在尝试使用Java调用具有访问权限和密钥的AWSAPI网关端点。使用邮递员可以很好地工作。下面是我的邮递员输入 GET Url - https://example.com/testing Authorization: Type - AWS Signature AccessKey - xxxxxxxxxxxx SecretKey - yyyyyyyyyyyy AWS Region - us-east-1 Service Name - execute-api 在使用Java调用时,由于出现禁止
GET
Url - https://example.com/testing
Authorization:
Type - AWS Signature
AccessKey - xxxxxxxxxxxx
SecretKey - yyyyyyyyyyyy
AWS Region - us-east-1
Service Name - execute-api
在使用Java调用时,由于出现禁止的错误消息而失败。不知道问题出在哪里。我知道这与授权有关。我看过AWS文件,但不清楚。谢谢你的帮助
这是代码
import java.util.Date;
import java.text.SimpleDateFormat;
import java.util.List;
import java.net.*;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import java.io.*;
public class InvokeApi {
static byte[] HmacSHA256(String data, byte[] key) throws Exception {
String algorithm = "HmacSHA256";
Mac mac = Mac.getInstance(algorithm);
mac.init(new SecretKeySpec(key, algorithm));
return mac.doFinal(data.getBytes("UTF-8"));
}
static byte[] getSignatureKey(String key, String dateStamp, String regionName, String serviceName)
throws Exception {
byte[] kSecret = ("AWS4" + key).getBytes("UTF-8");
byte[] kDate = HmacSHA256(dateStamp, kSecret);
byte[] kRegion = HmacSHA256(regionName, kDate);
byte[] kService = HmacSHA256(serviceName, kRegion);
byte[] kSigning = HmacSHA256("aws4_request", kService);
return kSigning;
}
public static void main(String[] args) {
String newurl = "https://example.com/testing";
String key = "yyyyyyyyyyyy";
String dateStamp = "2020-11-04 12:28:12+00:00";
String regionName = "us-east-1";
String serviceName = "execute-api";
String awsAccessKeyID = "xxxxxxxxxxxx";
String completeResponse = "";
URL url;
try {
url = new URL(newurl);
HttpURLConnection conn = (HttpURLConnection) url.openConnection();
conn.setRequestMethod("GET");
conn.setRequestProperty("Accept", "*/*");
byte getSignatureKey[] = getSignatureKey(key, dateStamp, regionName, serviceName);
conn.setRequestProperty("Authorization", "AWS " + awsAccessKeyID + ":" + getSignatureKey);
if (conn.getResponseCode() == 200) {
InputStreamReader inputStream = new InputStreamReader(conn.getInputStream());
BufferedReader br = new BufferedReader(inputStream);
String output;
while ((output = br.readLine()) != null) {
completeResponse += output;
}
System.out.println("completeResponse :" + completeResponse);
br.close();
inputStream.close();
if (conn != null) {
conn.disconnect();
}
} else {
System.out.println("Eror code : " + conn.getResponseMessage());
}
} catch (MalformedURLException e) {
e.printStackTrace();
System.out.println("Exception 1 : " + e);
} catch (IOException e) {
e.printStackTrace();
System.out.println("Exception 2 : " + e);
} catch (Exception e) {
e.printStackTrace();
System.out.println("Exception 3 : " + e);
}
}
}
为什么不直接使用aws sdk呢?我已经尝试过了,但是没有成功。如果有一个好的例子,我将不胜感激。aws文档非常好。在源代码中放置秘密也是一种非常糟糕的做法。您应该使用aws cli和安装配置文件。谢谢,让我看一下文档。是的,我使用个人资料,这里只是为了清楚。