By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Error in test invoke authorizer command for testing the authorizer

0

I created token signature with the below command: echo -n tokenKeyValue | openssl dgst -sha256 -sign private-key.pem| openssl base64

NOw testing the authorizer by test invoke authorizer in aws CLI with the command: aws iot test-invoke-authorizer
--authorizer-name my-new-authorizer
--token tokenKeyValue
--token-signature {created signature}

I am getting an error : unknown options:tokenKeyValue. Please guide

Topics
Internet of Things (IoT)ServerlessComputeManagement & Governance
Tags
AWS IoT CoreAWS LambdaAWS Command Line Interface
Language
English
rePost-User-1474705
asked a year ago250 views
1 Answer
1

The error message you're encountering is likely due to an incorrect syntax in the command you're using. Here's the correct syntax for the aws iot test-invoke-authorizer command:

aws iot test-invoke-authorizer
--authorizer-name my-new-authorizer
--token "tokenKeyValue"
--token-signature "$(echo -n "tokenKeyValue" | openssl dgst -sha256 -sign private-key.pem | openssl base64)"

Note that the tokenKeyValue and the token-signature values need to be passed in quotes, as they are string values. Also, the calculation of the token-signature value should be included in the command.

profile picture
Muhammad Imran
answered a year ago
  • rePost-User-1474705
    a year ago

    Thank You for the reply. I followed your instructions. Now I am getting the following error: An error occurred (InvalidRequestException) when calling the TestInvokeAuthorizer operation: Token signature mismatch for authorizer my-new-authorizer.

    I am using Openssl version:OpenSSL 1.1.1s 1 Nov 2022 Windows10. Kindly help

  • Muhammad Imran
    a year ago

    The error message suggests that the token signature you are passing in the command is incorrect. Here are a few steps you can try to resolve this issue:

    1. Check the private key file: Ensure that the private-key.pem file is the correct private key that corresponds to the public key you associated with the authorizer when you created it.
    2. Check the tokenKeyValue value: Ensure that the tokenKeyValue value is the correct token string that you generated and passed to the device/client when it attempted to connect to AWS IoT.
    3. Verify the token signature calculation: Ensure that the calculation of the token-signature value is correct by using the openssl command provided in the correct syntax.
    4. Use a different version of OpenSSL: Some versions of OpenSSL may not be compatible with the version of the OpenSSL library used by AWS IoT. Try using a different version of OpenSSL. If none of these steps resolve the issue, consider consulting the AWS documentation or reaching out to AWS support for further assistance.
  • rePost-User-1474705
    a year ago

    am still getiing the error: An error occurred (InvalidRequestException) when calling the TestInvokeAuthorizer operation: Token signature mismatch for authorizer my-new-authorizer.

    1.How to check tokenKeyValue value is correct? 2.How to verify the token signature calculation? I have ensured that the private-key.pem file is the correct private key that corresponds to the public key associated with the authorizer. Kindly help

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content