poundifdef / smoothmq

An improved drop-in replacement for SQS
https://www.smoothmq.com
GNU Affero General Public License v3.0
2.07k stars 35 forks source link

Invalid signature #13

Closed matt1600 closed 3 months ago

matt1600 commented 4 months ago

Keep getting invalid signature error when trying to send a message to a queue. Tried using fake aws credentials, and tried using the request library instead of boto3. Keep getting same invalid signature error. Appreciate any help!

poundifdef commented 4 months ago

Can you share the python script you're using?

I'm guessing the issue (which is my fault) is that the credentials are currently hardcoded to YOUR_ACCESS_KEY_ID and YOUR_SECRET_ACCESS_KEY. I'm working on making this configurable!

matt1600 commented 4 months ago

import requests

The URL of the SmoothMQ queue

queue_url = 'http://localhost:3001/queue/your-queue-name'

Headers for the request (dummy authorization header)

headers = { 'Content-Type': 'application/x-www-form-urlencoded', 'Authorization': 'AWS4-HMAC-SHA256 Credential=dummy_access_key/20230626/us-east-1/sqs/aws4_request, SignedHeaders=host;content-type;x-amz-date, Signature=dummy_signature' }

Payload for the message

payload = { 'Action': 'SendMessage', 'MessageBody': 'hello world', 'Version': '2012-11-05' }

Send the message

response = requests.post(queue_url, headers=headers, data=payload)

print(response.text)

poundifdef commented 4 months ago

Got it. Here is a snippet you should be able to copy/paste:

import boto3

sqs = boto3.client(
    'sqs',
    aws_access_key_id="YOUR_ACCESS_KEY_ID",
    aws_secret_access_key="YOUR_SECRET_ACCESS_KEY",
    endpoint_url='http://localhost:3001'
)

sqs.send_message(
    QueueUrl='http://a.b/1/my_queue',
    MessageBody="hello world", 
)

Before running this, you'll want to go to http://localhost:3000 and create the queue, in this case, my_queue. You can also do this via boto.

boto does a lot of work behind the scenes to calculate the v4 signature, so I'd want to check that that logic is correct on the client side for calculating that (perhaps you're doing it already.) Similarly, the actual access/secret key right now is hard-coded to the string literalYOUR_ACCESS... - which I need to make configurable.

poundifdef commented 3 months ago

Just pushed a fix for this. You can now define your own aws access/secret key via a config. Check out: https://github.com/poundifdef/SmoothMQ/blob/main/config.yaml