Use Amplify credentials to sign HTTP request - Angular

Question

I'm using Angular application with Amplify ( aws-amplify@3.0.11 ) & Aws Amplify Angular ( aws-amplify-angular@5.0.11) libraries.

Amplify is set up to communicate with Cognito via AWS API Gateway, and all Authorisation goes through it. Everything was working so far, but now I have a specific request that I need to send multipart/form-data POST request to one of the endpoint on gateway with certain file in.
As Amplify doesn't support sending "multipart/form-data", I need to create a HTTP Client request to API Gateway ( without Amplify ), meaning that I need to sign it ( v4 signature ).

Here comes the problem. I need to use credentials from Amplify signed user to generate signature, and this is not working for me so far. Does anyone has an idea what tokens do I need to pass as "accessKey" & "secretKey"? I can't get the "secretKey" from Amplify directly, but have tried with "Auth.currentUserCredentials()" which indeed returns "accessKeyId" and "secretAccessKey".

I'm trying to use https://github.com/mar753/aws-signature-v4 ( modified it for Typescript and Angular ) to sign requests by sending it required parameters.

Whatever combination I tried, I always get same error message (403):
"message: "The security token included in the request is invalid."

Answer 1

For anyone that will have a similar problem in the future, here is what you need to do/use:

1. Get user credentials with Auth.currentUserCredentials()
2. set accessKey as: user.getUserCredentials().accessKeyId
3. set secretAccessKey as: user.getUserCredentials().secretAccessKey
4. You must send Security token as well in the header (which is not called like that in Amplify, but it's "sessionToken" ): 'X-Amz-Security-Token': user.getUserCredentials().sessionToken

Those are the credentials needed to sign and authenticate request without Amplify, but with it used as Authorization handler.