I have the requirement to invoke an API call via AWS API Gateway. The API request is signed using the Sigv4 algorithm and using Authorization Headers https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html
This has been working perfectly fine until I added to headers which are necessary for my API call. Since, then I get 403 from API Gateway.
The code is in python as below:
def __init__(self, region='my-region'):
self.region = region
self.headers = {
'tracking-id': '96fe5650-271e-4808-85d3-4fcb3ab34967',
'session-id': '96fe5650-271e-4808-85d3-4fcb3ab34967'
}
def sign_url(self, url, credentials, action='execute-api', method='GET'):
""" Signs request with sig4. Doesn't support request bodies
:returns AWS request, prepared with url and signed headers
"""
auth_signer = SigV4Auth(credentials, action, self.region)
request = AWSRequest(method=method, url=url, headers=self.headers())
auth_signer.add_auth(request)
return request.prepare()
def invoke_my_api(self):
signed_prepared_request = self.iam_authorizer.sign_url(target_url,
self.api_credentials.get_frozen_credentials())
self.client.get(my_uri, headers=signed_prepared_request.headers, catch_response=True)
as response:
if response.status_code == 404:
response.success()
Am I adding headers in incorrect method or what could be the problem?
Without headers here:
AWSRequest(method=method, url=url)
works perfectly fine. But adding headers is messing up something!