如何创建适用于Python的AWS的sig v4？

Question

我需要创建一个标志来访问Amazon Product Advertising API。此方法描述：

1. 方法： Example REST Requests - Product Advertising API

2. 示例： 这个文档有一个代码示例： Examples of the Complete Version 4 Signing Process (Python) - Amazon Web Services

问题：

样本和方法之间存在一些差异：

在Method中没有区域，需要区域才能在样本中创建签名。

1. 方法： Example REST Requests - Product Advertising API

2. 示例： 这个文档有一个代码示例： Examples of the Complete Version 4 Signing Process (Python) - Amazon Web Services

   import base64, binascii
   import sys, os, base64, datetime, hashlib, hmac, urllib
   import requests
   
   def sign(key, msg):
       return hmac.new(key, msg.encode('utf-8'), hashlib.sha256).digest()
   
   
   def getSignatureKey(key, dateStamp, serviceName):
       kDate = sign(('AWS4' + key).encode('utf-8'), dateStamp)
       kService = sign(kDate, serviceName)
       kSigning = sign(kService, 'aws4_request')
       return kSigning
   
   access_key='AKIAIOSFODNN7EXAMPLE'
   secret_key='1234567890'
   method = 'GET'
   service = 'AWSECommerceService'
   host = 'webservices.amazon.com'
   endpoint = 'http://webservices.amazon.com/onca/xml'
   request_parameters = 'Action=DescribeRegions&Version=2013-10-15'
   
   t = datetime.datetime.utcnow()
   amz_date = t.strftime('%Y%m%dT%H%M%SZ') # Format date as YYYYMMDD'T'HHMMSS'Z'
   datestamp = t.strftime('%Y%m%d')
   
   msg="\
   GET\
   webservices.amazon.com\
   /onca/xml\
   AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&AssociateTag=mytag-20&ItemId=0679722769&Operation=ItemLookup&ResponseGroup=Images%2CItemAttributes%2COffers%2CReviews&Service=AWSECommerceService&Timestamp=2014-08-18T12%3A00%3A00Z&Version=2013-08-01"
   key="1234567890"
   
   result='j7bZM0LXZ9eXeZruTqWm2DIvDYVUU3wxPPpp+iXxzQc'
   
   byte_key = binascii.unhexlify(key)
   
   msg = msg.encode()
   base64_key = base64.b64encode(byte_key)
   serviceName='AWSECommerceService'
   canonical_headers = 'host:' + host + '\n'
   signed_headers = 'host'
   algorithm = 'AWS4-HMAC-SHA256'
   credential_scope = datestamp + '/' + service + '/' + 'aws4_request'
   
   canonical_querystring = 'Operation=ItemLookup&ItemId=0679722769&ResponseGroup=ItemAttributes,Offers,Images,Reviews&Version=2013-08-01'
   canonical_querystring += '&X-Amz-Algorithm=AWS4-HMAC-SHA256'
   canonical_querystring += '&X-Amz-Credential=' + urllib.parse.quote_plus(access_key + '/' + credential_scope)
   canonical_querystring += '&X-Amz-Date=' + amz_date
   canonical_querystring += '&X-Amz-Expires=30'
   canonical_querystring += '&X-Amz-SignedHeaders=' + signed_headers
   
   
   payload_hash = hashlib.sha256(('').encode('utf-8')).hexdigest()
   
   string_to_sign ="\
   GET\
   webservices.amazon.com\
   /onca/xml\
   AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&AssociateTag=mytag-20&ItemId=0679722769&Operation=ItemLookup&ResponseGroup=Images%2CItemAttributes%2COffers%2CReviews&Service=AWSECommerceService&Timestamp=2014-08-18T12%3A00%3A00Z&Version=2013-08-01"
   
   signing_key = getSignatureKey(key, datestamp, service)
   signature = hmac.new(base64_key, (string_to_sign).encode("utf-8"), hashlib.sha256).hexdigest()
   
   canonical_querystring += '&X-Amz-Signature=' + signature
   
   print(signature)
   print (result)
   

预期结果：

j7bZM0LXZ9eXeZruTqWm2DIvDYVUU3wxPPpp+iXxzQc

实际结果：

604f52f1b24490b4aeea4cd5f69ced4c7feed04c4a0dd4e49174be6d5a71ccae