Signer removed in v6

[abarke]

Before opening, please confirm:

• I have searched for duplicate or closed issues and discussions.
• I have read the guide for submitting bug reports.
• I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.

JavaScript Framework

Vue

Amplify APIs

Authentication

Amplify Version

v6

Amplify Categories

auth

Backend

None

Environment information

 System:
    OS: Windows 11 10.0.22631
    CPU: (12) x64 12th Gen Intel(R) Core(TM) i7-1255U
    Memory: 14.51 GB / 39.68 GB
  Binaries:
    Node: 18.15.0 - C:\Program Files\nodejs\node.EXE
    Yarn: 1.22.19 - C:\Program Files\nodejs\yarn.CMD
    npm: 9.5.0 - C:\Program Files\nodejs\npm.CMD
    pnpm: 8.15.5 - C:\Program Files\nodejs\pnpm.CMD
    bun: 1.1.4 - ~\.bun\bin\bun.EXE
  Browsers:
    Edge: Chromium (123.0.2420.97)
    Internet Explorer: 11.0.22621.3527
  npmGlobalPackages:
    @aws-amplify/cli: 11.0.5
    @deptagency/octopus: 1.5.1
    corepack: 0.15.3
    esbuild: 0.18.17
    fast-cli: 3.2.0
    http-server: 14.1.1
    npm: 9.5.0
    qrcode-terminal: 0.12.0
    serverless: 3.30.1
    typescript: 5.0.4
    yarn: 1.22.19

Describe the bug

import { Signer } from "aws-amplify";

Signer export has been removed. I found it somewhere in the core, but could not find a way to import it. I tried "aws-amplify/utils" with no avail.

I could find in node import { Signer } from "@aws-amplify/core/dist/esm/Signer" but again no clean import.

Could we have something like this please?

import { signRequest } from "@aws-amplify/core"

No mention about this breaking change in https://docs.amplify.aws/gen1/javascript/build-a-backend/auth/auth-migration-guide/

Expected behavior

import { signRequest } from "@aws-amplify/core"

Reproduction steps

import { Signer } from "aws-amplify";

Code Snippet

import { Signer } from "aws-amplify";

Log output

// Put your logs below this line

aws-exports.js

No response

Manual configuration

No response

Additional configuration

No response

Mobile Device

No response

Mobile Operating System

No response

Mobile Browser

No response

Mobile Browser Version

No response

Additional information and screenshots

No response

[cwomack]

Hello, @abarke and thank you for creating this issue. While the decision to remove support for the Signer export in v6 of Amplify was intentional, this is something that may have missed in our migration guides. I've marked this as a feature request to be considered for version parity and will review this with our team internally.

Beyond what you've already detailed in the description of this issue, can you share any further context/use cases for this? Thanks!

[abarke]

We use an open API generated TS library for our endpoints. To sign the requests we use an interceptor in the generated code so that it works as expected. We sign the requests manually. I switch to using @smithy/signature-v4 for now. That works fine.

// Custom middleware that signs the request with the current credentials
const awsSigningMiddleware: Middleware = {
  pre: async (context) => {
    const { headers } = await signRequest(
      context.init.method ?? "GET",
      context.url,
      parseBody(context.init.body),
    );

    // Update the fetch request headers with the signed headers
    context.init.headers = {
      ...headers,
    };

    return context;
  },
};

// Custom middleware for error handling
const errorHandlingMiddleware: Middleware = {
  onError: async (context) => {
    const h3Error = apiErrorHandler(context.error);

    console.error(h3Error);

    return context.response;
  },
};

// Configure the API client with the custom middleware
const apiConfig = new Configuration({
  middleware: [awsSigningMiddleware, errorHandlingMiddleware],
});

// Create the API client with the custom configuration
export const api = new DefaultApi(apiConfig);

[abarke]

Here is the current workaround using @smithy/signature-v4:

async function signRequest(method: string, uri: string, body?: string) {
  const { credentials } = await fetchAuthSession();

  if (credentials === undefined) {
    throw new Error("Unauthorized");
  }

  const url = new URL(uri);

  const request = new HttpRequest({
    hostname: url.hostname,
    path: url.pathname + url.search,
    method,
    body,
    headers: {
      host: url.hostname, // host is required by AWS Signature V4
      "Content-Type": "application/json",
    },
  });

  const signer = new SignatureV4({
    credentials,
    region,
    service,
    sha256: Sha256,
  });

  return signer.sign(request);
}

[cwomack]

@abarke, thanks for the code example showing the workaround. Using the @smithy/signature-v4 is the workaround we'd recommend as well at this point and we'll update this issue if we have further progress or questions. Thanks!

[AtharvArolkar]

https://stackoverflow.com/q/78465559/20597701, Amplify V6 Rest api doesnt seem to sign the request