问题
I am trying to implement Amazon MWS API. When I call particular URL then I get following error
The request signature we calculated does not match the signature you provided.
Check your AWS Secret Access Key and signing method
I have tried all the possible Stackoverflow solutions and some other but I am unable to fix this issue. Here is my PHP code
$param = array();
$param['AWSAccessKeyId'] = 'AKIAJ76NICWXXXXXXXXX';
$param['Action'] = 'GetReportRequestList';
$param['SellerId'] = 'A4XLZYW8XXXXX';
$param['SignatureMethod'] = 'HmacSHA256';
$param['SignatureVersion'] = '2';
$param['Timestamp'] = gmdate("Y-m-d\TH:i:s.\\0\\0\\0\\Z", time());
$param['Version'] = '2011-10-01';
$param['MarketplaceId'] = 'A2EUQ1WTGCTBG2';
$url = array();
foreach ($param as $key => $val) {
$key = str_replace("%7E", "~", rawurlencode($key));
$val = str_replace("%7E", "~", rawurlencode($val));
$url[] = "{$key}={$val}";
}
uksort($url, 'strcmp');
$arr = implode('&', $url);
$sign = 'POST' . "\n";
$sign .= 'mws.amazonservices.com' . "\n";
$sign .= $arr;
$signature = hash_hmac("sha256", $sign, "+vWJ/hISrN2IyRMnaTHTaXXXXXXXX");
$link = "https://mws.amazonservices.com?";
$link .= $arr . "&Signature=" . urlencode(base64_encode($signature));
回答1:
Not tested. I modified your code to do the sorting before encoding the parameters and replaced the str_replace/rawurlencode with http_build_query while specifying RFC3986 encoding. Hope this works for you
$param = array();
$param['AWSAccessKeyId'] = 'AKIAJ76NICWXXXXXXXXX';
$param['Action'] = 'GetReportRequestList';
$param['SellerId'] = 'A4XLZYW8XXXXX';
$param['SignatureMethod'] = 'HmacSHA256';
$param['SignatureVersion'] = '2';
$param['Timestamp'] = gmdate("Y-m-d\TH:i:s.\\0\\0\\0\\Z", time());
$param['Version'] = '2011-10-01';
$param['MarketplaceId'] = 'A2EUQ1WTGCTBG2';
uksort($param, 'strcmp');
$sign = "POST\nmws.amazonservices.com\n/\n" . http_build_query($param, '', '&', PHP_QUERY_RFC3986);
$signature = base64_encode(hash_hmac("sha256", $sign, "+vWJ/hISrN2IyRMnaTHTaXXXXXXXX", true));
$param['Signature'] = $signature;
$ctx = stream_context_create([
"http" => [
"method" => "POST",
"header" => "Content-type: application/x-www-form-urlencoded\r\n\r\n",
"content" => http_build_query($param)
]
]);
$result = file_get_contents("https://mws.amazonservices.com/?", false, $ctx);
Edit: Here's a link to Amazon MWS docs. Page 16 describes the process for signing and explains my modifications.
回答2:
Here is solution.
$params = array(
'AWSAccessKeyId' => "AKIAJB4PTEUXXXXXX",
'Action' => "GetReportRequestList",
'SellerId' => "A4XLZXXXXXX",
'SignatureMethod' => "HmacSHA256",
'SignatureVersion' => "2",
'Timestamp' => gmdate("Y-m-d\TH:i:s.\\0\\0\\0\\Z", time()),
'Version' => "2009-01-01",
'MarketplaceId' => "ATVPDKIKX0DER",
);
// Sort the URL parameters
$url_parts = array();
foreach (array_keys($params) as $key)
$url_parts[] = $key . "=" . str_replace('%7E', '~', rawurlencode($params[$key]));
sort($url_parts);
// Construct the string to sign
$url_string = implode("&", $url_parts);
$string_to_sign = "GET\nmws.amazonservices.com\n/\n" . $url_string;
// Sign the request
$signature = hash_hmac("sha256", $string_to_sign, "7D/QEUYXrJ/XQYyAAMPgiwTXXXXXX", TRUE);
// Base64 encode the signature and make it URL safe
$signature = urlencode(base64_encode($signature));
$url = "https://mws.amazonservices.com/" . '?' . $url_string . "&Signature=" . $signature;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 15);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$response = curl_exec($ch);
$parsed_xml = simplexml_load_string($response);
来源:https://stackoverflow.com/questions/36308921/amazon-mws-signature-issue