首页 文章

如何使用PHP SDK 3从AWS API Gateway访问API

提问于
浏览
1

任何人都可以帮助弄清楚如何使用AWS Signature,AWS Credentials和PHP SDK 3来访问API网关API?似乎AWS Signature实际上并未将标头附加到Guzzle请求 .

这是我的代码:

<?php

require 'vendor/autoload.php';

use Aws\Credentials\Credentials;
use GuzzleHttp\Client;
use GuzzleHttp\Psr7\Request;
use Aws\Signature\SignatureV4;

$access_key = '<access_key>';
$secret_key = '<secret_key>';
$url = 'https://<api-id>.execute-api.us-east-1.amazonaws.com/v1/camel?q=*';
$region = 'us-east-1';

$credentials = new Credentials($access_key, $secret_key);
var_dump($credentials);

$client = new Client();
$request = new Request('GET', $url);
var_dump($request);

$s4 = new SignatureV4("execute-api", $region);
$s4 = new SignatureV4("execute-api", "us-east-1");
$s4->signRequest($request, $credentials);
var_dump($s4);
var_dump($request);

$response = $client->send($request);

而我得到的错误是:

( ! ) Fatal error: Uncaught exception 
'GuzzleHttp\Exception\ClientException' with message ' in 
/path/to/vendor/guzzlehttp/guzzle/src/Exception/RequestException.php on 
line 113

( ! ) GuzzleHttp\Exception\ClientException: Client error: `GET 
https://<api-id>.execute-api.us-east-1.amazonaws.com/v1/camel?q=*` 
resulted in a `403 Forbidden` response: {"message":"Missing 
Authentication Token"} in 
/path/to/vendor/guzzlehttp/guzzle/src/Exception/RequestException.php on 
line 113
Call Stack
#   Time    Memory  Function    Location
1   0.0002  234048  {main}( )   ../access.php:0
2   0.2801  486272  GuzzleHttp\Client->send( )  ../access.php:29
3   0.3787  574224  GuzzleHttp\Promise\Promise->wait( ) ../Client.php:106

access.php的第29行是:

$response = $client->send($request);

var_dumps中没有显示添加任何标头 . 我能够在API网关和邮递员中成功测试此 endpoints . 启用CORS似乎没有什么区别 .

有没人解决过这个问题呢?

这个问题也包含在https://forums.aws.amazon.com/post!reply.jspa?messageID=795522https://forums.aws.amazon.com/thread.jspa?messageID=774631&tstart=0中,但那里没有解决方案 .

php amazon-web-services aws-sdk aws-api-gateway

2 回答

  • 1

    如果您只想从php查询API GW服务,下面的代码应该可以工作

    <?php

 $curl = curl_init();

 curl_setopt_array($curl, array(
  CURLOPT_URL => "https://<endpoint>.execute-api.us-east-1.amazonaws.com/<service>",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "POST",
  CURLOPT_POSTFIELDS => "{}",
  CURLOPT_HTTPHEADER => array(
    "Authorization: AWS4-HMAC-SHA256 Credential=<credentials>/20180705/us-east-1/execute-api/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date, Signature=<signature>",
    "Cache-Control: no-cache",
    "Content-Type: application/json",
  ),
));

 $response = curl_exec($curl);
 $err = curl_error($curl);

 curl_close($curl);

 if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}

?>
    回复于
  • 0

    谢谢,迈克尔,谢谢你的帮助 .

    您必须使用新SignatureV4的返回,这是一个修改后的响应 .

    $s4 = new SignatureV4("execute-api", $region);
$signedrequest = $s4->signRequest($request, $credentials);

$response = $client->send($signedrequest);

echo $response->getBody();
    回复于

相关问题