来自Scratchpad的亚马逊MWS ListOrders要求

时间:2016-11-29 19:20:55

标签: php amazon-web-services amazon-mws

我正试图通过MWS Scratchpad获取订单清单。 在暂存器中一切正常。

HTTP POST是

POST /Orders/2013-09-01?AWSAccessKeyId=$CHIAVE_ACCESSO
&Action=ListOrders
&SellerId=$SELLER_ID
&SignatureVersion=2
&Timestamp=2016-11-29T18%3A58%3A52Z
&Version=2013-09-01
&Signature=$SIGNATURE
&SignatureMethod=HmacSHA256
&CreatedAfter=2016-10-31T23%3A00%3A00Z
&MarketplaceId.Id.1=APJ6JRA9NG5V4 HTTP/1.1
Host: mws.amazonservices.it
x-amazon-user-agent: AmazonJavascriptScratchpad/1.0 (Language=Javascript)
Content-Type: text/xml

和要签名的字符串(在第二个框中)是

POST
mws.amazonservices.it
/Orders/2013-09-01
AWSAccessKeyId=$CHIAVE_ACCESSO&Action=ListOrders&CreatedAfter=2016-10-31T23%3A00%3A00Z&MarketplaceId.Id.1=APJ6JRA9NG5V4&SellerId=$SELLER_ID&Signat    ureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2016-11-29T18%3A58%3A52Z&Version=2013-09-01

显示暂存器的结果是正确的。

我想做的是通过PHP发出请求并详细说明结果。

但是,如果我试图将请求放在我的浏览器上

https://mws.amazonservices.it/Orders/2013-09-01?AWSAccessKeyId= $ CHIAVE_ACCESSO&安培;动作= ListOrders&安培; MarketplaceId = APJ6JRA9NG5V4&安培; SellerId = $ SELLER_ID&安培;是SignatureMethod = HmacSHA256&安培; SignatureVersion = 2及时间戳= 2016-11-29T19%3A13%3A01.000Z&安培;版本= 2013- 09-01&安培;签名= Q9Xnr9JhtkzeLUAsCFKPln8SS34FkCQRmELE2WiIhPo%3D&安培; CreatedAfter = 2016-10-31T23%3A00%3A00Z

错误是 error

我用来创建签名的方法是在stackoverflow上找到的,如下所示:

$sign  = 'GET' . "\n";
$sign .= 'mws.amazonservices.it' . "\n";
$sign .= '/Orders/2013-09-01' . "\n";
$sign .= $arr;

$signature = hash_hmac("sha256", $sign, $CHIAVE_SEGRETA, true);
$signature = urlencode(base64_encode($signature));

我做错了什么?

2 个答案:

答案 0 :(得分:0)

您是否查看了订单API的PHP client library?我使用C#版本,但我认为PHP库类似。大部分工作都是为你完成的。

答案 1 :(得分:0)

参数的顺序很重要。

以下是一些示例代码,可以为您提供一个好的起点。您只需稍微修改它以适合您的系统。

class AmazonMWS
{
    private $secretKey = '';

    private $parameters = array();

    /**
     * Constructor for the AmazonMWS class.
     * Initializes constants.
     */
    public function __construct() 
    {
        $this->secretKey = Constant::get('SECRET_KEY');

        $this->parameters['AWSAccessKeyId']     = Constant::get('AWSAccessKeyId');
        $this->parameters['MarketplaceId.Id.1'] = Constant::get('MarketplaceId.Id.1');
        $this->parameters['SellerId']           = Constant::get('SellerId');
        $this->parameters['SignatureMethod']    = Constant::get('SignatureMethod');
        $this->parameters['SignatureVersion']   = Constant::get('SignatureVersion');
    }

    public function setListOrders()
    {
        $this->parameters['Action'] = 'ListOrders';
        $this->parameters['Version'] = '2013-09-01';
        $this->parameters['Timestamp'] = $this->getTimestamp();

        // this part should change and depend on the method/parameter.. for now just for testing

        $this->parameters['CreatedAfter'] = '2015-11-01';
    }

    public function listOrders()
    {
        $request = "https://mws.amazonservices.com/Orders/2013-09-01?";
        $request .= $this->getParameterString($this->parameters) . "&Signature=" . $this->calculateSignature($this->calculateStringToSign($this->parameters));

        echo $request;

        return Curl::fetchSSL($request);
    }

    /**
     * Calculates String to sign.
     * 
     * @param array $parameters request parameters
     * @return String to sign
     */
    protected function calculateStringToSign(array $parameters)
    {
        $stringToSign  = 'GET' . "\n";
        $stringToSign .= 'mws.amazonservices.com' . "\n";
        $stringToSign .= '/Orders/2013-09-01' . "\n";
        $stringToSign .= $this->getParameterString($parameters);

        return $stringToSign;
    }

    /**
     * Gets the query parameters as a String sorted in natural-byte order.
     * 
     * @param array $parameters request parameters
     * @return String of parameters
     */
    protected function getParameterString(array $parameters)
    {
        $url = array();
        foreach ($parameters as $key => $val) {
            $key = $this->urlEncode($key);
            $val = $this->urlEncode($val);
            $url[] = "{$key}={$val}";
        }
        sort($url);

        $parameterString = implode('&', $url);

        return $parameterString;
    }

    /**
     * Computes RFC 2104-compliant HMAC signature.
     *
     * @param String to sign
     */
    protected function calculateSignature($stringToSign)
    {
        $signature = hash_hmac("sha256", $stringToSign, $this->secretKey, true);
        return urlencode(base64_encode($signature));
    }

    /**
     * URL encodes a string.
     */
    protected function urlEncode($string)
    {
        return str_replace("%7E", "~", rawurlencode($string));
    }

    /**
     * Gets the current date as ISO 8601 timestamp
     */
    protected function getTimestamp()
    {
        return gmdate("Y-m-d\TH:i:s.\\0\\0\\0\\Z", time());
    }
}