You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I use Aws4Signer for signing API-Gateway-Request, but since it's deprecated I wanted to use AwsV4HttpSigner instead. I tried to replace it, but the Requests don't work anymore, I get a "403 Forbidden" response.
After having a look at the generated headers I found out that the problem seems to be the "x-amz-content-sha256"-Header that is created by AwsV4HttpSigner (and used for the signature) but not by the deprecated Aws4Signer. Without the header the request work, with the header it doesn't.
I also tried to prevent the payload signing by using .putProperty(AwsV4FamilyHttpSigner.PAYLOAD_SIGNING_ENABLED, Boolean.FALSE) but this only results in a x-amz-content-sha256: UNSIGNED-PAYLOAD header that the API-Gateway also doesn't seem to like.
Is there a way to prevent AwsV4HttpSigner from adding the x-amz-content-sha256 header?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi,
I use Aws4Signer for signing API-Gateway-Request, but since it's deprecated I wanted to use AwsV4HttpSigner instead. I tried to replace it, but the Requests don't work anymore, I get a "403 Forbidden" response.
After having a look at the generated headers I found out that the problem seems to be the "x-amz-content-sha256"-Header that is created by AwsV4HttpSigner (and used for the signature) but not by the deprecated Aws4Signer. Without the header the request work, with the header it doesn't.
I also tried to prevent the payload signing by using
.putProperty(AwsV4FamilyHttpSigner.PAYLOAD_SIGNING_ENABLED, Boolean.FALSE)but this only results in ax-amz-content-sha256: UNSIGNED-PAYLOADheader that the API-Gateway also doesn't seem to like.Is there a way to prevent AwsV4HttpSigner from adding the x-amz-content-sha256 header?
Beta Was this translation helpful? Give feedback.
All reactions