Skip to content

Latest commit

 

History

History
155 lines (117 loc) · 6.39 KB

File metadata and controls

155 lines (117 loc) · 6.39 KB

AWS Request Signing Interceptor

tests Maven Central

An AWS request signing interceptor for arbitrary HTTP requests. It supports both Apache HTTP Client and Apache HTTP Client V5.

This library enables you to sign requests to any service that leverages SigV4, and thus access any AWS Service or APIG-backed service, including Amazon managed OpenSearch and OpenSearch Serverless.

This library is based on AWS Interceptor, but using AWS SDK 2.x.

Usage

Add io.github.acm19.aws-request-signing-apache-interceptor as a dependency.

<dependency>
  <groupId>io.github.acm19</groupId>
  <artifactId>aws-request-signing-apache-interceptor</artifactId>
  <version>3.0.0</version>
</dependency>

Apache HTTP Client

To sign requests made with pre-5 versions of the clients the following interceptor should be used io.github.acm19.aws.interceptor.http.AwsRequestSigningApacheInterceptor.

import java.io.IOException;
import org.apache.http.HttpRequestInterceptor;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import io.github.acm19.aws.interceptor.http.AwsRequestSigningApacheInterceptor;
import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider;
import software.amazon.awssdk.http.auth.aws.signer.AwsV4HttpSigner;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.utils.IoUtils;

final class Example {
    public static void main(String[] args) throws ClientProtocolException, IOException {
        HttpRequestInterceptor interceptor = new AwsRequestSigningApacheInterceptor(
                "service",
                AwsV4HttpSigner.create(),
                DefaultCredentialsProvider.create(),
                Region.US_WEST_2
        );

        try (CloseableHttpClient client = HttpClients.custom()
                .addInterceptorLast(interceptor)
                .build()) {
            HttpGet httpGet = new HttpGet("https://...");
            httpClient.execute(request, response -> {
                System.out.println(response.getStatusLine());
                System.out.println(IoUtils.toUtf8String(response.getEntity().getContent()));
            });
        }
    }
}

Apache HTTP Client V5

To sign requests made with version 5 of the client the following interceptor should be used io.github.acm19.aws.interceptor.http.AwsRequestSigningApacheV5Interceptor.

import java.io.IOException;
import io.github.acm19.aws.interceptor.http.AwsRequestSigningApacheV5Interceptor;
import org.apache.hc.client5.http.ClientProtocolException;
import org.apache.hc.client5.http.classic.methods.HttpGet;
import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
import org.apache.hc.client5.http.impl.classic.HttpClients;
import org.apache.hc.core5.http.HttpRequestInterceptor;
import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider;
import software.amazon.awssdk.http.auth.aws.signer.AwsV4HttpSigner;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.utils.IoUtils;

final class Example {
    public static void main(String[] args) throws ClientProtocolException, IOException {
        HttpRequestInterceptor interceptor = new AwsRequestSigningApacheV5Interceptor(
                "service",
                AwsV4HttpSigner.create(),
                DefaultCredentialsProvider.create(),
                Region.US_WEST_2
        );

        try (CloseableHttpClient client = HttpClients.custom()
                .addRequestInterceptorLast(interceptor)
                .build()) {
            HttpGet httpGet = new HttpGet("https://...");
            httpClient.execute(request, response -> {
                System.out.println(response.getCode());
                System.out.println(IoUtils.toUtf8String(response.getEntity().getContent()));
            });
        }
    }
}

Examples

Apache HTTP Client

To run the Amazon OpenSearch Sample pass the values of endpoint and region into exec.args.

export AWS_ACCESS_KEY_ID=
export AWS_SECRET_ACCESS_KEY=
export AWS_SESSION_TOKEN=

mvn test-compile exec:java -Dexec.classpathScope=test -Dexec.mainClass="io.github.acm19.aws.interceptor.test.AmazonOpenSearchServiceSample" -Dexec.args="--endpoint=https://...us-west-2.es.amazonaws.com --region=us-west-2 --service=es"

Alternatively use make as follows:

ENDPOINT=<your-endpoint> SERVICE=es REGION=<your-region> SERVICE=es make run_sample

See examples for more valid requests.

Apache HTTP Client V5

To run the Amazon OpenSearch Sample pass the values of endpoint and region into exec.args.

export AWS_ACCESS_KEY_ID=
export AWS_SECRET_ACCESS_KEY=
export AWS_SESSION_TOKEN=

mvn test-compile exec:java -Dexec.classpathScope=test -Dexec.mainClass="io.github.acm19.aws.interceptorv5.test.AmazonOpenSearchServiceSample" -Dexec.args="--endpoint=https://...us-west-2.aoss.amazonaws.com --region=us-west-2 --service=aoss"

Alternatively use make as follows:

ENDPOINT=<your-endpoint> REGION=<your-region> SERVICE=aoss make run_v5_sample

See examples for more valid requests.

Contributing

You're encouraged to contribute to this project. See CONTRIBUTING for details.

Copyright

Copyright Amazon.com, Inc. or its affiliates, and Project Contributors. See NOTICE for details.

License

This library is licensed under the Apache 2.0 License.