So I’ve created the java algorithm for AWS signature creation, following the guidelines of AWS >https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html
The algorithm is available on my github >https://github.com/marcodag/aws_signature_creation/blob/main/SignatureCreation.java
These are the steps that I take:
- retrieve secret key, access key and token from AWS account
- create call on Postman (for Linux) v8.12.5, by using AWS Signature auth
- the call goes OK.
- I retrieve the signature that it created and the X-AMZ-DATE used
- I run my java algorithm and check if the signature is the same as postman produced
- they’re the same.
So a colleague tries the same steps, but with latest postman version (9+). Postman call goes OK, but it generates a different signature from the java one. Also, he created a js algorithm based on the java one and the js and java make the same signature. Just, my postman matches the signature, his not.
The number and type of headers generated are the same.
What could be the problem?
Advertisement
Answer
SOLVED
Well, my postman was calling an url like
https://s3.eu-west-1.amazonaws.com/a_bucket/a_key
with the dot between s3 and eu. And my colleague was calling
https://s3-eu-west-1.amazonaws.com/a_bucket/a_key
with the dash between s3 and eu. AWS is accepting both. Of course the host is used to create the signature, hence the differences.