amplify-js icon indicating copy to clipboard operation
amplify-js copied to clipboard

Published 20 hours ago verified publisher icon aws-amplify

Signer removed in v6

Open abarke opened this issue 1 month ago • 4 comments

Before opening, please confirm:

JavaScript Framework

Vue

Amplify APIs

Authentication

Amplify Version

v6

Amplify Categories

auth

Backend

None

Environment information

 System:
    OS: Windows 11 10.0.22631
    CPU: (12) x64 12th Gen Intel(R) Core(TM) i7-1255U
    Memory: 14.51 GB / 39.68 GB
  Binaries:
    Node: 18.15.0 - C:\Program Files\nodejs\node.EXE
    Yarn: 1.22.19 - C:\Program Files\nodejs\yarn.CMD
    npm: 9.5.0 - C:\Program Files\nodejs\npm.CMD
    pnpm: 8.15.5 - C:\Program Files\nodejs\pnpm.CMD
    bun: 1.1.4 - ~\.bun\bin\bun.EXE
  Browsers:
    Edge: Chromium (123.0.2420.97)
    Internet Explorer: 11.0.22621.3527
  npmGlobalPackages:
    @aws-amplify/cli: 11.0.5
    @deptagency/octopus: 1.5.1
    corepack: 0.15.3
    esbuild: 0.18.17
    fast-cli: 3.2.0
    http-server: 14.1.1
    npm: 9.5.0
    qrcode-terminal: 0.12.0
    serverless: 3.30.1
    typescript: 5.0.4
    yarn: 1.22.19

Describe the bug

import { Signer } from "aws-amplify";

Signer export has been removed. I found it somewhere in the core, but could not find a way to import it. I tried "aws-amplify/utils" with no avail.

I could find in node import { Signer } from "@aws-amplify/core/dist/esm/Signer" but again no clean import.

image

Could we have something like this please?

import { signRequest } from "@aws-amplify/core"

No mention about this breaking change in https://docs.amplify.aws/gen1/javascript/build-a-backend/auth/auth-migration-guide/

Expected behavior

import { signRequest } from "@aws-amplify/core"

Reproduction steps

import { Signer } from "aws-amplify";

Code Snippet

import { Signer } from "aws-amplify";

Log output

// Put your logs below this line

aws-exports.js

No response

Manual configuration

No response

Additional configuration

No response

Mobile Device

No response

Mobile Operating System

No response

Mobile Browser

No response

Mobile Browser Version

No response

Additional information and screenshots

No response

abarke avatar May 04 '24 19:05 abarke

Hello, @abarke and thank you for creating this issue. While the decision to remove support for the Signer export in v6 of Amplify was intentional, this is something that may have missed in our migration guides. I've marked this as a feature request to be considered for version parity and will review this with our team internally.

Beyond what you've already detailed in the description of this issue, can you share any further context/use cases for this? Thanks!

cwomack avatar May 06 '24 15:05 cwomack

We use an open API generated TS library for our endpoints. To sign the requests we use an interceptor in the generated code so that it works as expected. We sign the requests manually. I switch to using @smithy/signature-v4 for now. That works fine.

// Custom middleware that signs the request with the current credentials
const awsSigningMiddleware: Middleware = {
  pre: async (context) => {
    const { headers } = await signRequest(
      context.init.method ?? "GET",
      context.url,
      parseBody(context.init.body),
    );

    // Update the fetch request headers with the signed headers
    context.init.headers = {
      ...headers,
    };

    return context;
  },
};

// Custom middleware for error handling
const errorHandlingMiddleware: Middleware = {
  onError: async (context) => {
    const h3Error = apiErrorHandler(context.error);

    console.error(h3Error);

    return context.response;
  },
};

// Configure the API client with the custom middleware
const apiConfig = new Configuration({
  middleware: [awsSigningMiddleware, errorHandlingMiddleware],
});

// Create the API client with the custom configuration
export const api = new DefaultApi(apiConfig);

abarke avatar May 06 '24 15:05 abarke

Here is the current workaround using @smithy/signature-v4:

async function signRequest(method: string, uri: string, body?: string) {
  const { credentials } = await fetchAuthSession();

  if (credentials === undefined) {
    throw new Error("Unauthorized");
  }

  const url = new URL(uri);

  const request = new HttpRequest({
    hostname: url.hostname,
    path: url.pathname + url.search,
    method,
    body,
    headers: {
      host: url.hostname, // host is required by AWS Signature V4
      "Content-Type": "application/json",
    },
  });

  const signer = new SignatureV4({
    credentials,
    region,
    service,
    sha256: Sha256,
  });

  return signer.sign(request);
}

abarke avatar May 06 '24 16:05 abarke

@abarke, thanks for the code example showing the workaround. Using the @smithy/signature-v4 is the workaround we'd recommend as well at this point and we'll update this issue if we have further progress or questions. Thanks!

cwomack avatar May 08 '24 21:05 cwomack

https://stackoverflow.com/q/78465559/20597701, Amplify V6 Rest api doesnt seem to sign the request

AtharvArolkar avatar May 13 '24 10:05 AtharvArolkar