amplify-js
amplify-js copied to clipboard
Signer removed in v6
Before opening, please confirm:
- [X] I have searched for duplicate or closed issues and discussions.
- [X] I have read the guide for submitting bug reports.
- [X] I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.
JavaScript Framework
Vue
Amplify APIs
Authentication
Amplify Version
v6
Amplify Categories
auth
Backend
None
Environment information
System:
OS: Windows 11 10.0.22631
CPU: (12) x64 12th Gen Intel(R) Core(TM) i7-1255U
Memory: 14.51 GB / 39.68 GB
Binaries:
Node: 18.15.0 - C:\Program Files\nodejs\node.EXE
Yarn: 1.22.19 - C:\Program Files\nodejs\yarn.CMD
npm: 9.5.0 - C:\Program Files\nodejs\npm.CMD
pnpm: 8.15.5 - C:\Program Files\nodejs\pnpm.CMD
bun: 1.1.4 - ~\.bun\bin\bun.EXE
Browsers:
Edge: Chromium (123.0.2420.97)
Internet Explorer: 11.0.22621.3527
npmGlobalPackages:
@aws-amplify/cli: 11.0.5
@deptagency/octopus: 1.5.1
corepack: 0.15.3
esbuild: 0.18.17
fast-cli: 3.2.0
http-server: 14.1.1
npm: 9.5.0
qrcode-terminal: 0.12.0
serverless: 3.30.1
typescript: 5.0.4
yarn: 1.22.19
Describe the bug
import { Signer } from "aws-amplify";
Signer
export has been removed. I found it somewhere in the core, but could not find a way to import it. I tried "aws-amplify/utils" with no avail.
I could find in node import { Signer } from "@aws-amplify/core/dist/esm/Signer"
but again no clean import.
Could we have something like this please?
import { signRequest } from "@aws-amplify/core"
No mention about this breaking change in https://docs.amplify.aws/gen1/javascript/build-a-backend/auth/auth-migration-guide/
Expected behavior
import { signRequest } from "@aws-amplify/core"
Reproduction steps
import { Signer } from "aws-amplify";
Code Snippet
import { Signer } from "aws-amplify";
Log output
// Put your logs below this line
aws-exports.js
No response
Manual configuration
No response
Additional configuration
No response
Mobile Device
No response
Mobile Operating System
No response
Mobile Browser
No response
Mobile Browser Version
No response
Additional information and screenshots
No response
Hello, @abarke and thank you for creating this issue. While the decision to remove support for the Signer
export in v6 of Amplify was intentional, this is something that may have missed in our migration guides. I've marked this as a feature request to be considered for version parity and will review this with our team internally.
Beyond what you've already detailed in the description of this issue, can you share any further context/use cases for this? Thanks!
We use an open API generated TS library for our endpoints. To sign the requests we use an interceptor in the generated code so that it works as expected. We sign the requests manually. I switch to using @smithy/signature-v4
for now. That works fine.
// Custom middleware that signs the request with the current credentials
const awsSigningMiddleware: Middleware = {
pre: async (context) => {
const { headers } = await signRequest(
context.init.method ?? "GET",
context.url,
parseBody(context.init.body),
);
// Update the fetch request headers with the signed headers
context.init.headers = {
...headers,
};
return context;
},
};
// Custom middleware for error handling
const errorHandlingMiddleware: Middleware = {
onError: async (context) => {
const h3Error = apiErrorHandler(context.error);
console.error(h3Error);
return context.response;
},
};
// Configure the API client with the custom middleware
const apiConfig = new Configuration({
middleware: [awsSigningMiddleware, errorHandlingMiddleware],
});
// Create the API client with the custom configuration
export const api = new DefaultApi(apiConfig);
Here is the current workaround using @smithy/signature-v4
:
async function signRequest(method: string, uri: string, body?: string) {
const { credentials } = await fetchAuthSession();
if (credentials === undefined) {
throw new Error("Unauthorized");
}
const url = new URL(uri);
const request = new HttpRequest({
hostname: url.hostname,
path: url.pathname + url.search,
method,
body,
headers: {
host: url.hostname, // host is required by AWS Signature V4
"Content-Type": "application/json",
},
});
const signer = new SignatureV4({
credentials,
region,
service,
sha256: Sha256,
});
return signer.sign(request);
}
@abarke, thanks for the code example showing the workaround. Using the @smithy/signature-v4
is the workaround we'd recommend as well at this point and we'll update this issue if we have further progress or questions. Thanks!
https://stackoverflow.com/q/78465559/20597701, Amplify V6 Rest api doesnt seem to sign the request