python - TypeError : "errorMessage": "参数应该是类似字节的对象或 ASCII 字符串，而不是 'Binary'",

问题描述

我尝试了另一个程序来验证上表和用户名中保存的用户名和加密密码列表，并允许不同表中的资源。该程序需要与 API 请求集成，但是我已更改为从 lambda 测试配置发送事件测试参数，我尝试了与前面评论中指导的相同的解码。根据之前的错误和评论，我能够解决这个问题。 “errorMessage”：“没有编码的字符串参数”， TypeError：没有编码的字符串参数

这似乎是同一类问题。但是我尝试了以下格式。所有三个错误都相同。

CiphertextBlob=bytes(base64.b64decode(secret, 'utf8')
CiphertextBlob=bytes(base64.b64decode(secret).decode('utf8'))
CiphertextBlob=bytes(base64.b64decode(secret), decoding='utf8')

Response:
{
  "errorMessage": "argument should be a bytes-like object or ASCII string, not 'Binary'",
  "errorType": "TypeError",
  "stackTrace": [
    "  File \"/var/task/lambda_function.py\", line 45, in lambda_handler\n    decrypted_password_from_table = decrypt(session,password_from_table)\n",
    "  File \"/var/task/lambda_function.py\", line 10, in decrypt\n    CiphertextBlob=bytes(base64.b64decode(secret).decode('utf8'))\n",
    "  File \"/var/lang/lib/python3.8/base64.py\", line 80, in b64decode\n    s = _bytes_from_decode_data(s)\n",
    "  File \"/var/lang/lib/python3.8/base64.py\", line 45, in _bytes_from_decode_data\n    raise TypeError(\"argument should be a bytes-like object or ASCII \"\n"
  ]
}

import os
import boto3
import base64
from boto3.dynamodb.conditions import Key, Attr
#import botocore.vendored.requests.api as requests

def decrypt(session, secret):
    client = session.client('kms')
    plaintext = client.decrypt(
        CiphertextBlob=bytes(base64.b64decode(secret), decoding='utf8')
    )
    return plaintext["Plaintext"]

def lambda_handler(event, context):

    session = boto3.session.Session()
    dynamodb = boto3.resource('dynamodb')
    authentication_table_name = 'Authentication'
    authorization_table = dynamodb.Table('Authorization')
    authentication_table = dynamodb.Table(authentication_table_name)

    # Extract the username, password, and resource from the message

    #message = str(event['message'])
    #password = message.split('password>')[1][:-2]
    #username = message.split('username>')[1][:-2]
    #resource = message.split('resource>')[1][:-2]

    password = event['password']
    username = event['username']
    resource = event['resource']

    #print('MESSAGE: ' + message)
    #print('PASSWORD: ' + str(password))
    #print('USERNAME: ' + str(username))
    #print('RESOURCE: ' + str(resource))

    # Authenticate user with encrypted DDB

    entry = authentication_table.get_item(TableName=authentication_table_name, Key={'username':username})

    if 'Item' in entry:
        #print('entry["Item"]["password"]: ' + str(entry['Item']['password']))
        password_from_table = entry['Item']['password']
        decrypted_password_from_table = decrypt(session,password_from_table)
        #decrypted_password_from_table = decrypted_password_from_table.decode('utf-8')
        print('type(decrypted_password_from_table): ' + str(type(decrypted_password_from_table)))
        print('attempted password: ' + str(password))
        print('decrypted_password_from_table: ' + str(decrypted_password_from_table))
        if password == decrypted_password_from_table:
            print('User has been authenticated.')
        else:
            print('Incorrect password')
            return 'Incorrect password'
    else:
        print('User is NOT VALID')
        return 'Invalid User'

    # Authorize user with unencrypted DDB

    allowed_resources = authorization_table.get_item(Key={'username': username})['Item']['allowed_resources']
    allowed_resources = allowed_resources.split(',')
    print('allowed_resources: ' + str(allowed_resources))
    if resource not in allowed_resources:
        return 'USER NOT AUTHORIZED TO ACCESS RESOURCE'

    # Forward message to endpoint
    #response = requests.request('GET', 'https://postman-echo.com/get?foo1=bar1', params={'foo1': message})
   # print('dummy echo api response.text: ' + str(response.text))

    return_string = 'Success! Here is your API response: ' #+ str(response.text)
    return return_string

标签： pythonaws-lambdaamazon-dynamodbboto3aws-kms