Monday, 31 January 2022

AWS API aut from oauth

Firstly working with AWS api, so sorry for newbee question.

I need to access this endpoint

https://b7dyyr5r1s.execute-api.eu-west-1.amazonaws.com/prod/declarations

to post declarations on this web

postingdeclaration.eu

I found config file on site

{
    "aws": {
        "enabled": true,
        "config": {
            "Auth": {
                "region": "eu-west-1",
                "mandatorySignIn": true,
                "clearStorageOnInit": false,
                "identityPoolId": "eu-west-1:adb74568-cac1-89b3-75e8-db123d6rtee9",
                "userPoolId": "eu-west-1_U8iuLTd6R",
                "userPoolWebClientId": "12db2t9v156qgdpsrlujjlc6kl",
                "oauth": {
                    "domain": "auth.postingdeclaration.eu",
                    "scope": [
                        "user",
                        "email",
                        "domain",
                        "firstName",
                        "lastName"
                    ],
                    "redirectSignIn": "https://www.postingdeclaration.eu/home",
                    "redirectSignOut": "https://ecas.ec.europa.eu/cas/logout",
                    "responseType": "code",
                    "identityProvider": "euLogin"
                }
            },
            "API": {
                "endpoints": [
                    {
                        "name": "Users",
                        "region": "eu-west-1",
                        "endpoint": "https://b7dyyr5r1s.execute-api.eu-west-1.amazonaws.com/prod/users"
                    },
                    {
                        "name": "Invitations",
                        "region": "eu-west-1",
                        "endpoint": "https://b7dyyr5r1s.execute-api.eu-west-1.amazonaws.com/prod/invitations"
                    },
                    {
                        "name": "Accounts",
                        "region": "eu-west-1",
                        "endpoint": "https://b7dyyr5r1s.execute-api.eu-west-1.amazonaws.com/prod/accounts"
                    },
                    {
                        "name": "Declarations",
                        "region": "eu-west-1",
                        "endpoint": "https://b7dyyr5r1s.execute-api.eu-west-1.amazonaws.com/prod/declarations"
                    },
                    {
                        "name": "RoadsideCheck",
                        "region": "eu-west-1",
                        "endpoint": "https://b7dyyr5r1s.execute-api.eu-west-1.amazonaws.com/prod/bo/declarations"
                    },
                    {
                        "name": "Drivers",
                        "region": "eu-west-1",
                        "endpoint": "https://b7dyyr5r1s.execute-api.eu-west-1.amazonaws.com/prod/drivers"
                    },
                    {
                        "name": "Operators",
                        "region": "eu-west-1",
                        "endpoint": "https://b7dyyr5r1s.execute-api.eu-west-1.amazonaws.com/prod/operators"
                    },
                    {
                        "name": "Requests",
                        "region": "eu-west-1",
                        "endpoint": "https://b7dyyr5r1s.execute-api.eu-west-1.amazonaws.com/prod/requests"
                    },
                    {
                        "name": "Documents",
                        "region": "eu-west-1",
                        "endpoint": "https://b7dyyr5r1s.execute-api.eu-west-1.amazonaws.com/prod/documents"
                    },
                    {
                        "name": "Messages",
                        "region": "eu-west-1",
                        "endpoint": "https://b7dyyr5r1s.execute-api.eu-west-1.amazonaws.com/prod/messages"
                    },
                    {
                        "name": "HistoryLog",
                        "region": "eu-west-1",
                        "endpoint": "https://b7dyyr5r1s.execute-api.eu-west-1.amazonaws.com/prod/history-logs"
                    }
                ]
            }
        }
    }
}

I have only that config, endpoints, username and passwords from this website postingdeclaration.eu

I tryed use this script, but suck, my username and passwords is not equal to AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY

import requests
from requests_aws4auth import AWS4Auth

session = requests.Session()
session.auth = AWS4Auth(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, 'eu-west-1', 'execute-api')

response = requests.get('https://b7dyyr5r1s.execute-api.eu-west-1.amazonaws.com/prod/declarations', auth=auth)

website geting aws keys from response

headers = {
    'authority': 'cognito-identity.eu-west-1.amazonaws.com',
    'sec-ch-ua': '" Not;A Brand";v="99", "Google Chrome";v="97", "Chromium";v="97"',
    'sec-ch-ua-mobile': '?0',
    'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Safari/537.36',
    'content-type': 'application/x-amz-json-1.1',
    'x-amz-content-sha256': 'Hash',
    'x-amz-target': 'AWSCognitoIdentityService.GetCredentialsForIdentity',
    'x-amz-user-agent': 'aws-amplify/2.3.0 js aws-amplify/2.3.0 js callback',
    'sec-ch-ua-platform': '"Windows"',
    'accept': '*/*',
    'origin': 'https://www.postingdeclaration.eu',
    'sec-fetch-site': 'cross-site',
    'sec-fetch-mode': 'cors',
    'sec-fetch-dest': 'empty',
    'referer': 'https://www.postingdeclaration.eu/',
    'accept-language': 'en-US,en;q=0.9',
}

data = '{"Logins":{"cognito-idp.eu-west-1.amazonaws.com/eu-west-1_M5iuBYd1C":"Hash"},"IdentityId":"eu-west-1:ID"}'

But how website generate hashes?

So how to write right syntax to use that type of config of AWS API?



from AWS API aut from oauth

No comments:

Post a Comment