AuthFailure AWS无法对请求进行身份验证:缺少访问凭据

时间:2013-07-06 21:07:29

标签: amazon-web-services amazon-pay

我正在尝试在Pay请求中提交Amazon Flexible Payments步骤...

我收到以下错误

  

AuthFailure AWS无法对请求进行身份验证:访问权限   凭证丢失

但是,我相信我遵循了这封信的指示:

文档提供了以下示例:

https://fps.sandbox.amazonaws.com?
Action=Pay
&AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE
&CallerDescription=MyWish
&CallerReference=CallerReference02
&SenderTokenId=553ILMLCG6Z8J431H7BX3UMN3FFQU8VSNTSRNCTAASDJNX66LNZLKSZU3PI7TXIH
&Signature=0AgvXMwJmLxwdMaiE7lMHZxc6384h%2FjBkiTserQFpBQ%3D
&SignatureMethod=HmacSHA256
&SignatureVersion=2
&Timestamp=2009-10-06T05%3A49%3A52.843Z
&TransactionAmount.CurrencyCode=USD
&TransactionAmount.Value=1
&Version=2008-09-17

这是我生成的内容:

https://fps.sandbox.amazonaws.com?
AWSAccessKeyId=AKIAI3...EXAMPLE
&Action=Pay
&CallerDescription=MyWebsite.com
&CallerReference=0.557658069068566
&SenderTokenId=25R743FUFUSUVPMZZ5Z83SWP1YPNX8YDPFR8XCDEMLH4L1PPMEZ65VLT8LE6UXPR
&SignatureMethod=HmacSHA256
&SignatureVersion=2&Timestamp=2013-07-06T13%3A56%3A03-07%3A00
&TransactionAmount.currencyCode=USD
&TransactionAmount.value=3
&Version=2008-09-17
&signature=9k%2B4Txi2ZzUj62QBK3TwV6x0KWfkNY9YWpqty8%2B3XKk%3D

我知道我的AWS凭据很好,因为我必须在获取SenderTokenID的前一步中使用它们。我只想完成交易。

有什么想法吗?这完全是令人困惑的,到目前为止已经是人类生命的悲剧性浪费。

1 个答案:

答案 0 :(得分:1)

好的,所以解决方案是

1)尽管前面的步骤(获取一个令牌ID)记录了相反的情况,但对于这个特定的请求,FPS关心参数的情况 - 它们都应该是驼峰式的。

2)我错过了默认' /'覆盖我的消息签名功能中的空白路径(端点在主机名后面没有任何内容)

这是有效的HTTP GET(混淆AWS凭证)

https://fps.sandbox.amazonaws.com/?AWSAccessKeyId=AKIAIEXAMPLE
&Action=Pay
&CallerDescription=MyWebsite
&CallerReference=0.7753969375044107
&SenderTokenId=25R7R3NUFBS6VPRZV5Z53AWP2YLNXAYEPFJ8BCDGMXH4V1FPMZZ95VATZLEFUCPG
&SignatureMethod=HmacSHA256
&SignatureVersion=2
&Timestamp=2013-07-06T14%3A38%3A41-07%3A00
&TransactionAmount.CurrencyCode=USD
&TransactionAmount.Value=3
&Version=2008-09-17
&Signature=Ijf0hqQuSi5zU%2BF1PUK1LBYvsK9AVHacrqK1hJVzffk%3D

以下是用Hmac SHA256(AWS Secret密钥作为密码)实际签名的消息:

GET
fps.sandbox.amazonaws.com
/
AWSAccessKeyId=AKIAIEXAMPLE&Action=Pay&CallerDescription=MyWebsite&CallerReference=0.7753969375044107&SenderTokenId=25R7R3NUFBS6VPRZV5Z53AWP2YLNXAYEPFJ8BCDGMXH4V1FPMZZ95VATZLEFUCPG&SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2013-07-06T14%3A38%3A41-07%3A00&TransactionAmount.CurrencyCode=USD&TransactionAmount.Value=3&Version=2008-09-17
相关问题
最新问题