亚马逊MWS错误SignatureDoesNotMatch(Python)

时间:2016-01-13 21:24:49

标签: python amazon-mws

我在尝试向亚马逊商城WebService提交请求时遇到以下错误:

The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details. 62baed22-cc14-49bd-bf34-c1eb10bc4019

代码:

import sys, os, base64, datetime, hashlib, hmac, urllib
from time import gmtime, strftime
from requests import request
import urllib.parse
import urllib.request
import dateutil.parser

def get_timestamp():
    time = strftime("%Y-%m-%dT%H:%M:%SZ", gmtime())
    return dateutil.parser.parse(time)

def calc_signature(method, domain, URI, request_description, key):
    sig_data = method + '\n' + \
        domain.lower() + '\n' + \
        URI + '\n' + \
        request_description

    hmac_obj = hmac.new(key.encode(), sig_data.encode(), hashlib.sha256)
    digest = hmac_obj.digest()

    return urllib.parse.quote(base64.b64encode(digest), safe='-_+=/.~')

SECRET_KEY = 'XXXXXXXX'
AWS_ACCESS_KEY = 'XXXXXXXX'
SELLER_ID = 'XXXXXXXX'
MARKETPLACE_ID = 'XXXXXXXX'
MWS_AUTH_TOKEN = 'XXXXXXXXXXX'

Action = 'GetLowestPricedOffersForASIN'
SignatureMethod = 'HmacSHA256'
SignatureVersion = '2'
Timestamp = get_timestamp()
Version = '2011-10-01'
CreatedAfter = '2011-10-01T23:00:57Z'
URI = '/Products/2011-10-01'
domain = 'mws.amazonservices.com'
proto = 'https://'
method = 'POST'
ASIN = 'B004KZQVF4'
itemcondition = 'New'

payload = {
    'AWSAccessKeyId': AWS_ACCESS_KEY,
    'Action': Action,
    'SellerId': SELLER_ID,
    'MWSAuthToken': MWS_AUTH_TOKEN,
    'SignatureVersion': SignatureVersion,
    'Timestamp': '2016-01-08T05%3A32%3A48Z',
    'Version': Version,
    'SignatureMethod': SignatureMethod,
    'CreatedAfter': CreatedAfter,
    'MarketplaceId.Id.1': MARKETPLACE_ID,
    'ASIN': ASIN,
    'ItemCondition': itemcondition
}

request_description = '&'.join(['%s=%s' % (k, urllib.parse.quote(payload[k], safe='-_+=/.~').encode('utf-8')) for k in sorted(payload)])

sig = calc_signature(method, domain, URI, request_description, SECRET_KEY)

url = '%s%s?%s&Signature=%s' % \
    (proto+domain, URI, request_description, urllib.parse.quote(sig))

headers = {
    'Host': domain,
    'Content-Type': 'text/xml',
    'x-amazon-user-agent': 'python-requests/1.2.0 (Language=Python)'
}

response = request(method, url, headers=headers)

网址输出:

https://mws.amazonservices.com/Products/2011-10-01?ASIN=XXXXXXX&AWSAccessKeyId=XXXXXXX&Action=GetLowestPricedOffersForASIN&CreatedAfter=2014-08-26T23%3A00%3A57Z&ItemCondition=New&MWSAuthToken=XXXXXXX&MarketplaceId.Id.1=XXXXXXX&SellerId=XXXXXXX&SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2016-01-13T21%3A08%3A57Z&Version=2013-09-01&Signature=hwooJu0FeDs3j26mEUN8of5buSI/QsgY54kVCUsAirw%3D

显然,签名的生成方式存在问题,但我无法缩小原因。

1 个答案:

答案 0 :(得分:2)

好吧,我明白了。只需将方法从“POST”改为“GET”。

已经和它斗争了好几天 - 数字就这么简单!