我的Amazon Web Service API测试请求返回时出现以下错误:
<ItemSearchErrorResponse xmlns="http://ecs.amazonaws.com/doc/2005-10-05/">
<Error>
<Code>SignatureDoesNotMatch</Code>
<Message>
The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
</Message>
</Error>
<RequestId>ebe90459-1abd-403e-bfec-6916ebe07e1f</RequestId>
</ItemSearchErrorResponse>
以下是我对此的看法:
<?php
$private_key = "XXXXXXXXXXXXXXXXXXXXXX";
$date = urlencode(date('Y-m-d\TH:i:s.Z\Z', time()));
$string_to_sign = "GET webservices.amazon.com /onca/xml/ AWSAccessKeyId=XXXXXXXXXXXXXXXXXXXXXXXA&Keywords=Rocket&Operation=ItemSearch&SearchIndex=Toys&Service=AWSECommerceService&Timestamp=".$date."";
$signature = urlencode(base64_encode(hash_hmac("sha256",$string_to_sign, $private_key, True)));
$url = "http://webservices.amazon.com/onca/xml?AWSAccessKeyId=XXXXXXXXXXXXXXXXXXXXXXXX&Keywords=Rocket&Operation=ItemSearch&SearchIndex=Toys&Service=AWSECommerceService&Timestamp=".$date."&Signature=".$signature."";
header("Location: ".$url."");
?>
我基本上想直接在url中签名的REST请求(因此是头文件功能),但让我陷入了错误。我仔细检查了我的访问ID和密钥,所以我知道他们不是导致问题的那个。这不是产生签名的正确方法吗?
答案 0 :(得分:0)
您似乎正在尝试使用V2签名来调用AWS的REST API。 请参阅完整的AWS REST API call documentation。
我敢打赌,问题是签名前字符串中缺少SignatureVersion,SignatureMethod和Version。上面链接的文档的第五步显示了要签名的字符串的示例:
GET\n
elasticmapreduce.amazonaws.com\n
/\n
AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&Action=DescribeJobFlows&SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2011-10-03T15%3A19%3A30&Version=2009-03-31
答案 1 :(得分:0)
这是AWS的主题:“您的凭证不正确”。