问题
I am trying to GET Walmart Seller API using CURL PHP to acknowledge. Can any one suggest which RSA PHP library i need to use ? So that Authentication Signature is verify while making calls to walmart.
Any one experience with this ?
$headers = array(
'WM_SVC.NAME: Walmart Marketplace',
'WM_QOS.CORRELATION_ID: 14730688612',
'WM_SEC.TIMESTAMP:14730688612',
'WM_SEC.AUTH_SIGNATURE: XXXXXXXXXXX'
'WM_CONSUMER.ID: XXXXXXXXXXX',
'Content-Type: application/xml',
'Accept: application/xml',
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_URL,$requestUrl);
curl_setopt($ch, CURLOPT_HEADER, TRUE);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$result = curl_exec( $ch );
if(curl_errno($ch)):
echo 'Curl error: '.curl_error($ch);
endif;
I have used reference that found while googling.
- https://github.com/fillup/walmart-auth-signature-php
回答1:
The hardest part about this is generating the signature and getting that to work properly.
I pulled a lot of these pieces from various spots to give a straight forward example so hopefully it will work.
Let say we want to make a GET call to get all of our feeds statuses.
// Your walmart info from walmart admin
$walmart_consuer_id = XXXXXXXXXXXXX;
$walmart_channel_type = XXXXXXXXXXXX;
$request_type = "GET";
$url = "https://marketplace.walmartapis.com/v2/feeds";
// We need a timestamp to generate the signature and to send as part of the header
$timestamp = round(microtime(true) * 1000);
$signature = getClientSignature($url, $request_type, $timestamp);
$headers = array();
$headers[] = "Accept: application/xml";
$headers[] = "WM_SVC.NAME: Walmart Marketplace";
$headers[] = "WM_CONSUMER.ID: ".$walmart_consuer_id;
$headers[] = "WM_SEC.TIMESTAMP: ".$timestamp;
$headers[] = "WM_SEC.AUTH_SIGNATURE: ".$signature;
$headers[] = "WM_QOS.CORRELATION_ID: ".mt_rand();
$headers[] = "WM_CONSUMER.CHANNEL.TYPE: " .$walmart_channel_type;
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_FAILONERROR, true);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $request_type);
curl_setopt($ch, CURLOPT_AUTOREFERER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
$result = curl_exec($ch);
function getClientSignature($url, $request_type, $timestamp) {
// Your walmart info from walmart admin
$walmart_secret = XXXXXXXXXXXXXXXX;
$walmart_consuer_id = XXXXXXXXXXXXX;
// Get an openssl usable private key from the walmart supplied secret
$pem = pkcs8_to_pem(base64_decode($walmart_secret));
$private_key = openssl_pkey_get_private($pem);
// Construct the data we want to sign
$data = $walmart_consuer_id."\n";
$data .= $url."\n";
$data .= $request_type."\n";
$data .= $timestamp."\n";
// Sign the data
$hash = defined("OPENSSL_ALGO_SHA256") ? OPENSSL_ALGO_SHA256 : "sha256";
if (!openssl_sign($data, $signature, $private_key, $hash)) {
// ERROR
return null;
}
return base64_encode($signature);
}
function pkcs8_to_pem($der) {
static $BEGIN_MARKER = "-----BEGIN PRIVATE KEY-----";
static $END_MARKER = "-----END PRIVATE KEY-----";
$value = base64_encode($der);
$pem = $BEGIN_MARKER . "\n";
$pem .= chunk_split($value, 64, "\n");
$pem .= $END_MARKER . "\n";
return $pem;
}
回答2:
<?php
$consumer_id='xxxxxxxxxx';
$private_key='xxxxxxxxxx';
$timestamp='xxxxxxxx';
$correlation_id='xxxxxxxxxxx';
$channel_id='xxxxxxxxxx';
$endPoint = "v3/feeds?feedType=item";
$requestUrl = "https://marketplace.walmartapis.com/$endPoint";
$requestMethod = 'POST';
$signature = new Signature($consumer_id, $private_key, $requestUrl, $requestMethod);
$actual_signature = $signature->getSignature($timestamp);
$file = '..../walmart_product.xml';
$headers = [];
$headers[] = "WM_SVC.NAME: Walmart Marketplace";
$headers[] = "WM_QOS.CORRELATION_ID: ".$correlation_id;
$headers[] = "WM_SEC.TIMESTAMP: ".$timestamp;
$headers[] = "WM_SEC.AUTH_SIGNATURE: ".$actual_signature;
$headers[] = "WM_CONSUMER.ID: " .$consumer_id;
$headers[] = "Content-Type: multipart/form-data";
$headers[] = "Accept: application/xml";
$headers[] = "WM_CONSUMER.CHANNEL.TYPE: ".$channel_id;
$headers[] = "HOST: marketplace.walmartapis.com";
$body ['file'] = new \CurlFile ( $file, 'application/xml' );
$ch = curl_init ();
curl_setopt ( $ch, CURLOPT_URL, $requestUrl );
curl_setopt ( $ch, CURLOPT_HTTPHEADER, $headers );
curl_setopt ( $ch, CURLOPT_HEADER, 1 );
curl_setopt ( $ch, CURLOPT_POST, 1 );
curl_setopt ( $ch, CURLOPT_POSTFIELDS, $body );
curl_setopt ( $ch, CURLOPT_SSL_VERIFYPEER, 0 );
curl_setopt ( $ch, CURLOPT_RETURNTRANSFER, true );
$server_output = curl_exec ( $ch );
?>
回答3:
$ch = curl_init();
$headers = $actual;
$qos = uniqid();
$url='https://api-gateway.walmart.com/v3/items';
$options =
array (
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TIMEOUT => 60,
CURLOPT_HEADER => false,
CURLOPT_POST => 1,
CURLOPT_HTTPHEADER => array(
'WM_SVC.NAME: Drop Ship Vendor Services',
'WM_QOS.CORRELATION_ID:'.$qos,
'WM_SEC.TIMESTAMP:1451606400',
'WM_SEC.AUTH_SIGNATURE: '.$headers,
'WM_CONSUMER.ID:'.$WalmartConsumerID
,
'WM_CONSUMER.CHANNEL.TYPE:**********',
'Accept: application/xml'
),
CURLOPT_HTTPGET => true
);
curl_setopt_array($ch, $options);
$response = curl_exec ($ch);
print_r($response);
来源:https://stackoverflow.com/questions/39328095/walmart-seller-api-post-not-working-gives-401-unauthorized-in-php-only