Skip to content

acm19/aws-request-signing-apache-interceptor

BranchesTags

Repository files navigation

AWS Request Signing Interceptor

tests Maven Central

An AWS request signing interceptor for arbitrary HTTP requests. It supports both Apache HTTP Client and Apache HTTP Client V5.

This library enables you to sign requests to any service that leverages SigV4, and thus access any AWS Service or APIG-backed service, including Amazon managed OpenSearch and OpenSearch Serverless.

This library is based on AWS Interceptor, but using AWS SDK 2.x.

Usage

Add io.github.acm19.aws-request-signing-apache-interceptor as a dependency.

<dependency>
  <groupId>io.github.acm19</groupId>
  <artifactId>aws-request-signing-apache-interceptor</artifactId>
  <version>3.0.0</version>
</dependency>

Apache HTTP Client

To sign requests made with pre-5 versions of the clients the following interceptor should be used io.github.acm19.aws.interceptor.http.AwsRequestSigningApacheInterceptor.

import java.io.IOException;
import org.apache.http.HttpRequestInterceptor;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import io.github.acm19.aws.interceptor.http.AwsRequestSigningApacheInterceptor;
import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider;
import software.amazon.awssdk.http.auth.aws.signer.AwsV4HttpSigner;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.utils.IoUtils;

final class Example {
    public static void main(String[] args) throws ClientProtocolException, IOException {
        HttpRequestInterceptor interceptor = new AwsRequestSigningApacheInterceptor(
                "service",
                AwsV4HttpSigner.create(),
                DefaultCredentialsProvider.create(),
                Region.US_WEST_2
        );

        try (CloseableHttpClient client = HttpClients.custom()
                .addInterceptorLast(interceptor)
                .build()) {
            HttpGet httpGet = new HttpGet("https://...");
            httpClient.execute(request, response -> {
                System.out.println(response.getStatusLine());
                System.out.println(IoUtils.toUtf8String(response.getEntity().getContent()));
            });
        }
    }
}

Apache HTTP Client V5

To sign requests made with version 5 of the client the following interceptor should be used io.github.acm19.aws.interceptor.http.AwsRequestSigningApacheV5Interceptor.

import java.io.IOException;
import io.github.acm19.aws.interceptor.http.AwsRequestSigningApacheV5Interceptor;
import org.apache.hc.client5.http.ClientProtocolException;
import org.apache.hc.client5.http.classic.methods.HttpGet;
import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
import org.apache.hc.client5.http.impl.classic.HttpClients;
import org.apache.hc.core5.http.HttpRequestInterceptor;
import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider;
import software.amazon.awssdk.http.auth.aws.signer.AwsV4HttpSigner;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.utils.IoUtils;

final class Example {
    public static void main(String[] args) throws ClientProtocolException, IOException {
        HttpRequestInterceptor interceptor = new AwsRequestSigningApacheV5Interceptor(
                "service",
                AwsV4HttpSigner.create(),
                DefaultCredentialsProvider.create(),
                Region.US_WEST_2
        );

        try (CloseableHttpClient client = HttpClients.custom()
                .addRequestInterceptorLast(interceptor)
                .build()) {
            HttpGet httpGet = new HttpGet("https://...");
            httpClient.execute(request, response -> {
                System.out.println(response.getCode());
                System.out.println(IoUtils.toUtf8String(response.getEntity().getContent()));
            });
        }
    }
}

Examples

Apache HTTP Client

To run the Amazon OpenSearch Sample pass the values of endpoint and region into exec.args.

export AWS_ACCESS_KEY_ID=
export AWS_SECRET_ACCESS_KEY=
export AWS_SESSION_TOKEN=

mvn test-compile exec:java -Dexec.classpathScope=test -Dexec.mainClass="io.github.acm19.aws.interceptor.test.AmazonOpenSearchServiceSample" -Dexec.args="--endpoint=https://...us-west-2.es.amazonaws.com --region=us-west-2 --service=es"

Alternatively use make as follows:

ENDPOINT=<your-endpoint> SERVICE=es REGION=<your-region> SERVICE=es make run_sample

See examples for more valid requests.

Apache HTTP Client V5

To run the Amazon OpenSearch Sample pass the values of endpoint and region into exec.args.

export AWS_ACCESS_KEY_ID=
export AWS_SECRET_ACCESS_KEY=
export AWS_SESSION_TOKEN=

mvn test-compile exec:java -Dexec.classpathScope=test -Dexec.mainClass="io.github.acm19.aws.interceptorv5.test.AmazonOpenSearchServiceSample" -Dexec.args="--endpoint=https://...us-west-2.aoss.amazonaws.com --region=us-west-2 --service=aoss"

Alternatively use make as follows:

ENDPOINT=<your-endpoint> REGION=<your-region> SERVICE=aoss make run_v5_sample

See examples for more valid requests.

Contributing

You're encouraged to contribute to this project. See CONTRIBUTING for details.

Copyright

Copyright Amazon.com, Inc. or its affiliates, and Project Contributors. See NOTICE for details.

License

This library is licensed under the Apache 2.0 License.

About

acm19.github.io/aws-request-signing-apache-interceptor/

Topics

java aws opensearch

Resources

Readme

License

Apache-2.0 license
Activity

Stars

18 stars

Watchers

3 watching

Forks

7 forks
Report repository

Releases 6

3.0.0 Latest
Sep 29, 2024
+ 5 releases

Packages

 
 
 

Contributors 10

Languages