This question is a follow-up to my earlier question on getting a REST API call to EC2 API working.
Having got that working, I wanted to generalize it and tried a couple of things. For example, I tried to filter by region name and make the request
https://ec2.amazonaws.com/?Action=DescribeRegions
&RegionName.1=us-east-1
&RegionName.2=eu-west-1
which they show in the documentation.
Signing that was easy, stick the RegionName(s) into the signing request in their alphabetical position and sign the whole thing just as I would without them. That worked out just fine.
So I progressed to the second example that they provide in the documentation.
https://ec2.amazonaws.com/?Action=DescribeRegions
&Filter.1.Name=endpoint
&Filter.1.Value.1=*ap*
OK, I tried to put the filters into my signing parameters in the alphabetically sorted location as required ...
char * signing_parameters_template =
"AWSAccessKeyId=%s&"
"Action=DescribeRegions&"
"Filter.1.Name=endpoint&"
"Filter.1.Value=*ap*&"
"SignatureMethod=HmacSHA256&"
"SignatureVersion=2&"
"Timestamp=%s&"
"Version=2013-08-15";
and sign that. I get an error that the signature doesn't match. I've tried a bunch of variations of this, no luck.
How does one sign a request that includes filters?
I have to escape the "*" in the filter
"Filter.1.Value=*ap*&"
That's it!
Related
Hello i am trying to get page level insights and post level insights in the same request but cant seem to get the syntax correct.
page id /published_posts?fields=permalink_url,created_time,message,shares,reactions.limit(0).summary(1),comments.limit(0).summary(1),insights.metric(post_reactions_by_type_total,post_impressions_unique,page_posts_impressions_organic)&since=yesterday
This is my request for now but i wanna add page insights like page_fans and page_fans_city.
How can i do that?
You are using the published_posts endpoint there already, you can not go back “up” to the page object from there. You need to rewrite the whole thing so that you use the page id itself as the basic endpoint, and then request everything else via the fields parameter. The trick is to get the syntax and nesting right …
/page-id?fields=insights.metric(page_fans,page_fans_city),published_posts{…}
should work, inside the {…} you then put all the original fields you requested from the published_posts endpoint before, so
/page-id?fields=insights.metric(page_fans,page_fans_city),published_posts{permalink_url,
created_time,…,insights.metric(post_reactions_by_type_total,post_impressions_unique,
page_posts_impressions_organic)}
And &since=yesterday then just goes at the end again, after all that.
To have the since limitation still apply on the post level, it apparently needs to be added on that “field” again, syntax similar to .metric():
?fields=…,published_posts.since(yesterday){…}
I am trying to figure out the right parameters for ItemSearch such that the API call will return the same result as on the website. Currently I am using these params it is not consistent with the website.
url_params = dict(
Service='AWSECommerceService',
Operation='ItemSearch',
AssociateTag=AMAZON_ASSOCIATETAG,
SearchIndex='All',
AWSAccessKeyId=AWS_ACCESS_KEY_ID,
Keywords=keywords,
ResponseGroup='Small,OfferSummary,Images'
)
For example if 'iphone%205s' is put in keywords, the API returns a list of iPhone protectors, while searching on the website gives iPhones as top results.
I am also trying to figure out why this is for book searches. One possible answer I found online was that the websites search feature might use more elaborate queries than just one simple API call. For example, it may take into account other factors into the search (not sure what that might be but it may).
I'm trying to use the Yummly API. I've noticed that some of their developers have answered other questions here, so I'm hoping to catch their eye. I used the documentation at the yummly developer site https://developer.yummly.com/documentation#IDs.
Specifically here is my get request:
<http://api.yummly.com/v1/api/recipe/Avocado-cream-pasta-sauce-recipe-306039>
Which returns this:
Please include X-Yummly-App-ID and X-Yummly-App-Key
Seems like this is a sensible thing, except that I don't see anywhere in the documentation for the single recipe call where I'm supposed to insert that info. Any one out there know how to properly format this?
or include them as URL parameters:
_app_id=app-id&_app_key=app-key
https://developer.yummly.com/documentation#IDs
Try this:
http://api.yummly.com/v1/api/recipe/Avocado-cream-pasta-sauce-recipe-306039?_app_id=ID&_app_key=KEY
You need to take the URL you mentioned in the question and add your authentication parameters to it. So it becomes:
http://api.yummly.com/v1/api/recipe/Avocado-cream-pasta-sauce-recipe-306039?_app_id=ID&_app_key=KEY
Instead of ID and KEY insert the application id and key from your account on developer.yummly.com
I'm developing an Android App that uses the Places API to retrieve information and displays it on a map. The initial request to retrieve to places fails with a ACCESS_DENIED status message from the HTTP request. Below is the code that I used to generate the request:
try {
HttpRequestFactory httpRequestFactory = createRequestFactory(HTTP_TRANSPORT);
HttpRequest request = httpRequestFactory
.buildGetRequest(new GenericUrl(PLACES_SEARCH_URL));
request.getUrl().put("key", API_KEY);
request.getUrl().put("location", _latitude + "," + _longitude);
request.getUrl().put("radius", _radius); // in meters
request.getUrl().put("sensor", "false");
if(types != null)
request.getUrl().put("types", types);
PlacesList list = request.execute().parseAs(PlacesList.class);
// Check log cat for places response status
Log.d("Places Status", "" + list.status);
return list;
In another Stackoverflow posting someone had suggested that the poster try the following to test their key:
Go to the api console here, then to SERVICES. Click Active services
tab and verify 'Places API' is turned ON. Click on the ? "try" link
next to it. It should create a proper URL with your key which should
work. Compare the link that you are trying against this URL for
differences.
