What I am doing wrong with S3 PUT request using AWS Signature Version 4

What I am doing wrong with S3 PUT request using AWS Signature Version 4

By : Ster.Stack
Date : October 18 2020, 01:08 AM
I think the issue was by ths following , Your StringToSign is incorrect. Specifically the HashedCanonicalRequest is incorrect.
The Amazon error response will show you the exact StringToSign. This will help you figure out what is wrong.
code :
from collections import OrderedDict
from dateutil import parser
import datetime
import hashlib
import hmac
import requests

key_id = ""
secret = "/N6VFTasQCJic3CqL9tj80UGB6Ba1B"
region = ""
bucket_name = ""
service = "s3"

def hashb16(message):
    return hashlib.sha256(message).hexdigest()

def HMAC(key, message):
    return hmac.new(key, message, hashlib.sha256)

current_time = datetime.datetime.utcnow()

url = "https://s3-us-west-2.amazonaws.com/{}/sometest.txt".format(bucket_name)
payload = "Welcome to Amazon S3."
headers = {
    'date': current_time.strftime("%a, %d %b %Y %H:%m:%S GMT"),
    'host': "s3-us-west-2.amazonaws.com",
    'x-amz-content-sha256': 'UNSIGNED-PAYLOAD',
    'x-amz-date': current_time.strftime('%Y%m%dT%H%M%SZ'),
    'x-amz-storage-class': 'REDUCED_REDUNDANCY'
sorted_headers = sorted([k for k in headers])

# step 1
HTTPRequestMethod = "PUT"
CanonicalURI = "/{}/sometest.txt".format(bucket_name)
CanonicalQueryString = ""
CanonicalHeaders = ""
for key in sorted_headers:
    CanonicalHeaders += "{}:{}\n".format(key.lower(), headers[key])
SignedHeaders = "{}".format(";".join(sorted_headers))
HexEncondeHashRequestPayload = hashb16(payload)
CanonicalRequest = "{}\n{}\n{}\n{}\n{}\n{}".format(HTTPRequestMethod, CanonicalURI, CanonicalQueryString, CanonicalHeaders, SignedHeaders, 'UNSIGNED-PAYLOAD')

# step 2
Algorithm = "AWS4-HMAC-SHA256"
RequestDateTime = current_time.strftime('%Y%m%dT%H%M%SZ')
CredentialScope = "{}/{}/{}/{}".format(current_time.strftime("%Y%m%d"), region, service, "aws4_request")
HashedCanonicalRequest = hashb16(CanonicalRequest)
StringToSign = "{}\n{}\n{}\n{}".format(Algorithm, RequestDateTime, CredentialScope, HashedCanonicalRequest)

#step 3
kDate = HMAC("AWS4" + secret,     current_time.strftime("%Y%m%d")).digest()
kRegion = HMAC(kDate, region).digest()
kService = HMAC(kRegion, service).digest()
kSigning = HMAC(kService, "aws4_request").digest()
signature = HMAC(kSigning, StringToSign).hexdigest()

#step 4
Authorization = "AWS4-HMAC-SHA256 Credential={}/{},SignedHeaders={},Signature={}".format(key_id, CredentialScope, ";".join(sorted_headers), signature)
headers["Authorization"] = Authorization

response = requests.request("PUT", url, headers=headers)

print response.status_code
print response.text

Share : facebook icon twitter icon
Ivona Request Signing Issue - signature does not match (AWS Signature Version 4)

Ivona Request Signing Issue - signature does not match (AWS Signature Version 4)

By : David Shanna Bouthie
Date : March 29 2020, 07:55 AM
I hope this helps . Solved! Actually there is an issue in documentation example. So the code works fine.
cURL request getting wrong request version in Google App Engine

cURL request getting wrong request version in Google App Engine

By : Virginia Solomin
Date : March 29 2020, 07:55 AM
should help you out I have a cURL request in my code which works fine when running locally: , From the ipinfo.io documentation:
code :
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Accept: application/json'));
ScalaTest I get error while loading Suite, Scala signature Suite has wrong version

ScalaTest I get error while loading Suite, Scala signature Suite has wrong version

By : Trần Kingj
Date : March 29 2020, 07:55 AM
around this issue The problem was fixed by updaing the scala specs dependency in my pom
code :
How to translate AWS Task 1: Create a Canonical Request for Signature Version 4

