Clever Geek Handbook

Make a signed request using the Amazon API MWS

I am trying to make a signed request for Amazon Merchant Web Services (MWS). I am using a script from here: Convert Gambling MWS Memory Requests to API Calls

But I don't know why I got the error: "The request signature we signed does not match the signature you provided. Please check your AWS private access key and signing method. Please refer to the technical documentation for details."

So here's my script:

define ("AWS_ACCESS_KEY_ID", "xxxxx");
define ("MERCHANT_ID", "xxxxx");
define ("MARKETPLACE_ID", "xxxxx");
define ("AWS_SECRET_ACCESS_KEY","xxxxx");

$base_url = "https://mws.amazonservices.fr/Products/2011-10-01";
$method = "POST";
$host = "mws.amazonservices.fr";
$uri = "/Products/2011-10-01";

function amazon_xml($searchTerm) {

$params = array(
'AWSAccessKeyId' => AWS_ACCESS_KEY_ID,
'Action' => "GetLowestOfferListingsForSKU",
'SellerId' => MERCHANT_ID,
'SignatureMethod' => "HmacSHA256",
'SignatureVersion' => "2",
'Timestamp'=> date("Y-m-d\TH:i:s.\\0\\0\\0\\Z", time()),
'Version'=> "2011-10-01",
'MarketplaceId' => MARKETPLACE_ID,
'Query' => $searchTerm,
'ItemCondition'=> "New",
'ExcludeMe' => "false");


// Sort the URL parameters
$url_parts = array();
foreach(array_keys($params) as $key)
$url_parts[] = $key . "=" . str_replace('%7E', '~', rawurlencode($params[$key]));
sort($url_parts);

// Construct the string to sign
$url_string = str_replace("%7E", "~", implode("&", $url_parts));
$string_to_sign = "POST\nmws.amazonservices.fr\n/Products/2011-10-01\n" . $url_string;

// Sign the request
$signature = hash_hmac('sha256', $string_to_sign, AWS_SECRET_ACCESS_KEY, TRUE);

// Base64 encode the signature and make it URL safe
$signature = rawurlencode(base64_encode($signature));

$url = "https://mws.amazonservices.fr/Products/2011-10-01" . '?' . $url_string . "&Signature=" . $signature;

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 15);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$response = curl_exec($ch);

$parsed_xml = simplexml_load_string($response);

return ($parsed_xml);
}

I don't understand what's going on. If someone can help ...

Thanks in advance!

+1


source to share


2 answers


You have a problem when you sign a string. try this

$url_parts = array();
foreach(array_keys($params) as $key)
    $url_parts[] = $key . "=" . str_replace('%7E', '~', rawurlencode($params[$key]));
sort($url_parts);

// Construct the string to sign
$url_string = implode("&", $url_parts);
$string_to_sign = "GET\nmws.amazonservices.com\n/Products/2011-10-01\n" . $url_string;

// Sign the request
$signature = hash_hmac("sha256", $string_to_sign, AWS_SECRET_ACCESS_KEY, TRUE);

// Base64 encode the signature and make it URL safe
$signature = urlencode(base64_encode($signature));

$url = "https://mws.amazonservices.com/Products/2011-10-01" . '?' . $url_string . "&Signature=" . $signature;


its work for me ... Hope this helps

+1


source


Make sure when using cURL you are setting the "GET" method, in the above example change to

$ method = "GET";



and it should work.

+1


source






More articles:


All Articles