I followed these instructions. Based on the fact that I received the following results when I clicked on the ? to "try" the link I suspect something is fundamentally wrong with the API Key independent of the code...otherwise I would think I would get a SUCCESS rather than REQUEST_DENIED:
{
"html_attributions" : [],
"results" : [],
"status" : "REQUEST_DENIED"
}
I obtained my key by entering the SHA1 of my debug certificate (which i obtained using Keytool with all the appropriate parameters...e.g, androiddebugkey....debug.keystore) followed by a ";" and the Package Name of the app.
Not sure what the problem is...I'm sure it's something simple but I'm not seeing it and I'm stuck. Thoughts?
I never received a response to this posting so ultimately I've resolved the problem by creating a brand new key under a new project name and I was at least able to retrieve Places from Google..I'm still having issues with populating maps but that could be a code issue.
I noticed that the key that I was using that gave me the ACCESS DENIED results had a title of: "Key for Android apps (with certificates)" and it had a label "Android apps:" listed just under the actual key. The key value is the SHA1 value ";" followed by the Package Name. Whereas the key I created under a new Project Name (Places API) that ultimately worked had a title of: "Key for browser apps (with referers)" and it had a label of "Referers:" and value of "Any referer allowed".
So there is definitely something different about these two keys. I'm not sure what I did differently when I generated the keys. I'd like to understand what I did to generate these two "different" types of keys so that I and perhaps others won't repeat my "mistake(s)".
There are many references to creating keys in the Google documentation. The fact that there are so many postings regarding problems with the keys tells me that the Google documentation is not very clear otherwise so many issues wouldn't exist on this topic.
I'm going to write a program can post and read messages from SQS with authentication and I've read the document from here
Link: Query Request Authentication
I have successfully written the process which post a message to specified queue follow by the document. But I always get 403 error when I try to receive message from queue. And I found the signature string rules are different for POST and GET methods.
the signature string is:
GET\n
sqs.us-east-1.amazonaws.com\n
/<My Account Id>/<Queue Name>\n
AWSAccessKeyId=<My Access Key>
&Action=ReceiveMessage
&MaxNumberOfMessages=10
&VisibilityTimeout=600
&AttributeName=All
&Expires=2012-04-01T11%3A29%3A24Z
&SignatureMethod=HmacSHA1
&SignatureVersion=2
&Version=2011-10-01
and the url is
https://sqs.us-east-1.amazonaws.com/<My Account Id>/<Queue Name>?
Action=ReceiveMessage
&MaxNumberOfMessages=10
&VisibilityTimeout=600&AttributeName=All
&Version=2011-10-01
&Expires=2012-04-01T11%3A29%3A24Z
&Signature=<BASE64 encoded HmacSHA1 digist with signature string and my security key>
&SignatureVersion=2
&SignatureMethod=HmacSHA1
&AWSAccessKeyId=<My Access Key>
And I always get the 403 forbidden error:
<ErrorResponse xmlns="http://queue.amazonaws.com/doc/2011-10-01/">
<Error>
<Type>Sender</Type>
<Code>SignatureDoesNotMatch</Code>
<Message>
The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
</Message>
<Detail/>
</Error>
<RequestId>16f6e910-62e6-4259-8c09-0358b84cbe60</RequestId>
</ErrorResponse>
Is there anyone can tell me how can I deal with it? Thanks a lot
The error message tells you that the signature is being calculated wrong. This is really tough to debug. I spent hours on it the first time I tried it. There's an example signed SQS request at http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/MakingRequests_MakingQueryRequestsArticle.html. You should put those parameters in your program, calculate the signature, and try finding bugs into your program creates the same signature.
Specific problems I had, and fixes for them included:
Sorting the query parameters correctly. They must be in ascending order when creating the string to sign. Your example URL does not show them in order. Did you sort them differently when creating the string to sign?
URI encoding properly. Every parameter must be URI encoded in the string to sign. Your sample URL does have URI encoding, so this probably isn't your issue. But make sure you're not double-encoding.
Padding the base64 signature. At least some AWS services insist that the signature be a multiple of four characters long. Two-thirds of the time a base64 encoding will be too short, and need one or two equal signs appended to it. Most base64 encoding libraries do that for you, but not all.
Of course, the easiest thing is to use somebody else's library to make the requests, but what's the fun in that? Good luck debugging this.
It's most likely the parameter order: when assembling the signature version 2 string, at the last step the Amazon documentation specifies:
Add the query string components (the name-value pairs, not including
the initial question mark (?) as UTF-8 characters which are URL
encoded per RFC 3986 (hexadecimal characters must be uppercased) and
sorted using lexicographic byte ordering. Lexicographic byte ordering
is case sensitive.
I've spent two days debugging this same "SignatureDoesNotMatch" issue by checking my HMAC, BASE64 and URL encoding procedures and it was just a problem of parameter order.
The documentation should emphasize this issue more; if you use unordered parameter strings (e.g. the same one in the request URL, like those found in the documentation examples), you're going to get this non-intuitive error from the server.