python - 尝试在python中进行签名并添加策略并签名到html文档以使用post在s3存储桶中上传文件。给出签名不匹配错误
问题描述
我在 python 中导出签名的代码如下。在这里,我的意图是生成签名和字符串以登录,以便我可以在 html 表单中使用它们。它显示以下错误:
SignatureDoesNotMatch and the request signature we calculated does not match the signature you provided.
import sys,os,base64, datetime, hashlib, hmac
import requests
method = 'POST'
service = 's3'
host = 'myBucket.s3.amazonaws.com'
region = 'someregion'
request_parameters = ''
stToEncode = '{"expiration": "2020-06-30T12:00:00.000Z","conditions": [{"bucket": "myBucket"},
["starts-with","$key","user/user1/"],{"acl": "public-read"},{"success_action_redirect":
"http://myBucket.s3.amazonaws.com/postHtml.html"},["starts-with", "$Content-Type", "text/"],{"x-
amz- meta-uuid": "14365123651274"},{"x-amz-server-side-encryption": "AES256"},["starts-with",
"$x-amz- meta-tag", ""],{"x-amz-credential": "AKIAIOSFODNN7EXAMPLE/20200630/us-east-
1/s3/aws4_request"},{"x- amz-algorithm": "AWS4-HMAC-SHA256"},{"x-amz-date": "20200630T000000Z"
}]}'
stEncode = stToEncode.encode('utf8')
b64_stEncode = base64.b64encode(stEncode)
t = datetime.datetime.utcnow()
amzdate = t.strftime('%Y%m%dT%H%M%SZ')
datestamp = t.strftime('%Y%m%d') # Date w/o time, used in credential scope
def sign(key, msg):
return hmac.new(key, msg.encode("utf-8"), hashlib.sha256).digest()
def getSignatureKey(key, dateStamp, regionName, serviceName):
kDate = sign(("AWS4" + key).encode("utf-8"), dateStamp)
kRegion = sign(kDate, regionName)
kService = sign(kRegion, serviceName)
kSigning = sign(kService, "aws4_request")
return kSigning
access_key = 'somekey'
secret_key = 'somesecret'
if access_key is None or secret_key is None:
print('No access key is available')
sys.exit()
t = datetime.datetime.utcnow()
amzdate = t.strftime('%Y%m%dT%H%M%SZ')
datestamp = t.strftime('%Y%m%d') # Date w/o time, used in credential scope
# ************* TASK 2: CREATE THE STRING TO SIGN*************
# Match the algorithm to the hashing algorithm you use, either SHA-1 or
# SHA-256 (recommended)
canonical_uri = '/'
canonical_headers = 'host:' + host + '\n' + 'x-amz-date:' + amzdate + '\n'
signed_headers = 'host;x-amz-date'
canonical_querystring = request_parameters
payload_hash = hashlib.sha256(('').encode('utf-8')).hexdigest()
canonical_request = method + '\n' + canonical_uri + '\n' + canonical_querystring + '\n' +
canonical_headers + '\n' + signed_headers + '\n' + payload_hash
algorithm = 'AWS4-HMAC-SHA256'
credential_scope = datestamp + '/' + region + '/' + service + '/' + 'aws4_request'
string_to_sign = algorithm + '\n' + amzdate + '\n' + credential_scope + '\n' +
hashlib.sha256(canonical_request.encode('utf-8')).hexdigest()
# ************* TASK 3: CALCULATE THE SIGNATURE *************
# Create the signing key using the function defined above.
signing_key = getSignatureKey(secret_key, datestamp, region, service)
# Sign the string_to_sign using the signing_key
signature = hmac.new(signing_key, (string_to_sign).encode('utf-8'), hashlib.sha256).hexdigest()
#print(b64_stEncode)
print(string_to_sign)
print(signature)
解决方案
推荐阅读
- python - 如何在 django 模型中计算@property 函数的总和?
- flutter - 修改后的骰子程序在颤振中无法按预期工作
- selenium - 在 Jmeter 中使用 Selenium 在网页中查找元素
- react-native - onPress 在 React Native Flatlist 中不起作用
- css - 尽管设置了宽度和高度,但图像在加载后导致回流?
- c++ - 虚幻引擎中C++ dll的触发事件
- payment - 如何使用 Stripe 附加付款方式?
- sql - 使用 GROUP BY 包括所有仓库的所有产品的总和
- asp.net - 如何获取 HyperLinkField 的文本值
- excel - 如何使用用户窗体 (VBA) 将文本框连接到另一个工作表