发表新帖
发表新帖

Missing Authentication Token while accessing API Gateway?

前端 未结
关注
18 1314
既然无缘
既然无缘 2020-12-08 12:51

I am trying to call a Lambda Function through AWS API Gateway. When I mention Authentication type NONE it works fine but API become public and anyone with url can access my

相关标签:
18条回答
  • 野趣味
    2020-12-08 13:06

    I've lost some time for a silly reason:

    When you create a stage, the link displayed does not contain the resource part of the URL:

    API URL: https://1111.execute-api.us-east-1.amazonaws.com/dev

    API + RESOURCE URL https://1111.execute-api.us-east-1.amazonaws.com/dev/get-list

    The /get-list was missing

    And of course, you need to check that the method configuration looks like this:

    0 讨论(0)
  • 死守一世寂寞
    2020-12-08 13:06

    Found this in the docs:

    If the AWS_IAM authorization were used, you would sign the request using the Signature Version 4 protocols.

    Signing request with Signature Version 4

    You can also generate an SDK for your API.

    How to generate an SDK for an API in API Gateway

    Once you've generated the SDK for the platform of your choice, step 6 mentions that if you're using AWS credentials, the request to the API will be signed:

    1. To initialize the API Gateway-generated SDK with AWS credentials, use code similar to the following. If you use AWS credentials, all requests to the API will be signed. This means you must set the appropriate CORS Accept headers for each request:

      var apigClient = apigClientFactory.newClient({
  accessKey: 'ACCESS_KEY',
  secretKey: 'SECRET_KEY',
});
    0 讨论(0)
  • 梦毁少年i
    2020-12-08 13:10

    For the record, if you wouldn't be using credentials, this error also shows when you are setting the request validator in your POST/PUT method to "validate body, query string parameters and HEADERS", or the other option "validate query string parameters and HEADERS"....in that case it will look for the credentials on the header and reject the request. To sum it up, if you don't intend to send credentials and want to keep it open you should not set that option in request validator(set it to either NONE or to validate body)

    0 讨论(0)
  • 南方客
    2020-12-08 13:12

    In my case it was quite a stupid thing. I've get used that new entities are created using POST and it was failing with "Missing Authentication Token". I've missed that for some reason it was defined as PUT which is working fine.

    0 讨论(0)
  • 面向向阳花
    2020-12-08 13:13

    If you set up an IAM role for your server that has the AmazonAPIGatewayInvokeFullAccess permission, you still need to pass headers on each request. You can do this in python with the aws-requests-auth library like so:

    import requests
from aws_requests_auth.boto_utils import BotoAWSRequestsAuth
auth = BotoAWSRequestsAuth(
    aws_host="API_ID.execute-api.us-east-1.amazonaws.com",
    aws_region="us-east-1",
    aws_service="execute-api"
)
response = requests.get("https://API_ID.execute-api.us-east-1.amazonaws.com/STAGE/RESOURCE", auth=auth)
    0 讨论(0)
  • 醉话见心
    2020-12-08 13:16

    I had the same problem which I solved the following way:

    GET Method test

    https://54wtstq8d2.execute-api.ap-southeast-2.amazonaws.com/dev/echo/hello

    Authorization tab -> 
•   select type(AWS signature)
•   Add AccessKey and SecretKey
    0 讨论(0)
 看不清?
提交回复
热议问题