Request Interceptor for Apache Client that signs the request for AWS

README.md

aws-signing-request-interceptor

Request Interceptor for Apache Client that signs the request for AWS.

Originally created to support AWS' Elasticsearch Service using the Jest client.

Usage

You have to add the AWSSigningRequestInterceptor to the end of the Apache client request chain. Otherwise it won't have visibility of all of the headers being added to the request.

This depends on the AWS core SDK as it relies on an AWSCredentialsProvider to get the key, secret and optional session token. It's advised that you use dependencyManagement to lock in the version of aws-java-sdk-core that works for your project.

private static final String SERVICE = "es";
private static final String REGION = "eu-west-1";
...
final Supplier<LocalDateTime> clock = () -> LocalDateTime.now(ZoneOffset.UTC);
final AWSSigner awsSigner = new AWSSigner(awsCredentialsProvider, REGION, SERVICE, clock);
builder.addInterceptorLast(new AWSSigningRequestInterceptor(awsSigner));

To be able to add the AWSSigningRequestInterceptor to Jest, and thus be able to sign requests to the Elasticsearch Service, you need to override the configureHttpClient method in the JestClientFactory.

final AWSSigningRequestInterceptor requestInterceptor = new AWSSigningRequestInterceptor(awsSigner);
final JestClientFactory factory = new JestClientFactory() {
    @Override
    protected HttpClientBuilder configureHttpClient(HttpClientBuilder builder) {
        builder.addInterceptorLast(requestInterceptor);
        return builder;
    }
    @Override
    protected HttpAsyncClientBuilder configureHttpClient(HttpAsyncClientBuilder builder) {
        builder.addInterceptorLast(requestInterceptor);
        return builder;
    }
};

The project can be found in maven central:

<dependency>
    <groupId>vc.inreach.aws</groupId>
    <artifactId>aws-signing-request-interceptor</artifactId>
    <version>0.0.21</version>
</dependency>

Other Languages

If you're looking for a native Scala version of the AWSSigner then take a look at @ticofab's port: https://github.com/ticofab/aws-request-signer