Help with AWS4 Signature Expird is Now earlier

Human1 · June 27, 2022, 7:09pm

Hi every one

i need some Help to generate Aws4 signature i add Loli Code by Ruri Topic HERE

and make change with 5 VARIABLES WITH my Config but still get this error i don’t KN where is my mistake so i wish that i get help

this my error msg

{"message":"Signature expired: 20220627T140551Z is now earlier than 20220627T190225Z (20220627T190725Z - 5 min.)"}

and this other error msg in header

InvalidSignatureException

Human1 · June 28, 2022, 8:52pm

now After many checking and fixing some mistake i get this new error

The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method.

Error · June 29, 2022, 3:51am

For youe kind information, this not signature. Its signing part key, using the key only you need to make the signature.
Don’t consider the output as signature, you won’t get success.

If you need help on it specifically pm me

Human1 · June 30, 2022, 2:09pm

This is my Aws4 signature bro

Authorization: AWS4-HMAC-SHA256 Credential=ASIAXVBM6XQBVYZKTT4C/20220628/eu-west-1/lambda/aws4_request, SignedHeaders=host;x-amz-client-context;x-amz-date;x-amz-invocation-type;x-amz-log-type;x-amz-security-token, Signature=bf29eb5186b21df13e554c17e0486c7beef0f30612caf007903e33b463796dc2

so you said that i need only to generate signature from secret key
what about other variable as @Ruri explain need to add all secript and change 4 variables ???

FairyRoot · July 3, 2022, 3:26am

If the dates don’t match, AWS rejects the request, even if the time stamp is only seconds away from the date in the credential scope. For example, AWS will reject a request that has an x-amz-date header value of 20151014T235959Z and a credential scope that has the date 20151015.

FairyRoot · July 3, 2022, 3:55am

this code Shall definitely work for you

INTERPRETER:NodeJS
INPUT 
BEGIN SCRIPT
const UTC = new Date().toISOString();
console.log(UTC);
END SCRIPT
OUTPUT String @UTC
ENDBLOCK

BLOCK:Replace
  original = @UTC
  toReplace = ":"
  => VAR @UTC1
ENDBLOCK

BLOCK:Replace
  original = @UTC1
  toReplace = "-"
  => VAR @UTC2
ENDBLOCK

BLOCK:RegexReplace
  original = @UTC2
  pattern = "\\.([^^]*)"
  replacement = "Z"
  => VAR @AMZDATE
ENDBLOCK

FairyRoot · July 3, 2022, 3:56am

PS: you need NodeJS installed.

Since this Date changes on Daily basis, use this Code for it

BLOCK:CurrentUnixTime
  => VAR @TS
ENDBLOCK

BLOCK:UnixTimeToDate
  unixTime = @TS
  format = "yyyyMMdd"
  => VAR @TSA
ENDBLOCK

Human1 · July 3, 2022, 10:24am

thank you so much @FairyRoot i fixed all this mistake about data before so need to go the next setp…

Human1 · July 4, 2022, 10:00pm

need to add string to sign
as here @FairyRoot

StringToSign =
    Algorithm + \n +
    RequestDateTime + \n +
    CredentialScope + \n +
    HashedCanonicalRequest

please if you can help me with this also

FairyRoot · July 6, 2022, 2:43pm

Refer to this URL

aHR0cHM6Ly9kb2NzLmF3cy5hbWF6b24uY29tL2dlbmVyYWwvbGF0ZXN0L2dyL3NpZ3Y0LXNpZ25lZC1yZXF1ZXN0LWV4YW1wbGVzLmh0bWwjc2lnLXY0LWV4YW1wbGVzLXBvc3Q=

It is base64 encode so it won’t flag the forums.
Decode the URL using any online base64 decode.

Maki001 · November 3, 2022, 12:00am

Were you able to fix it, currently having the same issue

PaleGreenFILE · February 6, 2023, 2:02am

its coganito ? Aws amazon

Error · February 7, 2023, 1:16am

Cognito and AwS4 signature type both not same ! @PaleGreenFILE