我想通过ISBN(用于慈善计划)编写应用程序以获取书籍封面。所以我决定使用亚马逊产品API。我有访问密钥和密钥。我得到了一个生成密钥的代码,我通过了URL但是返回了
<?xml version="1.0"?>
<ItemLookupErrorResponse xmlns="http://ecs.amazonaws.com/doc/2005-10-05/">
<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated
does not match the signature you provided.
Check your AWS Secret Access Key and signing method.
Consult the service documentation for details.
</Message></Error><RequestID>6c60b8b7-8b78-4f21-bb7c-3d5d3a26dc48</RequestID>
</ItemLookupErrorResponse>
那是代码
<?php
$AWSAccessKeyId = "*******ACCESS KEY***************";
$signature = base64_encode(hash_hmac('sha256',$string_to_sign,"******SECRET KEY*******",true));
// encode any plus (+), equal (=), or other reserved characters in $signature
$signature = str_replace('%7E','~',rawurlencode($signature));
$url = "http://ecs.amazonaws.com/onca/xml?AWSAccessKeyId=".$AWSAccessKeyId."&IdType=ASIN&ItemId=1933988355&Operation=ItemLookup&ResponseGroup=Medium%2COffers&Service=AWSECommerceService&Timestamp=".gmdate('Y-m-d\TH:i:s\Z')."&Signature=".$signature;
echo $url;
?>
代码有什么问题?
我尝试使用相同的时间戳。仍然没有运气。这是示例代码。
$method = "GET";
$host = "ecs.amazonaws.".$region;
$uri = "/onca/xml";
// additional parameters
$params["Service"] = "AWSECommerceService";
$params["AWSAccessKeyId"] = $public_key;
// GMT timestamp
$params["Timestamp"] = gmdate("Y-m-d\TH:i:s\Z");
// API version
$params["Version"] = "2009-03-31";
// sort the parameters
ksort($params);
// create the canonicalized query
$canonicalized_query = array();
foreach ($params as $param=>$value)
{
$param = str_replace("%7E", "~", rawurlencode($param));
$value = str_replace("%7E", "~", rawurlencode($value));
$canonicalized_query[] = $param."=".$value;
}
$canonicalized_query = implode("&", $canonicalized_query);
// create the string to sign
$string_to_sign = $method."\n".$host."\n".$uri."\n".$canonicalized_query;
// calculate HMAC with SHA256 and base64-encoding
$signature = base64_encode(hash_hmac("sha256", $string_to_sign, $private_key, True));
// encode the signature for the request
$signature = str_replace("%7E", "~", rawurlencode($signature));
答案 0 :(得分:6)
从时间戳创建一个变量,在$ string_to_sign和url-parameter中使用它,否则可能会发生两个时间戳不同的情况。要提供更多帮助,您需要显示$ string_to_sign的创建。
此外:Timestamp-parameter也需要进行urlencoded编码。
答案 1 :(得分:2)
请求的“签名”包括请求“operation”参数和时间戳。这是一个应该用于创建签名的函数:
function createSignature($operation,$timestamp){
$the_string=$operation.$timestamp;
return base64_encode(hash_hmac("sha256",$the_string,$this->secret_key,true));
}
您在请求中发送的时间戳应与传递给createSignature函数的时间戳相同。换句话说,不要生成两次时间戳。将其保存到变量中,然后将其用于两者。
此外,这是我创建的一个PHP类,用于简化向API发出请求的过程: https://github.com/traviswimer/AmazonProductAPI_SOAPer/blob/master/AmazonApi.php