Is there a .NET library that can sign a request with AWS V4 Signature?

.net amazon-web-services aws-sdk aws-api-gateway aws-lambda
10,121

Solution 1

you can read on how the signature is done and you can (if you want). I would recommend pulling in the AWS SDK for .NET and using the functionality from the SDK to actually perform the signature.

Here is the signer form the SDK:

https://github.com/aws/aws-sdk-net/blob/6c3be79bdafd5bfff1ab0bf5fec17abc66c7b516/sdk/src/Core/Amazon.Runtime/Internal/Auth/AWS4Signer.cs

You may need to adapt it (ie it knows about AWS services and endpoints by default)

Solution 2

While this is an old question, since AWS has not "prioritized accordingly" with regards to the .NET AWS SDK as stated in their comment above and this is still a relevant problem today, I found a good library that will take care of the AWS V4 request signing for you.

Here is the Nuget package.

Here is the GitHub source and implementation documentation.

In addition, I've found that for my API Gateway AWS_IAM Authorization to work with temporary security credentials, you also need to include the "x-amz-security-token" header with the current session token as it's value as well in your request.

Solution 3

An alternative to Aws4RequestSigner is AwsSignatureVersion4. I think its API is easier to work with, but I am biased since I am the author of the latter.

Share:
10,121
Richard R
Author by

Richard R

A guy who likes building stuff.

Updated on June 30, 2022

Comments

  • Richard R
    Richard R almost 2 years

    I have an API Gateway where I'm setting the authentication to use AWS_IAM. This requires that I sign each request with the AWS V4 signature and attach the HMAC in the header. I've found libraries to sign a request with the V4 signature in nodejs. But I cannot find a library to sign for me. Even the aws-sdk for .NET has this abstracted for their own specific use case. Is there a library out there (i've done a quick google search and found no results)? Or do I need to write out the hmac myself?

    • gravity
      gravity almost 8 years
      Is the standard library not applicable for this?
    • Richard R
      Richard R almost 8 years
      The implementation will definitely use the standard .net library to perform the actual HMAC, but the recipe for how to generate the key and what to hmac is involved. github.com/mhart/aws4/blob/master/aws4.js is the nodejs implementation that signs a request for aws v4 signature.
  • Richard R
    Richard R almost 8 years
    Their library will speed along the process, but I still have to shoe horn the standard HttpRequestMessage into their IRequest format or at least write a wrapper to return similiar parameters.
  • RyanG
    RyanG almost 8 years
    We (API Gateway) are aware of the need for official .NET SDK support and have prioritized accordingly. In the meantime, I would suggest as @Mircea suggested and to either 1) Implement your own signer as per docs.aws.amazon.com/general/latest/gr/sigv4_signing.html or 2) Re-use pieces of the existing .NET AWS SDK
  • Ronen Festinger
    Ronen Festinger over 4 years
    Hi, I'm the co author of this library and can accept requests or feedback.
  • Primico
    Primico over 3 years
    Hi, I am using AWS elasticsearch and would like to sign the requests. I am using the asp .net elasticsearch NEST sdk and was wondering if your AwsSignatureVersion4 would work with that? var client = new ElasticClient(settings);
  • FantasticFiasco
    FantasticFiasco over 3 years
    I actually have no idea, but it would be fun to try out! Would you be able to create a GitHub repository with sample code, and we could see if we can work together on it?
  • Elliveny
    Elliveny almost 3 years
    I have an IAM secured API Gateway stage and want to make requests to it from a lambda function, using that lambda function's IAM role and I'm wondering if I can do that using either of these libraries? Any guidance would be appreciated as I'm not seeing how to do that presently. Thanks.
  • FantasticFiasco
    FantasticFiasco almost 3 years
    Aren't AWS IAM roles set as environment variables on the Lambda function? In that case you should be able to use those in requests using AwsSignatureVersion4.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

AWS API Gateway : Execution failed due to configuration error: No match for output mapping and no default output mapping configured
Access HTTP request (headers, query string, cookies, body) object in lambda with http endpoint
AWS Lambda Function is misinterpreting event dictionary in python?
Increase maximum POST size for Amazon API Gateway
API Gateway Static IP Address
How to correctly call queryStringParameters for AWS Lambda + API Gateway?
How to get validate Cognito Access Token in AWS Lambda to allow Gateway API call?
Lambda return only 200 respose code
DynamoDB get item TypeScript hell
POST url encoded form to Amazon API Gateway