Localstack抛出请求中包含的安全令牌无效
我使用Localstack和Test容器((test容器: localstack: 1.15.2))进行集成测试,并在测试设置中设置秘密,如下所示:代码示例
import com.amazonaws.services.secretsmanager.AWSSecretsManager;
import com.amazonaws.services.secretsmanager.AWSSecretsManagerClientBuilder;
import com.amazonaws.services.secretsmanager.model.CreateSecretRequest;
import org.junit.Rule;
import org.junit.Test;
import org.testcontainers.containers.localstack.LocalStackContainer;
import org.testcontainers.utility.DockerImageName;
import static org.testcontainers.containers.localstack.LocalStackContainer.Service.SECRETSMANAGER;
public class QueueServiceTest {
DockerImageName localstackImage = DockerImageName.parse("localstack/localstack:0.11.3");
@Rule
public LocalStackContainer localstack = new LocalStackContainer(localstackImage)
.withServices(SECRETSMANAGER).withEnv("LOCALSTACK_HOSTNAME", "localhost").withEnv("HOSTNAME", "localhost");
@Test
public void someTestMethod() {
AWSSecretsManager secretsManager = AWSSecretsManagerClientBuilder.standard()
.withCredentials(localstack.getDefaultCredentialsProvider()).withRegion(localstack.getRegion())
.build();
String secretString = "usrnme";
CreateSecretRequest request = new CreateSecretRequest().withName("test")
.withSecretString(secretString)
.withRequestCredentialsProvider(localstack.getDefaultCredentialsProvider());
secretsManager.createSecret(request);
}
}
现在,测试因错误而崩溃:
com.amazonaws.services.secretsmanager.model.AWSSecretsManagerException:请求中包含的安全令牌无效。(服务:AWSSecuresManager;状态代码:400;错误码:未识别客户端异常;请求ID:314b0dee-69ed-4b08-9cd0-2618b8e14b25;代理:null)
AmazonHttpClient.java:744$com.amazonaws.http.AmazonHttpClient(RequestExecutor.access)AmazonHttpClient.java:704$com.amazonaws.http.AmazonHttpClient(RequestExecutionBuilderImpl.execute)AmazonHttpClient.java:686$com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:550)com.amazonaws.http.AmazonHttpClient.execute$AmazonHttpClient.java:530(com.amazonaws.services.secretsmanager.AWSSecretsManagerClient.doInvoke)AWSSecretsManagerClient.java:2625$RequestExecutor.doExecute(AmazonHttpClient.java:802)com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:770)com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(com.amazonaws.http.AmazonHttpClient)RequestExecutor.handleErrorResponse$AmazonHttpClient.java:1819500美元(com.amazonaws.http.AmazonHttpClient)RequestExecutor.handleServiceErrorResponse$AmazonHttpClient.java:1403(com.amazonaws.http.AmazonHttpClient)RequestExecutor.executeOneRequest(AmazonHttpClient.java:1372)com.amazonaws.http.AmazonHttpClient(RequestExecutor.executeHelper)AmazonHttpClient.java:1145(com.amazonaws.http.AmazonHttpClient)
我想我遗漏了一些参数,有人能帮我弄清楚吗?
共有1个答案
缺少 AWSSecretsManagerClientBuilder 的终端节点配置。现在,您的客户以真实的 AWS 终端节点为目标,例如:https://secretsmanager.us-east-1.amazonaws.com:443
public class LocalStackSecretsManagerTest {
DockerImageName localstackImage = DockerImageName.parse("localstack/localstack:0.11.3");
@Rule
public LocalStackContainer localstack = new LocalStackContainer(localstackImage)
.withServices(SECRETSMANAGER)
.withEnv("LOCALSTACK_HOSTNAME", "localhost")
.withEnv("HOSTNAME", "localhost");
@Test
void someTestMethod() {
AWSSecretsManager secretsManager = AWSSecretsManagerClientBuilder.standard()
.withCredentials(localstack.getDefaultCredentialsProvider())
.withEndpointConfiguration(localstack.getEndpointConfiguration(SECRETSMANAGER)) // this is the important line
.build();
String secretString = "usrnme";
CreateSecretRequest request = new CreateSecretRequest()
.withName("test")
.withSecretString(secretString);
secretsManager.createSecret(request);
}
}
指定endpoint时,可以删除区域配置。
附加的<代码>。withRequestCredentialsProvider(local stack . getdefaultcredentialsprovider());< code>CreateSecretRequest 上的是多余的,仅当您希望根据< code>CreateSecretRequest 重写凭据提供程序时才需要。
-
我是新来的AWS和我试图执行CRUD操作本地DynamoDB从一个Java程序。Java程序是一个AWS示例。 我安装了AWS CLI并设置了以下配置-根据AWS文档,我不需要本地DynamoDB的真正AWS访问和密钥。 我在~/中设置了以下值。aws/config和~/。通过在aws CLI中运行aws configure获得aws/credentials。 我有本地DYnamoDB JAR与此
-
该文件存储在脚本中,位于AWS S3中。
-
我试图使用aws sam在本地调用lambda函数进行测试。该函数从Dynamodb表中读取一个项。我已经旋转了一个本地Dynamodb容器,在那里创建了所需的表。 运行下面的命令来创建一个本地Dynamodb容器。 docker网络创建lambda本地 然后使用下面的命令,我能够验证所有的工作都很好,就本地dynamodb而言。 超文本传输协议://localhsot: 8000 但是,当我尝试
-
概述 我将使用API网关作为基于Spring Security性的身份验证。我刚刚按照https://spring.io/guides/tutorials/spring-security-and-angular-js/链接中的步骤创建了一个基于其对应的github项目的“对双”模块的项目https://github.com/spring-guides/tut-spring-security-and
-
Im使用Spring-Security和JWT库生成令牌。当用户通过身份验证时,我得到授权令牌作为响应: 在所有教程中,我都看到作者在使用POSTMAN发送GET请求时将此令牌粘贴在授权标头中,但没有教程说明它如何在实际请求中工作。尽管在我的邮递员中,当我粘贴标题时,它是有效的,我得到了200个OK。 我想知道如何在真正的代码中包含这个标题? 编辑 这是我的前端请求。在这个调用之后,我得到带有授权
-
免责声明 - 我在stackoverflow上看了很多类似的问题。 我有一个后端正在运行”https://api.website.com“和一个运行在上的前端”https://admin.website.com“后端的CORS策略设置如下: 在对“https://api.website.com”执行GET请求后,前端成功接收为域“api.website.com”设置的XSRF-TOKEN cook