How to translate AWS Task 1: Create a Canonical Request for Signature Version 4

By : JD Townsend
Date : March 29 2020, 07:55 AM
wish help you to fix your issue Below is a cfscript implementation of Task 1: Create a Canonical Request for Signature Version 4
code :
requestMethod = "GET";
writeOutput("<br>requestMethod: <code>"& requestMethod &"</code>");
originalURI = "";
// If the absolute path is empty, use a forward slash (/)
originalURI  = len(trim(originalURI)) ? originalURI : "/"& originalURI;
// Encode URI and preserve forward slashes 
canonicalURI = replace( encodeRFC3986( originalURI ), "%2F", "/", "all");
writeOutput("<br>canonicalURI: <code>"& canonicalURI &"</code>");
queryParams = { "Action"="ListUsers", "Version"="2010-05-08" };

// a) Encode parameter names and values 
encodedParams = {};
structEach( queryParams, function(key, value) {
    encodedParams[ encodeRFC3986(arguments.key) ] = encodeRFC3986( arguments.value);

// b) Sort the encoded parameter in ascending order (ASCII order)
encodedKeyNames = structKeyArray( encodedParams );
arraySort( encodedKeyNames, "text" );

// c) Build the canonical query string. Starting with first parameter, append encoded 
// parameter name, followed by character '=' (ASCII code 61), followed by the encoded value
encodedPairs  = [];
for (key in encodedKeyNames) {
    arrayAppend( encodedPairs, key &"="& encodedParams[ key ] ); 
// d) Append the character '&' (ASCII code 38) after each parameter value, except for the last value in the list. 
canonicalQueryString = arrayToList( encodedPairs, "&");
writeOutput("<br>canonicalQueryString: <code>"& canonicalQueryString &"</code>");
requestHeaders = { "Content-type"= "application/x-www-form-urlencoded; charset=utf-8"
                    , "Host" = "iam.amazonaws.com"
                    , "X-Amz-Date" = "20150830T123600Z"

// a) Convert all header names to lowercase and remove leading spaces and trailing spaces. 
// Convert sequential spaces in the header value to a single space.         
cleanedHeaders = {};
structEach( requestHeaders, function(key, value) {
    headerName = reReplace( trim(arguments.key), "\s+", " ", "all");
    headerValue = reReplace( trim(arguments.value), "\s+", " ", "all");
    cleanedHeaders[ lcase(headerName) ] = headerValue;

// b) [sort] the (lowercase) headers by character code
sortedHeaderNames = structKeyArray( cleanedHeaders );
arraySort( sortedHeaderNames, "text" );

// c) Append the lowercase header name followed by a colon.
// Do not sort the values in headers that have multiple values.
cleanedPairs  = [];
for (key in sortedHeaderNames) {
    arrayAppend( cleanedPairs, key &":"& cleanedHeaders[ key ] ); 

// d) Append new line after each header pair. Should END WITH a new line
canonicalHeaderString = arrayToList( cleanedPairs, chr(10) ) & chr(10) ;
writeOutput("<br> canonicalHeaderString: <code>"& canonicalHeaderString &"</code>");
// To create the signed headers list, convert all header names to lowercase, 
// sort them by character code, and use a semicolon to separate the header names. 
// Note, we already have the sorted names from the canonical header logic (step 4)
signedHeaderString = arrayToList( sortedHeaderNames, ";" );
writeOutput("<br>signedHeaderString: <code>"& signedHeaderString &"</code>");
requestPayload = "";
payloadChecksum = lcase( hash( requestPayload , "SHA256" ) );
writeOutput("<br>payloadChecksum: <code>"& payloadChecksum &"</code>");
canonicalRequest = requestMethod & chr(10)
                    & canonicalURI & chr(10)
                    & canonicalQueryString & chr(10)
                    & canonicalHeaderString & chr(10)
                    & signedHeaderString & chr(10)
                    & payloadChecksum ;

writeOutput("<br>canonicalRequest: <pre>"& canonicalRequest &"</pre>");
requestDigest = lcase( hash( canonicalRequest , "SHA256" ) );
writeOutput("<br>requestDigest: <code>"& requestDigest &"</code>");
    * URI encoding per RFC 3986:
    *  <ul>
    *     <li>Unreserved characters that should not be escaped: ALPHA / DIGIT / "-" / "." / "_" / "~" </li>
    *     <li>Spaces should be encoded as %20 instead of +</li>
    *     <li>Reserved characters that should be escaped include:   ? ## [ ] @ ! $ & ' ( ) * + , ; =</li>
    *  </ul>
    * @text String to encode
    * @returns URI encoded text
    public function encodeRFC3986(required string text) {
        // Requires CF10+
        Local.encoded = encodeForURL(arguments.text);

        // Undo encoding of tilde "~"
        Local.encoded = replace( Local.encoded, "%7E", "~", "all" );
        // Change space encoding from "+" to "%20"
        Local.encoded = replace( Local.encoded, "+", "%20", "all" );
        // URL encode asterisk "*" 
        Local.encoded = replace( Local.encoded, "*", "%2A", "all" );

        return Local.encoded;
How to send gatling request with AWS Signature Version 4?

