Closed esauerbo closed 1 day ago
Due to the inability to read the date header in the upgrade response (https://github.com/aws/aws-sdk-js-v3/issues/6221),
to make use of the fix in #6227, the systemClockOffset must be supplied to the RekognitionStreaming client at initialization.
Example:
import { Rekognition } from '@aws-sdk/client-rekognition';
import { RekognitionStreaming } from '@aws-sdk/client-rekognitionstreaming';
const rekognition = new Rekognition({ ... });
// 1. make a request first, so that the client automatically corrects
// its config.systemClockOffset value if needed.
await rekognition.createFaceLivenessSession({ ... });
// 2. pass that value to the streaming client.
const rekognitionStreaming = new RekognitionStreaming({
systemClockOffset: rekognition.config.systemClockOffset
});
@kuhe thanks for the recommendation but I believe that solution will not work for most rekognition consumers as it is recommended that the createFaceLivenessSession
call be made in the developers backend where as the streaming client should be called from the customer's device.
I'm guessing in the example you posted above after calling the createFaceLivenessSession
API the systemClockOffset value is set if a time difference is detected?
This was released in https://github.com/aws/aws-sdk-js-v3/releases/tag/v3.605.0.
solution will not work for most rekognition consumers>
They need to know their system clock offset. We've established that the upgrade response headers are not an option.
I'm guessing in the example you posted above after calling the createFaceLivenessSession API the systemClockOffset value is set if a time difference is detected?
Yes.
Checkboxes for prior research
Describe the bug
Manually setting the
systemClockOffset
allows me to successfully establish a websocket connection, but anInvalidSignatureException
is returned once events are sent over the connection.SDK version number
@aws-sdk/client-rekognitionstreamin@3.600.0
Which JavaScript Runtime is this issue in?
Node.js
Details of the browser/Node.js/ReactNative version
Chrome 126
Reproduction Steps
Reproduction branch: https://github.com/esauerbo/rekognition-sdk-repro/tree/clockSkew
clockSkew
branchnpm install
.env
npm run dev
start-face-liveness-session
network request. Observe that connection is established successfully but after client sends event, server sends InvalidSignatureExceptionObserved Behavior
Received error for invalid signature exception
Expected Behavior
systemClockOffset
should be applied to events sent over websocket connection.Possible Solution
This may be relevant, offset doesn't seem to be getting applied. https://github.com/aws/aws-sdk-js-v3/blob/f922dc18d7bd00bbc4c21f2e833e0faa4cf18ad3/packages/middleware-websocket/src/get-event-signing-stream.ts#L33
Additional Information/Context
No response