search

aws-samples / api-gateway-secure-pet-store

Amazon API Gateway sample using Amazon Cognito credentials through AWS Lambda
Apache License 2.0
308 stars 113 forks source link

temporary security credentials expiration interval is too short #3

Closed mingqin1 closed 8 years ago

mingqin1 commented 8 years ago

Hi: I created a identity pool by following the example code published at awslabs/api-gateway-secure-pet-store. The temporary security credentials expired every 5 minutes . how can I make them lasting longer such as 10 minutes?

Here is the example credential : credentials: { accessKey: "" secretKey: "qtJrT+8mpuDEzitVzyzuSa8Jggy+zTGekbR57/fe" sessionToken: "AQoDYXdzEMH//////////wEaoAUop8GGQFBcmhsebdDvrUTNdDXxYBpZ2bQRyRVlIp7Ck3rBIuWGT8P4hDTZ39d6fGgT7jKNutOQ/wKyighyaZocOAuYQOckvUszyVTg2ooGz9BiKqXlrwqrzOqzwsfGsAlhtKflbS2x5vuxxV8KYuSYqITUo/5RS77Um41PYjPBgcT+8K/ZooTDc3jC0synBCUnhSFJKrbv7TXHgWeAMukGqvjRgvRHAsoi6NclLPedFFmf2t9gUnIEmOkeRpXqbV0zJqrtHKgIWftk4fZNRYZWUOqY/q03CLEucMaJZ5UIh1yPjgjFvj0frzNGyg0xWd5lhkTqUC0aAWB2bmIFQPNa0uif3JuctjzX2/eKmOTWQqVKqX6wFVOfcUEKs3+cvtBlMPXK3TzJmAdlnlzZuRUcD+L0LLy69Su8s1wq7Zx7sEyNGQS/DoQRLWmSEsoUu981eJax1p6n72fIU/+xrs+vrCIsBsCeq6YNrQR++g7Vb8vRz9Qp/RSxiRhoacnn+BIOUXLwRJEhs0CXys7LbVxcL+xAFWvbphTJUlvK6EfNlseTU1jBB8LOy4c/btIeHH6GmP5Lavj5Zn2X1QJL9vSO0f2xs+0cSCcvhDxx8Oe5ULBkYaNk7wb8LxPfDw/UtF6rmLQl1IzOftDzBnhsqO0XYhwdGL0CtNQV+p9WzQ+/DZRzfvWeUBYCjwNBPLvtnRjRpU+edUx9qjwE/2RkAuU2DE6Cf3meTHsLOGssmjpj5hbuxdCO0MzT+t6sa4zydjZySYlRGAL+hfQOGjasRegR/sN8/njLpcL32rDFiibITAJw+Ic2iS95e3lzIYu8KByDMgIm2t1GYIBL1GrivjLrws29wTf3p/FE0he4AJntP+7nRzojVsNupBtJleZTG6ogi4vqsAU=" expiration: 1444582299000 }

Here is the message about credential is expired:

{ message: "Signature expired: 20151011T155322Z is now earlier than 20151011T155344Z (20151011T155844Z - 5 min.)" }

sapessi commented 8 years ago

From the sample you sent and you communication with Bheroozi@AWS this looks like a CORS issue. He posted an additional issue to clarify this and I'll update the project as soon as possible. https://github.com/awslabs/api-gateway-secure-pet-store/issues/4

sapessi commented 8 years ago

I've just committed an updated Swagger file that adds CORS support to all resources and methods - could you please update to the latest version of the importer tool and the new file and test you service with it?

mingqin1 commented 8 years ago

Stefano: Thanks for the updating. I will do the test

mingqin1 commented 8 years ago

Stefano: I added a comment about my test result in this page. Did you see that yet?

sapessi commented 8 years ago

What's the use-case? Temporary AWS credentials last for 1 hour. The request signature generated from the credentials for a particular request lasts for 5 minutes - this is not customizable.

mingqin1 commented 8 years ago

thx