1

I'm trying to implement a program that uses the Amazon API. I've used the wrapper made by yoavaviram. I pushed my code to github and was notified my amazon that I shouldn't explicitly have my AWS credentials in my code. I've found some code that uses boto to access things like AWS's buckets and such but I don't think I need to use that. How can I pass in my credentials in the following code without explicitly writing their values in the code? 

#windowShopping will take all of the Amazon HTMLs from a data structure and will retrieve all of the used/new prices
import re
import json
import requests
from bs4 import BeautifulSoup
from amazon.api import AmazonAPI
import time

AMAZON_ACCESS_KEY = < my access key >
AMAZON_SECRET_KEY = < my secret key >
AMAZON_ASSOC_TAG = < my user name >

asin_regex = r'/([A-Z0-9]{10})'
isbn_regex = r'/([0-9]{10})'

def get_amazon_item_id(url):
    # return either ASIN or ISBN
    asin_search = re.search(asin_regex, url)
    isbn_search = re.search(isbn_regex, url)
    if asin_search:
        return asin_search.group(1)
    elif isbn_search:
        return isbn_search.group(1)
    else:
        # log this URL
        return None

def get_amazon_product_meta(url):
    # the input URL is always of amazon
    amazon = AmazonAPI(AMAZON_ACCESS_KEY, AMAZON_SECRET_KEY, AMAZON_ASSOC_TAG)

    item_id = get_amazon_item_id(url)
    if not item_id:
        return None

    try:
        product = amazon.lookup(ItemId=item_id)        
    except amazon.api.AsinNotFound:
        # log this ASIN
        return None
    except Exception:
        return None


    # product.price_and_currency returns in the form (price, currency)
    # product_price = product.price_and_currency[0]

    new_price = product._safe_get_element_text("OfferSummary.LowestNewPrice.FormattedPrice")
    used_price = product._safe_get_element_text("OfferSummary.LowestUsedPrice.FormattedPrice")
    trade_in_price = product._safe_get_element_text("ItemAttributes.TradeInValue.FormattedPrice")

    if new_price or used_price or trade_in_price:
        return new_price, used_price, trade_in_price

    return Nonesting.Price.FormattedPrice

def unpickle(fileName):
    f = open(fileName, 'r')
    HTML_Dict = json.load(f)
    print(fileName)
    f.close()

    return HTML_Dict

def pickle(structure,fileName):
    f = open(fileName, 'w' )
    json.dump(structure,f)
    f.close()

def get_prices(urls,newPricesDict, usedPricesDict, tradeInDict):
    #iterates through document of book urls
    for url in urls:
        price = get_amazon_product_meta(urls[url])
        newPricesDict[url] = price[0]
        usedPricesDict[url] = price[1]
        tradeInDict[url] = price[2]
        time.sleep(1)
        print(url)
        print("\t" + str(price))


def main():
    newPrices = {}
    usedPrices = {}
    tradeInPrices = {}
    urlDict = unpickle('addresses.dat')
    get_prices(urlDict, newPrices, usedPrices, tradeInPrices)
    pickle(newPrices, "newPrices.dat")
    pickle(usedPrices, "usedPrices.dat")
    pickle(tradeInPrices, "tradeInPrices.dat")

if __name__ == '__main__':
    main()
Improve this question
1
  • Read it from a environment variable. Commented May 17, 2015 at 3:27

2 Answers 2

Reset to default
2

Create a another file called credentials.py and Define variables.

AMAZON_ACCESS_KEY = "access_key"
AMAZON_SECRET_KEY = "secret_key"
AMAZON_ASSOC_TAG = "tag_name"

Then in you file,

from credentials import *

AMAZON_ACCESS_KEY = AMAZON_ACCESS_KEY
AMAZON_SECRET_KEY = AMAZON_SECRET_KEY
AMAZON_ASSOC_TAG =  AMAZON_ASSOC_TAG
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

to make it even more explicit, DO NOT CHECK credentials.py INTO YOUR REPOSITORY. A .gitignore file can help.
1

You should definitely use IAM credentials with EC2 Roles. It's a little harder at the beginning, but it pays. It ensures that credentials are rotated continuously.

I don't know the libraries you are using, but I can tell you that other libraries in python autodetect when they are run in a EC2 instance with IAM Roles assigned and they automatically load the corresponding credentials.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.