"Credential should be scoped to a valid region" 来自 AWS 的 alexa 热门站点服务
"Credential should be scoped to a valid region" alexa top sites service from AWS
我正在尝试访问 alexa 顶级站点服务。基于此,我从 Alexa 的文档中复制了代码。
代码如下:
import sys, os, base64, datetime, hashlib, hmac
import requests
method = 'GET'
service = "AlexaTopSites"
host = "ats.amazonaws.com"
region = 'us-east-1'
endpoint = "ats.us-east-1.amazonaws.com"
request_parameters="Action=TopSites&Count=100&CountryCode=BR&ResponseGroup=Country&Start=301&Url=yahoo.com"
def sign(key, msg):
return hmac.new(key, msg.encode('utf-8'), hashlib.sha256).digest()
def getSignatureKey(key, dateStamp, regionName, serviceName):
kDate = sign(('AWS4' + key).encode('utf-8'), dateStamp)
kRegion = sign(kDate, regionName)
kService = sign(kRegion, serviceName)
kSigning = sign(kService, 'aws4_request')
return kSigning
access_key = AWS_ACCESS_KEY_ID
secret_key = AWS_SECRET_KEY
t = datetime.datetime.utcnow()
amzdate = t.strftime('%Y%m%dT%H%M%SZ')
datestamp = t.strftime('%Y%m%d') # Date w/o time, used in credential scope
canonical_uri = '/'
canonical_querystring = request_parameters
canonical_headers = 'host:' + host + '\n' + 'x-amz-date:' + amzdate + '\n'
signed_headers = 'host;x-amz-date'
payload_hash = hashlib.sha256(('').encode('utf-8')).hexdigest()
canonical_request = method + '\n' + canonical_uri + '\n' + canonical_querystring + '\n' + canonical_headers + '\n' + signed_headers + '\n' + payload_hash
algorithm = 'AWS4-HMAC-SHA256'
credential_scope = datestamp + '/' + region + '/' + service + '/' + 'aws4_request'
string_to_sign = algorithm + '\n' + amzdate + '\n' + credential_scope + '\n' + hashlib.sha256(canonical_request.encode('utf-8')).hexdigest()
signing_key = getSignatureKey(secret_key, datestamp, region, service)
signature = hmac.new(signing_key, (string_to_sign).encode('utf-8'), hashlib.sha256).hexdigest()
authorization_header = algorithm + ' ' + 'Credential=' + access_key + '/' + credential_scope + ', ' + 'SignedHeaders=' + signed_headers + ', ' + 'Signature=' + signature
headers = {'Authorization':authorization_header,"Content-Type":"application/xml",'X-Amz-Date':amzdate, "Accept":"application/xml"}
url="https://ats.amazonaws.com/api"+"?"+request_parameters
r = requests.get(url, headers=headers)
r.text
错误信息如下
<?xml version="1.0" ?>\n<aws:TopSitesResponse xmlns:aws="http://ats.amazonaws.com/doc/2005-10-05">\n <aws:Response xmlns:aws="http://ats.amazonaws.com/doc/2005-07-11">\n <aws:OperationRequest>\n <aws:RequestId></aws:RequestId>\n </aws:OperationRequest>\n <aws:TopSitesResult>\n <aws:Alexa>\n <aws:Request>\n <aws:Errors>\n <aws:Error>\n <aws:ErrorCode><![CDATA["Credential should be scoped to a valid region, not \'us-east-1\'. "]]></aws:ErrorCode>\n </aws:Error>\n </aws:Errors>\n </aws:Request>\n </aws:Alexa>\n </aws:TopSitesResult>\n <aws:ResponseStatus xmlns:aws="http://alexa.amazonaws.com/doc/2005-10-05/">\n <aws:StatusCode>Error</aws:StatusCode>\n </aws:ResponseStatus>\n </aws:Response>\n</aws:TopSitesResponse>
准确的错误代码如下
<aws:ErrorCode><![CDATA["Credential should be scoped to a valid region, not \'us-east-1\'. "]]>
实际上,我已经删除了 IAM 用户并根据 aws 文档重新创建了很多次,但没有任何乐趣。我相信该地区是正确的。虽然我尝试了很多不同的 aws 区域,但它对我不起作用。
我玩过参数(service = "blablalba", host="blablalba", endpoint = "blalbalba"),错误响应总是一样的,不管你传递什么参数给争论,错误总是一样。
method = 'GET'
service = "AlexaTopSites"
host = "ats.amazonaws.com"
region = 'us-east-1'
endpoint = "ats.us-east-1.amazonaws.com"
错误代码中唯一变化的是区域部分。如果你输入 region = "hohoho" ,我得到的错误响应是
"Credential should be scoped to a valid region, not \'hohoho\'. "
PS:我从 AWS 市场订阅了 TopSites 服务。
端点 URL 需要它的子域来匹配您的凭据所在的区域。因此,如果您有 region = "us-east-1"
,则需要调用 ats.us-east-1.amazonaws.com
