使用Apache HttpComponents客户端签署AWS HTTP请求 [英] Signing AWS HTTP requests with Apache HttpComponents Client
问题描述
我正在尝试将HTTP请求发送到受IAM保护的 AWS Elasticsearch 域访问策略。我需要签署这些请求才能被AWS授权。
我正在使用 Jest ,后者又使用 Apache HttpComponents客户端。
I'm trying to make HTTP requests to an AWS Elasticsearch domain protected by an IAM access policy. I need to sign these requests for them to be authorized by AWS. I'm using Jest, which in turn use Apache HttpComponents Client.
这似乎是一个常见的用例,我想知道是否有一些类型的库,我可以使用Apache HttpComponents客户端上的所有请求来签名。
This seems to be a common use case and I was wondering if there is out there some kind of library which I can use on top of Apache HttpComponents Client to sign all the requests.
推荐答案
我想我找到了! :)
这个项目似乎完全符合我的要求: aws-signature-request-interceptor ,描述为请求拦截器,用于Apache Client的请求拦截器,用于签署AWS请求。最初创建为使用Jest客户端支持AWS的Elasticsearch服务。
This project seems to do exactly what I want : aws-signing-request-interceptor, described as "Request Interceptor for Apache Client that signs the request for AWS. Originally created to support AWS' Elasticsearch Service using the Jest client.".
编辑:我分支项目以满足我的需要(Java 7,临时STS凭据),它的工作很好。
Edit : I forked the project to fit my needs (Java 7, temporary STS credentials), and it works nicely.
这里是一个使用示例(这里没有STS临时凭据):
Here is an example of usage (here without STS temporary credentials):
String region = "us-east-1";
String service = "es";
String url = "???"; // put the AWS ElasticSearch endpoint here
DefaultAWSCredentialsProviderChain awsCredentialsProvider = new DefaultAWSCredentialsProviderChain();
final AWSSigner awsSigner = new AWSSigner(awsCredentialsProvider, region, service, () -> new LocalDateTime(DateTimeZone.UTC));
JestClientFactory factory = new JestClientFactory() {
@Override
protected HttpClientBuilder configureHttpClient(HttpClientBuilder builder) {
builder.addInterceptorLast(new AWSSigningRequestInterceptor(awsSigner));
return builder;
}
};
factory.setHttpClientConfig(new HttpClientConfig.Builder(url)
.multiThreaded(true)
.build());
JestClient client = factory.getObject();
这篇关于使用Apache HttpComponents客户端签署AWS HTTP请求的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
