Amazon MWS signature issue

血红的双手。 提交于 2020-01-14 06:00:08

问题


I am trying to implement Amazon MWS API. When I call particular URL then I get following error

The request signature we calculated does not match the signature you provided. 
Check your AWS Secret Access Key and signing method

I have tried all the possible Stackoverflow solutions and some other but I am unable to fix this issue. Here is my PHP code

$param = array();
$param['AWSAccessKeyId'] = 'AKIAJ76NICWXXXXXXXXX';
$param['Action'] = 'GetReportRequestList';
$param['SellerId'] = 'A4XLZYW8XXXXX';
$param['SignatureMethod'] = 'HmacSHA256';
$param['SignatureVersion'] = '2';
$param['Timestamp'] = gmdate("Y-m-d\TH:i:s.\\0\\0\\0\\Z", time());
$param['Version'] = '2011-10-01';
$param['MarketplaceId'] = 'A2EUQ1WTGCTBG2';

$url = array();
foreach ($param as $key => $val) {
    $key = str_replace("%7E", "~", rawurlencode($key));
    $val = str_replace("%7E", "~", rawurlencode($val));
    $url[] = "{$key}={$val}";
}

uksort($url, 'strcmp');

$arr = implode('&', $url);

$sign = 'POST' . "\n";
$sign .= 'mws.amazonservices.com' . "\n";
$sign .= $arr;

$signature = hash_hmac("sha256", $sign, "+vWJ/hISrN2IyRMnaTHTaXXXXXXXX");

$link = "https://mws.amazonservices.com?";
$link .= $arr . "&Signature=" . urlencode(base64_encode($signature));

回答1:


Not tested. I modified your code to do the sorting before encoding the parameters and replaced the str_replace/rawurlencode with http_build_query while specifying RFC3986 encoding. Hope this works for you

$param = array();
$param['AWSAccessKeyId'] = 'AKIAJ76NICWXXXXXXXXX';
$param['Action'] = 'GetReportRequestList';
$param['SellerId'] = 'A4XLZYW8XXXXX';
$param['SignatureMethod'] = 'HmacSHA256';
$param['SignatureVersion'] = '2';
$param['Timestamp'] = gmdate("Y-m-d\TH:i:s.\\0\\0\\0\\Z", time());
$param['Version'] = '2011-10-01';
$param['MarketplaceId'] = 'A2EUQ1WTGCTBG2';
uksort($param, 'strcmp');
$sign = "POST\nmws.amazonservices.com\n/\n" . http_build_query($param, '', '&', PHP_QUERY_RFC3986);
$signature = base64_encode(hash_hmac("sha256", $sign, "+vWJ/hISrN2IyRMnaTHTaXXXXXXXX", true));
$param['Signature'] = $signature;
$ctx = stream_context_create([
    "http" => [
        "method" => "POST",
        "header" => "Content-type: application/x-www-form-urlencoded\r\n\r\n", 
        "content" => http_build_query($param)
    ]
]);
$result = file_get_contents("https://mws.amazonservices.com/?", false, $ctx);

Edit: Here's a link to Amazon MWS docs. Page 16 describes the process for signing and explains my modifications.




回答2:


Here is solution.

$params = array(
    'AWSAccessKeyId' => "AKIAJB4PTEUXXXXXX",
    'Action' => "GetReportRequestList",
    'SellerId' => "A4XLZXXXXXX",
    'SignatureMethod' => "HmacSHA256",
    'SignatureVersion' => "2",
    'Timestamp' => gmdate("Y-m-d\TH:i:s.\\0\\0\\0\\Z", time()),
    'Version' => "2009-01-01",
    'MarketplaceId' => "ATVPDKIKX0DER",
);

// Sort the URL parameters
$url_parts = array();
foreach (array_keys($params) as $key)
    $url_parts[] = $key . "=" . str_replace('%7E', '~', rawurlencode($params[$key]));

sort($url_parts);

// Construct the string to sign
$url_string = implode("&", $url_parts);
$string_to_sign = "GET\nmws.amazonservices.com\n/\n" . $url_string;

// Sign the request
$signature = hash_hmac("sha256", $string_to_sign, "7D/QEUYXrJ/XQYyAAMPgiwTXXXXXX", TRUE);

// Base64 encode the signature and make it URL safe
$signature = urlencode(base64_encode($signature));

$url = "https://mws.amazonservices.com/" . '?' . $url_string . "&Signature=" . $signature;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 15);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$response = curl_exec($ch);

$parsed_xml = simplexml_load_string($response);


来源:https://stackoverflow.com/questions/36308921/amazon-mws-signature-issue

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!