DEVHIDE
Login Or Sign up

Using wiremock to proxy/record calls to AWS Cloudfront service

292 Views Asked by At

We have a container-based service running in AWS ECS with the front end hosted by AWS Cloudfront, and authorization handled by AWS Cognito. I'm trying to configure Wiremock to be a proxy for this service so I can record the calls and mappings to later use in unit tests for a client app I'm writing in python.

I'm running the Wiremock server in standalone mode, and have it proxying to calls to the url of our service. However, Cloudfront keeps returning either a 403-Bad Request error or 403-Forbidden error when I connect via Wiremock.

When I use curl, and pass all the correct headers (Content-Type: application/json, Authentication: Bearer ) it works just fine when I use https://myservice.example.com/api/foo. But as soon as I swap out "myservice.example.com" for "localhost:8000", I get the Cloudfront generated errors.

I'm guessing I have some mis-configuration where, despite passing the headers to Wiremock, I haven't properly told Wiremock to pass those headers on to "the service", which is really Cloudfront.

Not being a Java guy, I'm finding the Wiremock docs a little difficult to understand, and am trying to use the command-line arguments to configure Wiremock like this:

/usr/bin/java -jar \
  ./wiremock-jre8-standalone-2.35.0.jar \
  --port=8000 \
  --verbose \
  --root-dir=test_data/wiremock \
  --enable-browser-proxying \
  --preserve-host-header \
  --print-all-network-traffic \
  --record-mappings \
  --trust-proxy-target=https://myservice.example.com \
  --proxy-all=https://myservice.example.com

Request:

$ curl -k -X GET -H "Content-Type: application/json" \
    -H "Authorization: Bearer ${JWT}" \ 
    http://127.0.0.1:8000/api/foo

Response:

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>CloudFront</center>
</body>
</html>

When using exactly the same curl command, but changing the URL to point directly at my service instead of the proxy, I get the response I expected (hoped for?) through the proxy:

curl -k -X GET -H "Content-Type: application/json" \
    -H "Authorization: Bearer ${JWT}" \ 
    https://myservice.example.com/api/foo 

[
  {
    "id": "09d91ea0-7cb0-4786-b3fc-145fc88a1a3b",
    "name": "foo",
    "created": "2022-06-09T02:32:11Z",
    "updated": "2022-06-09T20:08:43Z",
  },
  {
    "id": "fb2b6454-4336-421a-bc2f-f1d588a78d12",
    "name": "bar",
    "created": "2022-10-05T06:23:24Z",
    "updated": "2022-10-05T18:34:32Z",
 }
]

Any help would be greatly appreciated.

Thanks.

amazon-cloudfront wiremock wiremock-standalone wiremock-record
Original Q&A
0

There are 0 best solutions below

Related Questions in AMAZON-CLOUDFRONT

Related Questions in WIREMOCK

Related Questions in WIREMOCK-STANDALONE

Related Questions in WIREMOCK-RECORD

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.