作为基础 URL。如果您需要更改区域,您可以定义区域变量,然后使用它来形成基本端点变量 url = f'https://ats.{region}.amazonaws.com'
以便于使用。
我正在尝试访问 alexa 顶级站点服务。基于此,我从 Alexa 的文档中复制了代码。
代码如下:
import sys, os, base64, datetime, hashlib, hmac
import requests
method = 'GET'
service = "AlexaTopSites"
host = "ats.amazonaws.com"
region = 'us-east-1'
endpoint = "ats.us-east-1.amazonaws.com"
request_parameters="Action=TopSites&Count=100&CountryCode=BR&ResponseGroup=Country&Start=301&Url=yahoo.com"
def sign(key, msg):
return hmac.new(key, msg.encode('utf-8'), hashlib.sha256).digest()
def getSignatureKey(key, dateStamp, regionName, serviceName):
kDate = sign(('AWS4' + key).encode('utf-8'), dateStamp)
kRegion = sign(kDate, regionName)
kService = sign(kRegion, serviceName)
kSigning = sign(kService, 'aws4_request')
return kSigning
access_key = AWS_ACCESS_KEY_ID
secret_key = AWS_SECRET_KEY
t = datetime.datetime.utcnow()
amzdate = t.strftime('%Y%m%dT%H%M%SZ')
datestamp = t.strftime('%Y%m%d') # Date w/o time, used in credential scope
canonical_uri = '/'
canonical_querystring = request_parameters
canonical_headers = 'host:' + host + '\n' + 'x-amz-date:' + amzdate + '\n'
signed_headers = 'host;x-amz-date'
payload_hash = hashlib.sha256(('').encode('utf-8')).hexdigest()
canonical_request = method + '\n' + canonical_uri + '\n' + canonical_querystring + '\n' + canonical_headers + '\n' + signed_headers + '\n' + payload_hash
algorithm = 'AWS4-HMAC-SHA256'
credential_scope = datestamp + '/' + region + '/' + service + '/' + 'aws4_request'
string_to_sign = algorithm + '\n' + amzdate + '\n' + credential_scope + '\n' + hashlib.sha256(canonical_request.encode('utf-8')).hexdigest()
signing_key = getSignatureKey(secret_key, datestamp, region, service)
signature = hmac.new(signing_key, (string_to_sign).encode('utf-8'), hashlib.sha256).hexdigest()
authorization_header = algorithm + ' ' + 'Credential=' + access_key + '/' + credential_scope + ', ' + 'SignedHeaders=' + signed_headers + ', ' + 'Signature=' + signature
headers = {'Authorization':authorization_header,"Content-Type":"application/xml",'X-Amz-Date':amzdate, "Accept":"application/xml"}
url="https://ats.amazonaws.com/api"+"?"+request_parameters
r = requests.get(url, headers=headers)
r.text
错误信息如下
<?xml version="1.0" ?>\n<aws:TopSitesResponse xmlns:aws="http://ats.amazonaws.com/doc/2005-10-05">\n <aws:Response xmlns:aws="http://ats.amazonaws.com/doc/2005-07-11">\n <aws:OperationRequest>\n <aws:RequestId></aws:RequestId>\n </aws:OperationRequest>\n <aws:TopSitesResult>\n <aws:Alexa>\n <aws:Request>\n <aws:Errors>\n <aws:Error>\n <aws:ErrorCode><![CDATA["Credential should be scoped to a valid region, not \'us-east-1\'. "]]></aws:ErrorCode>\n </aws:Error>\n </aws:Errors>\n </aws:Request>\n </aws:Alexa>\n </aws:TopSitesResult>\n <aws:ResponseStatus xmlns:aws="http://alexa.amazonaws.com/doc/2005-10-05/">\n <aws:StatusCode>Error</aws:StatusCode>\n </aws:ResponseStatus>\n </aws:Response>\n</aws:TopSitesResponse>
准确的错误代码如下
<aws:ErrorCode><![CDATA["Credential should be scoped to a valid region, not \'us-east-1\'. "]]>
实际上,我已经删除了 IAM 用户并根据 aws 文档重新创建了很多次,但没有任何乐趣。我相信该地区是正确的。虽然我尝试了很多不同的 aws 区域,但它对我不起作用。
我玩过参数(service = "blablalba", host="blablalba", endpoint = "blalbalba"),错误响应总是一样的,不管你传递什么参数给争论,错误总是一样。
method = 'GET'
service = "AlexaTopSites"
host = "ats.amazonaws.com"
region = 'us-east-1'
endpoint = "ats.us-east-1.amazonaws.com"
错误代码中唯一变化的是区域部分。如果你输入 region = "hohoho" ,我得到的错误响应是
"Credential should be scoped to a valid region, not \'hohoho\'. "
PS:我从 AWS 市场订阅了 TopSites 服务。
端点 URL 需要它的子域来匹配您的凭据所在的区域。因此,如果您有 region = "us-east-1"
,则需要调用 ats.us-east-1.amazonaws.com
作为基础 URL。如果您需要更改区域,您可以定义区域变量,然后使用它来形成基本端点变量 url = f'https://ats.{region}.amazonaws.com'
以便于使用。