我正在尝试计算签名以进行Amazon Marketplace API调用,但我一直收到以下错误:
我们计算的请求签名与您提供的签名不匹配。检查您的AWS Secret Access密钥和签名方法。有关详细信息,请参阅服务文档。
我已经将签名创建过程封装到一个类中:
<?php
namespace App\Marketplace\Amazon;
class Signature
{
protected $signedString;
public function __construct($url, array $parameters, $secretAccessKey)
{
$stringToSign = $this->calculateStringToSign($url, $parameters);
$this->signedString = $this->sign($stringToSign, $secretAccessKey);
}
protected function calculateStringToSign($url, array $parameters)
{
$url = parse_url($url);
$string = "POST\n";
$string .= $url['host'] . "\n";
$string .= $url['path'] . "\n";
$string .= $this->getParametersAsString($parameters);
return $string;
}
protected function sign($data, $secretAccessKey)
{
return base64_encode(hash_hmac('sha256', $data, $secretAccessKey, true));
}
protected function getParametersAsString(array $parameters)
{
uksort($parameters, 'strcmp');
$queryParameters = [];
foreach ($parameters as $key => $value) {
$queryParameters[$key] = $this->urlEncode($value);
}
return http_build_query($queryParameters);
}
protected function urlEncode($value)
{
return str_replace('%7E', '~', rawurlencode($value));
}
public function __toString()
{
return $this->signedString;
}
}
但我无论如何也看不出我错在哪里。我遵循了API中的指南,查看了Java示例和过时的Marketplace PHP SDK*。
EDIT:,下面是我如何使用Signature
类:
$version = '2011-07-01';
$url = 'https://mws.amazonservices.com/Sellers/'.$version;
$timestamp = gmdate('c', time());
$parameters = [
'AWSAccessKeyId' => $command->accessKeyId,
'Action' => 'GetAuthToken',
'SellerId' => $command->sellerId,
'SignatureMethod' => 'HmacSHA256',
'SignatureVersion' => 2,
'Timestamp' => $timestamp,
'Version' => $version,
];
$signature = new Signature($url, $parameters, $command->secretAccessKey);
$parameters['Signature'] = strval($signature);
try {
$response = $this->client->post($url, [
'headers' => [
'User-Agent' => 'my-app-name',
],
'body' => $parameters,
]);
dd($response->getBody());
} catch (\Exception $e) {
dd(strval($e->getResponse()));
}
顺便说一句:我知道Marketplace凭据是正确的,因为我已经登录到帐户并检索到访问密钥、密钥和卖家ID。
*我没有使用SDK,因为它不支持我需要的接口调用:SubmitFeed
。
发布于 2015-04-19 07:27:44
我不确定我改变了什么,但我的签名代现在可以工作了。以下是课程的内容:
<?php
namespace App\Marketplace\Amazon;
class Signature
{
/**
* The signed string.
*
* @var string
*/
protected $signedString;
/**
* Create a new signature instance.
*
* @param string $url
* @param array $data
* @param string $secretAccessKey
*/
public function __construct($url, array $parameters, $secretAccessKey)
{
$stringToSign = $this->calculateStringToSign($url, $parameters);
$this->signedString = $this->sign($stringToSign, $secretAccessKey);
}
/**
* Calculate the string to sign.
*
* @param string $url
* @param array $parameters
* @return string
*/
protected function calculateStringToSign($url, array $parameters)
{
$url = parse_url($url);
$string = "POST\n";
$string .= $url['host']."\n";
$string .= $url['path']."\n";
$string .= $this->getParametersAsString($parameters);
return $string;
}
/**
* Computes RFC 2104-compliant HMAC signature.
*
* @param string $data
* @param string $secretAccessKey
* @return string
*/
protected function sign($data, $secretAccessKey)
{
return base64_encode(hash_hmac('sha256', $data, $secretAccessKey, true));
}
/**
* Convert paremeters to URL-encoded query string.
*
* @param array $parameters
* @return string
*/
protected function getParametersAsString(array $parameters)
{
uksort($parameters, 'strcmp');
$queryParameters = [];
foreach ($parameters as $key => $value) {
$key = rawurlencode($key);
$value = rawurlencode($value);
$queryParameters[] = sprintf('%s=%s', $key, $value);
}
return implode('&', $queryParameters);
}
/**
* The string representation of this signature.
*
* @return string
*/
public function __toString()
{
return $this->signedString;
}
}
发布于 2015-04-19 05:00:18
在调用您的sign函数后尝试此函数:
function amazonEncode($text)
{
$encodedText = "";
$j = strlen($text);
for($i=0;$i<$j;$i++)
{
$c = substr($text,$i,1);
if (!preg_match("/[A-Za-z0-9\-_.~]/",$c))
{
$encodedText .= sprintf("%%%02X",ord($c));
}
else
{
$encodedText .= $c;
}
}
return $encodedText;
}
按照格式化查询请求中的说明创建规范字符串后,通过使用HMAC-SHA1或HMAC-SHA256协议创建基于散列的消息验证码(HMAC)来计算签名。最好使用HMAC-SHA256协议。
生成的签名必须先进行base-64编码,然后再进行URI编码。
https://stackoverflow.com/questions/29679646
复制相似问题