How to send gatling request with AWS Signature Version 4?

By : user2519377
Date : March 29 2020, 07:55 AM
will be helpful for those in need You need to generate X-Amz-Date and Authorization details and pass them along with the header. You can use the below class to extract this two information.
https://github.com/sandipperf/AWS_API_Request_Gatling/blob/master/RequestSigner.scala to extract AWS signature key by providing ASWAccessKey and AWSSecretKey.
code :
val AwsAccessKey = "XXXXXXXXXXXX"
val signature = RequestSigner.sign(
        uriPath = "/Your/URL/HERE",

        method = "POST",
        //body = Some("""{ "hello": "foo" }"""),
        body = Some(requestBuildBody),
       //requestBuildBody = your actual request body you are going to pass along with post request 

        headers = Seq(("Host", List("XXXXXXXX.execute-api.us-XXXX-2.amazonaws.com"))),
        queryParameters = Seq.empty,
        credentials = new BasicAWSCredentials(AwsAccessKey, AwsSecretKey),
        region = "us-XXXX-2",
        service = "execute-api")

      val amzStamp = (signature.toString).substring(18, 34)
      val sign = (signature.toString).substring(35, 223)
    "Host" -> "XXXXXX.execute-api.us-XXXX-X.amazonaws.com",
    "Content-Type" -> "application/json",
    "X-Amz-Date" -> "${amazonTimeDetails}",
    "Authorization" -> "${signatureDetails}")
Related Posts Related Posts :
  • Can i use Docker for creating exe using pyinstaller
  • Reindexing data frame Pandas
  • Django-registration how to check if user exists
  • Attribute error when trying to get number of nodes
  • Sort list of list in Python according to a specific column
  • Crawling a page with python
  • How to open a Python 3 Program in another folder within Python 3
  • Format comments in vim starting with #' (hash-dash)
  • Boolean Addition Assignment in Python
  • with open(file, 'a+') as f is not appending
  • how to merge two files using python
  • Python canvas text position changes with font
  • Highlight a label in a legend, matplotlib
  • Numpy element-wise in operation
  • Python unittests run multiple times
  • Removing coordinates from list on python
  • What is the recommended way to work with a distutils-based setup.py of a C extension?
  • python html table data parsing
  • How To Call A Class Function From A Variable
  • ImportError: cannot import name 'IsolationForest'
  • Assign value to a column based of other columns from the same pandas dataframe
  • Error setting up Selenium on Ubuntu server 14.04, httplib.BadStatusLine: ''
  • read excel and convert index to datatimeindex pandas
  • Python: slicing a list into a list of lists using list comprehension
  • Python: what does "." in os.listdir(".") mean?
  • Two-Dimensional Arrays not updating correctly in python 3
  • Python running clock in separate window
  • Replacing duplicate item in list through raw_input
  • Why does this code using variable arguments give a TypeError?
  • Unindent does not match any outer indentation level in Python
  • Input parameter change as loop calls for another def (python 3.0), why?
  • Python sqlite3 generate unique identifier
  • how to test FCN(voc-fcn8s) on caffe python?
  • Assess whether duplicate samples have different data in their fields and whether to copy the data over?
  • How can I type hint an attribute in Python 3.5?
  • Bind many keys at the same time
  • Flask REST Blueprint not found
  • What is the easiest way to create a python list from a string that is in JSON format
  • Read a file .txt to build a dictionary
  • Get the value of a cell by row and column
  • How to convert unusual 24 hour date time format in python?
  • Get Outer Class Name for Nested Class (Python)
  • Why are many Python built-in/standard library functions actually classes
  • for i in range: TypeError: 'type' object is not iterable
  • Python SOAP client with Zeep - authentication
  • Django + mod_wsgi + apache2: ImportError: No module named <project>
  • Get coordinates from points density with KDE
  • Share global variable across python modules
  • how to divide two integers stored in variables then store the answer in an variable
  • Python, For loops depending on int
  • fcn should filters in deconv layers need to be trained?
  • Django - stop synchronisation between different variables based on filters on same object
  • Using python together with knitr
  • Difference between <type 'classobj'>, <type 'object'>?
  • what is top level module in Python?
  • Is there a query method or similar for pandas Series (pandas.Series.query())?
  • Deleting DataFrame row in Pandas where column value in list
  • Python Integer and String Using
  • Python requests: URL with percent character
  • Why ActionChains(driver).move_to_element(elem).click().perform() twice
  • shadow
    Privacy Policy - Terms - Contact Us © soohba.com