Amazon Seller Central MWS ListOrders GET请求失败,并显示“我们计算出的请求签名与您提供的签名不匹配”。

时间:2018-10-22 14:03:29

标签: signature amazon-mws

我正在尝试进行GET调用以从亚马逊提取订单,但是我一直遇到相同的签名错误。我到处搜索,发现很多人似乎都出现此错误,但是他们的解决方案似乎都无法解决我的问题。有什么想法吗?

我的请求代码:

$MWS_Timestamp=GetUTCFormattedDateTime(Date(Now_()),'UTC',false);   // 2018-10-22T13:51:32Z
$MWS_AccessKey='AKIA****************';
$MWS_ClientSecret='ChOqu*************************';
$MWS_DeveloperID=798*********;
$MWS_SellerID='A3DL**********';
$MWS_MarketPlaceID='ATVP*********';
$MWS_AuthToken='amzn.mws.********-****-****-****-************';

$MWS_Action='ListOrders';
$MWS_RequestString="";
$MWS_RequestString+="AWSAccessKeyId="+UrlEncode($MWS_AccessKey,0);
$MWS_RequestString+="&Action="+UrlEncode("ListOrders",0);
$MWS_RequestString+="&LastUpdatedAfter="+UrlEncode('2018-10-21T00:00:00Z',0);
$MWS_RequestString+="&MarketplaceId.Id.1="+UrlEncode($MWS_MarketPlaceID,0);
$MWS_RequestString+="&SellerId="+UrlEncode($MWS_SellerID,0);
$MWS_RequestString+="&SignatureVersion="+UrlEncode("2",0);
$MWS_RequestString+="&SignatureMethod="+UrlEncode("HmacSHA1",0);
$MWS_RequestString+="&Timestamp="+UrlEncode($MWS_Timestamp,0);
$MWS_RequestString+="&Version=2013-09-01";
$MWS_SignatureString=$MWS_RequestString;

$signature='';
/* Creating signature with CryptoJS
var hmacsha1Data=CryptoJS.HmacSHA1($MWS_SignatureString,$MWS_ClientSecret);  //Also tried $MWS_AccessKey with the same results
var base64EncodeData=CryptoJS.enc.Base64.stringify(hmacsha1Data);
$signature=encodeURIComponent(base64EncodeData);
*/
RunScript("<TAG>Scripts/JS-CryptoJS_v3.12</TAG>");

$signature=Replace($signature,"+","%2B");
$signature=Replace($signature,"/","%2F");
$signature=Replace($signature,"=","%3D");

$MWS_Request=$MWS_RequestString+"&Signature="+$signature;

$MWS_URL='https://mws.amazonservices.com/Orders/2013-09-01?'+$MWS_Request;

响应:

<ErrorResponse xmlns="https://mws.amazonservices.com/Orders/2013-09-01">
  <Error>
    <Type>Sender</Type>
    <Code>SignatureDoesNotMatch</Code>
    <Message>
      The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
    </Message>
  </Error>
  <RequestID>54d6059b-9aa8-4d4f-a0b8-beb663599b25</RequestID>
</ErrorResponse>

我在哪儿错了。我仔细检查了凭据,但一切看起来都很好。

1 个答案:

答案 0 :(得分:1)

这些参数必须全部按词法顺序附加。

这里是一个例子,并非如此。

$MWS_RequestString+="&SellerId="+UrlEncode($MWS_SellerID,0);
$MWS_RequestString+="&LastUpdatedAfter="+UrlEncode('2018-10-21T00:00:00Z',0);

实际URL中的顺序无关紧要,但是,如果您不按此顺序构建它们,那么您将无法计算出正确的签名-因为该服务会在计算期望您签名的签名之前对其进行排序发送。

此外,您的签名编码是错误的。

$signature=Replace($signature,"+","%20")

除了A-Z a-z 0-9之外,应该只有3种可能性:

+ becomes %2B
/ becomes %2F
= becomes %3D
相关问题
最新问题