【发布时间】:2021-08-11 10:21:16
【问题描述】:
我正在尝试将 Amazon SP-API 集成到我的电子商务网站中。
// Use Amazon Helper class to create Oauth Access Token
$amazonmwshelper = new AmazonMWSHelper();
$response = $amazonmwshelper->getAmazonAccessToken();
$response = json_decode($response);
$access_token = $response->access_token;
// Amazon SP API request url and variable
$selling_partner_api_live_url = "https://sellingpartnerapi-eu.amazon.com";
$host = "sellingpartnerapi-eu.amazon.com";
$seller_central_url = "https://sellercentral-europe.amazon.com";
$feed_document_url = "/feeds/2021-06-30/documents";
$market_placeID = "XXXXXXXXXXXXXXXXXX";
$aws_access_key = 'XXXXXXXXXXXXXXXXXX';
$aws_secret_key = 'XXXXXXXXXXXXXXXXXX';
$aws_region = "eu-west-1";
$service = 'execute-api';
$algorithm = 'AWS4-HMAC-SHA256';
$alg = 'sha256';
$uri = $feed_document_url;
$feed_content_type = "text/xml; charset=UTF-8";
$httpRequestMethod = "POST";
// Create date and datetime acc to Amazon AWS
$current_date = date('Y-m-d');
$amazon_date = str_replace('-', '', $current_date);
$amazon_datetime = date('Y-m-d H:i:s');
$amazon_datetime = str_replace(' ', 'T', $amazon_datetime);
$amazon_datetime = str_replace('-', '', $amazon_datetime);
$amazon_datetime = str_replace(':', '', $amazon_datetime);
$amazon_datetime = $amazon_datetime . "Z";
// Data Parameter (Create Payload)
$json_array = [];
$json_array["contentType"] = $feed_content_type;
$param = json_encode($json_array);
$requestPayload = strtolower($param);
$hashedPayload = hash($alg, $requestPayload);
// CREATE CANONICAL REQUEST AND CANONICAL STRING
$canonical_uri = $uri;
$canonical_querystring = '';
$canonical_headers = "host:".$host."\n"."x-amz-access-token:".$access_token."\n"."x-amz-date: ".$amazon_datetime;
$signed_headers = "host;x-amz-access-token;x-amz-date";
$canonical_request_string = $httpRequestMethod."\n".$canonical_uri."\n".$canonical_querystring."\n".$canonical_headers."\n".$signed_headers."\n".$hashedPayload;
$credential_scope = $amazon_date . "/" . $aws_region . "/" . $service . "/aws4_request";
$string_to_sign = $algorithm."\n".$amazon_datetime."\n".$credential_scope."\n".hash($alg, $canonical_request_string);
$kSecret = 'AWS4' . $aws_secret_key;
$kDate = hash_hmac( $alg, $amazon_date, $kSecret, true );
$kRegion = hash_hmac( $alg, $aws_region, $kDate, true );
$kService = hash_hmac( $alg, $service, $kRegion, true );
$kSigning = hash_hmac( $alg, 'aws4_request', $kService, true );
$signature = hash_hmac( $alg, $string_to_sign, $kSigning );
$authorization_header = $algorithm . ' ' . 'Credential=' . $aws_access_key . '/' . $credential_scope . ', ' . 'SignedHeaders=' . $signed_headers . ', ' . 'Signature=' . $signature;
$headers = [
'x-amz-access-token' => $access_token,
'x-amz-date' => $amazon_datetime,
'Authorization' => $authorization_header
];
// OPERATION => createFeedDocument
$client = new Client();
$feed_response = $client->post($selling_partner_api_live_url . $feed_document_url, [
'headers' => $headers,
'body' => $param
]);
if ($feed_response->getStatusCode() == 200 || $feed_response->getStatusCode() == 201 || $feed_response->getStatusCode() == 202 || $feed_response->getStatusCode() == 203 || $feed_response->getStatusCode() == 204) {
$content = json_decode($feed_response->getBody()->getContents());
print_r($content);
} else {
print_r(json_decode($feed_response));
}
但我不断收到以下错误。
"errors": [
{
"message": "The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details. }]
【问题讨论】:
-
您是否已经“检查您的 AWS 秘密访问密钥和签名方法”和/或“请参阅服务文档了解详细信息。”?
-
@brombeer 我创建了 IAM 用户,我正在使用 aws accesskey 和密钥进行签名,如文档中所述(docs.aws.amazon.com/general/latest/gr/…)。我不知道我是否正在生成正确的 Payload(hashedPayload)