Closed jbvsmo closed 4 years ago
Hi @jbvsmo,
Thanks for reaching out about this. The v0.1.0 release should be signing and round tripping correctly with Transcribe Streaming. At first glance, I'm not sure why we'd be producing an incorrect hash for the String to sign. Could you provide some more details about how you're using the library and your credential setup?
Assuming it's a direct copy paste from the README, the library we use for auth will source credentials in the following order:
default
profile in ~/.aws/credentialsOne other thing to check is passing a StaticCredentialResolver. You can instantiate this class with your access_key_id, secret_access_key, and session_token and pass it to the client as the credential_resolver
parameter. That will bypass the resolution and help us narrow down if this is an environment or credential issue.
Thanks for the swift response. I know my credentials were correctly fetched from the default profile as my debugger will show:
I am testing latest code on the develop branch, so I need to switch back to version v0.1.0?
There shouldn't be any differences with credentials between v0.1.0 and the current HEAD (42d4e78) of develop.
I first ran the code exactly as shown on the README, but then I changed region to my default hoping it would change something, but both display same exact message.
@nateprewitt I decided to switch to another AWS account credentials and somehow on this other one it works correctly! I don't know what might be misconfigured on the 1st account, but sorry for the inconvenience. I use the default account for many things, and the console works for Transcribe service...
@jbvsmo That's good to hear.
For clarity, when using the default profile with another tool (such as the AWS CLI) you're able to make calls correct? But when using this SDK you're getting signature mismatch issues?
I'm curious if there's a discrepancy parsing the config/credential files between this SDK and other tools. Perhaps there's some trailing whitespace or file encoding issues that are impacting how the key/secret are being loaded?
@joguSD I thought you were correct when I added trailing whitespace and newlines, but I had switched back to original default account. If you read my previous message, disregard it.
I have now reordered and mixed the elements on the file but still my original account fails and the second one still works.
The string I see on the debugger is the exact string on the credentials file
Does the information here on "signature does not match" help at all? https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-troubleshooting.html#tshoot-sig-time-off
I'm wondering if it's related to any of those "special" characters or clock skew.
I will check, but I guess this issue can be closed
I started implementing a very similar project (I've implemented the EventStream format and data serialization) this week and I was having trouble with the signature process so, when I asked around, they pointed me to this which I thought would save me a couple weeks worth of work, but then I hit the same road bump with your test program.
Possibly I'm just too early to the party, but is it supposed to sign requests correctly at this stage? I have
~/.aws/credentials
and~/.aws/config
setup correctly since I use many other stuff on AWS.Below is the 403 server response.