55

Amazon Product API 现在需要对我尝试生成 ushing Python 的每个请求进行签名。

我挂断的步骤是这个:

“使用上面的字符串和我们的“虚拟”秘密访问密钥:1234567890,使用 SHA256 哈希算法计算符合 RFC 2104 的 HMAC。有关此步骤的更多信息,请参阅您的编程语言的文档和代码示例。

给定一个字符串和一个密钥(在本例中为 1234567890),我如何使用 Python 计算此哈希?

- - - - - - 更新 - - - - - - -

使用 HMAC.new 的第一个解决方案看起来是正确的,但是我得到的结果与它们不同。

http://docs.amazonwebservices.com/AWSECommerceService/latest/DG/index.html?rest-signature.html

根据亚马逊的示例,当您对密钥 1234567890 和以下字符串进行哈希处理时

GET
webservices.amazon.com
/onca/xml
AWSAccessKeyId=00000000000000000000&ItemId=0679722769&Operation=I
temLookup&ResponseGroup=ItemAttributes%2COffers%2CImages%2CReview
s&Service=AWSECommerceService&Timestamp=2009-01-01T12%3A00%3A00Z&
Version=2009-01-06

您应该得到以下签名:'Nace+U3Az4OhN7tISqgs1vdLBHBEijWcBeCqL5xN9xg='

我得到这个: '411a59403c9f58b4a434c9c6a14ef6e363acc1d1bb2c6faf9adc30e20898c83b'

4

6 回答 6

108 
import hmac
import hashlib
import base64
dig = hmac.new(b'1234567890', msg=your_bytes_string, digestmod=hashlib.sha256).digest()
base64.b64encode(dig).decode()      # py3k-mode
'Nace+U3Az4OhN7tISqgs1vdLBHBEijWcBeCqL5xN9xg='
于 2009-08-20T14:27:33.980 回答
17 
import hmac
import hashlib
import base64

digest = hmac.new(secret, msg=thing_to_hash, digestmod=hashlib.sha256).digest()
signature = base64.b64encode(digest).decode()

我知道这听起来很傻,但请确保您的秘密中没有尾随空格。

于 2012-08-28T19:13:36.353 回答
13 
>>> import hmac
>>> import hashlib
>>> import base64
>>> s = """GET
... webservices.amazon.com
... /onca/xml
... AWSAccessKeyId=00000000000000000000&ItemId=0679722769&Operation=ItemLookup&ResponseGroup=ItemAttributes%2COffers%2CImages%2CReviews&Service=AWSECommerceService&Timestamp=2009-01-01T12%3A00%3A00Z&Version=2009-01-06"""
>>> base64.b64encode(hmac.new("1234567890", msg=s, digestmod=hashlib.sha256).digest())
'Nace+U3Az4OhN7tISqgs1vdLBHBEijWcBeCqL5xN9xg='
于 2009-08-20T16:41:26.930 回答
4

http://docs.python.org/library/hashlib.html#module-hashlib(修改了一下):

import hashlib
secretKey = "1234567890"
m = hashlib.sha256()

# Get string and put into givenString.

m.update(givenString + secretKey)
m.digest()
于 2009-08-20T14:27:23.933 回答
3

如果您尝试使用 Python3 将用户注册到 AWS cognito,您可以使用以下代码。

#For the SecretHash 
import hmac
import hashlib
import base64   

//Please note that the b in the secretKey and encode('utf-8') are really really important. 
secretKey = b"secret key that you get from Coginito -> User Pool -> General Settings -> App Clients-->Click on Show more details -> App client secret  "
 clientId = "Coginito -> User Pool -> General Settings -> App Clients-->App client id"
 digest = hmac.new(secretKey,
              msg=(user_name + clientId).encode('utf-8'),
              digestmod=hashlib.sha256
             ).digest()
 secrethash = base64.b64encode(digest).decode()

上面的用户名 user_name 和你想在 cognito 中注册的用户相同

client = boto3.client('cognito-idp', region_name='eu-west-1' )

response = client.sign_up(
                    ClientId='Coginito -> User Pool -> General Settings -> App Clients-->App client id',
                    Username='Username of the person you are planning to register',
                    Password='Password of the person you are planning to register',
                    SecretHash=secrethash,
                    UserAttributes=[
                        {
                            'Name': 'given_name',
                            'Value': given_name
                        },
                        {
                            'Name': 'family_name',
                            'Value': family_name
                        },
                        {
                            'Name': 'email',
                            'Value': user_email
                        }
                    ],
                    ValidationData=[
                        {
                            'Name': 'email',
                            'Value': user_email
                        },
                    ]
于 2019-07-02T18:10:48.540 回答
3

如果您有字符串密码和字符串令牌,它可能会有所帮助(我知道可能为时已晚,但以防万一它适用于某人)。在 python 3 中,所有三个选项都对我有用-

import hmac
import hashlib
import base64

access_token = 'a'
app_secret = 'b'

access_token = <your token in string format>
app_secret = <your secret access key in string format>

# use any one, all three options work.
# OPTION 1 (it works)
# digest = hmac.new(app_secret.encode('UTF-8'),
#                   access_token.encode('UTF-8'), hashlib.sha256)
# OPTION 2 (it works)
# digest = hmac.new(str.encode(app_secret),
#                   str.encode(access_token), hashlib.sha256)
# OPTION 3 (it works)
digest = hmac.new(bytes(app_secret, 'UTF-8'),
                bytes(access_token, 'UTF-8'), hashlib.sha256)
signature = digest.hexdigest()
print(signature)
于 2020-12-31T06:03:44.183 回答