将AWS Signature Header添加到所有放心的请求中 [英] Add AWS Signature Header to all rest assured requests

问题描述

我正在尝试通过 rest-assured

我可以签署请求并拨打电话.但是要签署请求，我需要将完整的URL传递给AWS以生成Authorization Header.

I'm able to sign the request and make a call. But to sign the request, I need to pass the full url to AWS to generate the Authorization Header.

例如如果我要访问一个端点 https://my-aws-api.com/basepath/v1/request/123

For Ex. If I'm going to access an an endpoint https://my-aws-api.com/basepath/v1/request/123

我需要通过AWSSigner对请求进行签名，该签名需要完整的端点来完成.

I need to sign the request via AWSSigner which needs the full endpoint to do so.

我目前的做法

String baseURI="https://my-aws-api.com";

String basePath="basepath/v1";

String requestPath="request/123";

String endpoint=baseURI+"/"+basePath+"/"+requestPath;

Map<String,String> signedHeaders= aws4sign(endpoint,defaultHeaders);

  given()
                .log().ifValidationFails()
                .headers(signedHeaders)
  .when()
                .get(endpoint)
  .then()
                .log().ifValidationFails()
                .statusCode(200);

如果我这样做了，那么我将无法使用RestAssured的 baseURI ， basePath 和 path params

If I do that , then I cant use RestAssured's baseURI, basePath and path params

我想像访问它

RestAssured.baseURI="https://my-aws-api.com";
RestAssured.basePath="basepath/v1";

given()
                .log().ifValidationFails()
                .pathParam("reqID", "123")
.when()
                .get("request/{reqID}")
.then()
                .log().ifValidationFails()
                .statusCode(200);

AwsSigner

AwsSigner

public static Map<String, String> aws4Sign(String endpoint, Map<String, String> headers) throws URISyntaxException {
        String serviceName = "execute-api";
        AWS4Signer aws4Signer = new AWS4Signer();
        aws4Signer.setRegionName(EU_WEST_1.getName());
        aws4Signer.setServiceName(serviceName);
        DefaultRequest defaultRequest = new DefaultRequest(serviceName);
        URI uri = new URI(endpoint);
        defaultRequest.setEndpoint(new URI(uri.getScheme(), null, uri.getHost(), uri.getPort(), "", "", ""));
        defaultRequest.setHttpMethod(HttpMethodName.GET);
        defaultRequest.setResourcePath(uri.getRawPath());
        defaultRequest.setHeaders(headers);
        aws4Signer.sign(defaultRequest, DefaultAWSCredentialsProviderChain.getInstance().getCredentials());
        return defaultRequest.getHeaders();
    }

所以我的问题有什么办法，我可以在进行调用之前拦截RestAssured的请求，这样我就可以获取完全生成的端点并将aws签名的标头添加到该调用中.

So My question is there any way, I can intercept the RestAssured's request before it makes the call, so that I can get the fully generated end point and add the aws signed header to the call.

推荐答案

感谢@Ashaman.

Thanks to @Ashaman.

我正在寻找过滤器部分为

您可以从请求规范中获取随请求传递的uri和其他标头，然后将其发送到函数以对其进行签名，并删除旧标头并放入新标头.然后转发请求

You can get the uri and other headers that were passed with requests from RequestSpec and then send it to the function to sign them and remove the old headers and put the new headers. Then forward the request

@BeforeAll
public void init() {
    RestAssured.baseURI = "https://my-aws-api.com";
    RestAssured.filters((requestSpec, responseSpec, ctx) -> {
        Map<String, String> headers = requestSpec.getHeaders()
                .asList()
                .stream()
                .collect(Collectors.toMap(Header::getName, Header::getValue));
        Map<String, String> signedHeaders = aws4sign(requestSpec.getURI(), headers);
        requestSpec.removeHeaders();
        requestSpec.headers(signedHeaders);
        return ctx.next(requestSpec, responseSpec);
    });
}

对于测试，我可以正常使用Rest Assured的功能

And for the tests I can use the features of Rest Assured normally

given()
        .log().ifValidationFails()
        .pathParam("reqID", "123")
.when()
        .get("request/{reqID}")
.then()
        .log().ifValidationFails()
        .statusCode(200);

这篇关于将AWS Signature Header添加到所有放心的请求中的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！