Search code examples
javascriptaws-sdkaws-sdk-jsaws-sdk-nodejs

Invoke AWS REST API in java-script

I am trying to execute AWS Endpoint using nodejs (aws-sdk). First, I am able to generate session token for Service Account which has access to execute the API.

var AWS = require('aws-sdk');
AWS.config.update({ "accessKeyId": "<>", "secretAccessKey": "<>", "region": "us-west" });
var sts = new AWS.STS();
var response = {};
sts.assumeRole({
    RoleArn: 'arn:aws:iam::170000000000:role/service-account',
    RoleSessionName: 'AssumtaseRole'
}, function(err, data) {
    if (err) { // an error occurred
        var error = {}
        response.message = err.originalError.message,
            response.errno = err.originalError.errno,
            response.code = 404;
        console.log(response);
    } else { // successful response
        response.code = 200,
            response.accesskey = data.Credentials.AccessKeyId,
            response.secretkey = data.Credentials.SecretAccessKey,
            response.sessiontoken = data.Credentials.SessionToken,
            console.log(response);
    }
});

Now I am trying to execute the endpoint using the above session token. If test session token using postman, I am able to execute the API but not sure how to do it using (aws-sdk) or ('aws-api-gateway-client')

I tried to execute using simple HTPPS request but getting error: Here is the code:

var AWS = require('aws-sdk');
var apigClientFactory = require('aws-api-gateway-client').default;

AWS.config.update({ "accessKeyId": "<>", "secretAccessKey": "<>", "region": "us-west" });

var sts = new AWS.STS();
var response = {};
sts.assumeRole({
    RoleArn: 'arn:aws:iam::170000000000:role/service_account',
    RoleSessionName: 'AssumtaseRole'
}, function(err, data) {
    if (err) { // an error occurred
        var error = {}
        response.message = err.originalError.message,
            response.errno = err.originalError.errno,
            response.code = 404;
        console.log(response);
    } else { // successful response
        response.code = 200,
            response.accesskey = data.Credentials.AccessKeyId,
            response.secretkey = data.Credentials.SecretAccessKey,
            response.sessiontoken = data.Credentials.SessionToken,
            console.log(response);
        var apigClient = apigClientFactory.newClient({
            invokeUrl: "https://some-endpoint.com", // REQUIRED
            accessKey: data.Credentials.AccessKeyId, // REQUIRED
            secretKey: data.Credentials.SecretAccessKey, // REQUIRED
            sessiontoken: data.Credentials.SessionToken,
            region: "us-west", // REQUIRED: The region where the AapiKeyloyed.
            retries: 4,
            retryCondition: (err) => { // OPTIONAL: Callback to further control if request should be retried.  Uses axon-retry plugin.
                return err.response && err.response.status === 500;

            }
        });

        var pathParams = "";
        var pathTemplate = "/agent/registration"; // '/api/v1/sites'
        var method = "post"; // 'POST';
        var additionalParams = ""; //queryParams & Headers if any

        var body = {
            "agent_number": "1200",
            "agent_name": "Test"
        };

        apigClient.invokeApi(pathParams, pathTemplate, method, additionalParams, body)
            .then(function(result) {
                console.log(result)

            }).catch(function(error) {
                console.log(error)

            });
        // console.log(output);

    }
});

Here is the error:

     data:
      { message: 'The security token included in the request is invalid.' } } }

Thanks in advance.

Thank You Kiran

Solution

  • Please change sessiontoken to sessionToken. that will fix your issue. I have tested the code on my machine.

    When i tested with sessiontoken i also received the error The security token included in the request is invalid.. It worked when i changed it to the correct key which is sessionToken.

    here is simplified code. When i tested, I have hard coded accessKey, secretKey and sessionToken. 

    var apigClientFactory = require('aws-api-gateway-client').default;
var apigClient = apigClientFactory.newClient({
    invokeUrl:'https://api-url.com', // REQUIRED
    accessKey: '', // REQUIRED
    secretKey: '', // REQUIRED
    sessionToken: '', //OPTIONAL: If you are using temporary credentials you must include the session token
    region: 'ap-southeast-2', // REQUIRED: The region where the API is deployed.
    systemClockOffset: 0, // OPTIONAL: An offset value in milliseconds to apply to signing time
    retries: 4, // OPTIONAL: Number of times to retry before failing. Uses axon-retry plugin.
    retryCondition: (err) => { // OPTIONAL: Callback to further control if request should be retried.  Uses axon-retry plugin.
      return err.response && err.response.status === 500;
    }
});


(() => {
  apigClient.invokeApi(null, `/hello`, 'GET')
  .then(function(result){
    console.log('result: ', result)
      //This is where you would put a success callback
  }).catch( function(result){
    console.log('result: ', result)
      //This is where you would put an error callback
  });
})()