Sample code showing how to sign HTTP requests coming to AWS in WebClient.
This code is based on https://github.com/rewolf/blog-hmac-auth-webclient and uses Aws4Signer to sign requests.
High-level diagram showing how signing HTTP requests with body works:
This sample works only for JSON requests. If you need to sign requests with XML/protobuf content,
you will need to provide a different implementation of HttpMessageEncoder and add it through
CodecConfigurer.
Run the application with and call /example endpoint with a GET request.
It will sign the POST request with ExampleRequest body and send it to https://example.com.
-
In production, you need to switch awsCredentialsProvider from
AnonymousCredentialsProvidertoDefaultCredentialsProviderand provide the credentials in the environment. WhenAnonymousCredentialsProvideris used,Aws4Signerwon't addd any headers to the request. -
In this sample, you can run
prodprofile to enableDefaultCredentialsProvider. -
Set AWS Region.
-
Set AWS service name.
-
Set base URL.
-
Prepare your own request body.