Fre*_*wal 7 javascript amazon-web-services elasticsearch postman aws-elasticsearch
我正在尝试使用AWS4签名方法将数据发布到AWS管理的Elasticsearch.我想通过postman pre-script实现这一目标.我尝试使用下面的脚本,它完美地用于弹性搜索的GET操作,但它不适用于POST或PUT或DELETE操作并继续给我一个错误消息,签名与POST操作不匹配.有人可以帮助我修复邮差中的前脚本吗?
var date = new Date().toISOString();
var amzdate = date.replace(/[:\-]|\.\d{3}/g, "");
var dateStamp = amzdate.slice(0, -8);
pm.environment.set('authorization', getAuthHeader(request.method, request.url, request.data));
pm.environment.set('xAmzDate', amzdate);
function getPath(url) {
var pathRegex = /.+?\:\/\/.+?(\/.+?)(?:#|\?|$)/;
var result = url.match(pathRegex);
return result && result.length > 1 ? result[1] : '';
}
function getQueryString(url) {
var arrSplit = url.split('?');
return arrSplit.length > 1 ? url.substring(url.indexOf('?') + 1) : '';
}
function getSignatureKey(secretKey, dateStamp, regionName, serviceName) {
var kDate = sign("AWS4" + secretKey, dateStamp);
var kRegion = sign(kDate, regionName);
var kService = sign(kRegion, serviceName);
var kSigning = sign(kService, "aws4_request");
return kSigning;
}
function sign(key, message) {
return CryptoJS.HmacSHA256(message, key);
}
function getAuthHeader(httpMethod, requestUrl, requestBody) {
var ACCESS_KEY = pm.globals.get("access_key");
var SECRET_KEY = pm.globals.get("secret_key");
var REGION = 'us-east-1';
var SERVICE = 'es';
var ALGORITHM = 'AWS4-HMAC-SHA256';
var canonicalUri = getPath(requestUrl);
var canonicalQueryString = getQueryString(requestUrl);
if (httpMethod == 'GET' || !requestBody) {
requestBody = '';
} else {
requestBody = JSON.stringify(requestBody);
}
var hashedPayload = CryptoJS.enc.Hex.stringify(CryptoJS.SHA256(requestBody));
var canonicalHeaders = 'host:' + pm.environment.get("ESHost") + '\n' + 'x-amz-date:' + amzdate + '\n';
var signedHeaders = 'host;x-amz-date';
var canonicalRequestData = [httpMethod, canonicalUri, canonicalQueryString, canonicalHeaders, signedHeaders, hashedPayload].join("\n");
var hashedRequestData = CryptoJS.enc.Hex.stringify(CryptoJS.SHA256(canonicalRequestData));
var credentialScope = dateStamp + '/' + REGION + '/' + SERVICE + '/' + 'aws4_request';
var stringToSign = ALGORITHM + '\n' + amzdate + '\n' + credentialScope + '\n' + hashedRequestData;
var signingKey = getSignatureKey(SECRET_KEY, dateStamp, REGION, SERVICE);
var signature = CryptoJS.HmacSHA256(stringToSign, signingKey).toString(CryptoJS.enc.Hex);
var authHeader = ALGORITHM + ' ' + 'Credential=' + ACCESS_KEY + '/' + credentialScope + ', ' + 'SignedHeaders=' + signedHeaders + ', ' + 'Signature=' + signature;
return authHeader;
}OP 中的代码几乎是准确的,只是有一些错误
path=''
1) 当2) 检查 request.data 是否为空对象时,getPath 应该返回“/” requestBody = ''
3) 不需要做JSON.stringify(request.data),因为 request.data 返回一个 json 字符串
固定片段如下:
var date = new Date().toISOString();
var amzdate = date.replace(/[:\-]|\.\d{3}/g, "");
var dateStamp = amzdate.slice(0, -8);
pm.environment.set('authorization', getAuthHeader(request.method, request.url, request.data));
pm.environment.set('xAmzDate', amzdate);
function getPath(url) {
var pathRegex = /.+?\:\/\/.+?(\/.+?)(?:#|\?|$)/;
var result = url.match(pathRegex);
return result && result.length > 1 ? result[1] : '/';
}
function getQueryString(url) {
var arrSplit = url.split('?');
return arrSplit.length > 1 ? url.substring(url.indexOf('?') + 1) : '';
}
function getSignatureKey(secretKey, dateStamp, regionName, serviceName) {
var kDate = sign("AWS4" + secretKey, dateStamp);
var kRegion = sign(kDate, regionName);
var kService = sign(kRegion, serviceName);
var kSigning = sign(kService, "aws4_request");
return kSigning;
}
function sign(key, message) {
return CryptoJS.HmacSHA256(message, key);
}
function getAuthHeader(httpMethod, requestUrl, requestBody) {
var ACCESS_KEY = pm.globals.get("access_key");
var SECRET_KEY = pm.globals.get("secret_key");
var REGION = 'us-east-1';
var SERVICE = 'es';
var ALGORITHM = 'AWS4-HMAC-SHA256';
var canonicalUri = getPath(requestUrl);
var canonicalQueryString = getQueryString(requestUrl);
if (httpMethod == 'GET' || !requestBody || Object.keys(requestBody).length === 0) {
requestBody = '';
}
var hashedPayload = CryptoJS.enc.Hex.stringify(CryptoJS.SHA256(requestBody));
var canonicalHeaders = 'host:' + pm.environment.get("ESHost") + '\n' + 'x-amz-date:' + amzdate + '\n';
var signedHeaders = 'host;x-amz-date';
var canonicalRequestData = [httpMethod, canonicalUri, canonicalQueryString, canonicalHeaders, signedHeaders, hashedPayload].join("\n");
var hashedRequestData = CryptoJS.enc.Hex.stringify(CryptoJS.SHA256(canonicalRequestData));
var credentialScope = dateStamp + '/' + REGION + '/' + SERVICE + '/' + 'aws4_request';
var stringToSign = ALGORITHM + '\n' + amzdate + '\n' + credentialScope + '\n' + hashedRequestData;
var signingKey = getSignatureKey(SECRET_KEY, dateStamp, REGION, SERVICE);
var signature = CryptoJS.HmacSHA256(stringToSign, signingKey).toString(CryptoJS.enc.Hex);
var authHeader = ALGORITHM + ' ' + 'Credential=' + ACCESS_KEY + '/' + credentialScope + ', ' + 'SignedHeaders=' + signedHeaders + ', ' + 'Signature=' + signature;
return authHeader;
}
| 归档时间: |
|
| 查看次数: |
370 次 |
| 最近记录: |