计算亚马逊MWS签名不匹配
我对Java相对比较陌生,并且试图让我的应用程序将POST请求发布到亚马逊的MWS API上几天。我不断得到一个'SignatureDoesNotMatch'的回应,我找不出原因。我已经广泛使用亚马逊的MWS便笺簿,并且使用它我没有任何问题获得成功响应,所以我的密钥等都可以。由暂存器生成的内容参数和base64签名与我的应用程序生成的内容匹配,所以我确信我的应用程序正在编译参数和签名。当我将由暂存器生成的内容参数硬编码到我的应用程序中时,出现'SignatureDoesNotMatch'error响应。我会非常感谢来自更有经验的Java开发人员或任何已经制作了像我的亚马逊MWS一样的应用程序的人。计算亚马逊MWS签名不匹配
我的代码的相关部分是:
/*
* get amazon timestamp
*/
GetAmazonTimestamp timestampObj = new GetAmazonTimestamp();
String amazonTimestamp = null;
try {
amazonTimestamp = timestampObj.getTimestamp();
amazonTimestamp.replace(".000Z", "Z");
} catch (IOException e) {
e.printStackTrace();
}
/*
* create http parameters and initialise the signature value
*/
String URLendpoint = "https://mws.amazonservices.co.uk/orders/2011-01-01";
String param1 = "AWSAccessKeyId"; String value1 = "AKIAIZXBKLVSGBBQQL2A";
String param2 = "Action"; String value2 = "ListOrders";
String param3 = "LastUpdatedAfter"; String value3 = "2013-02-01T00:00:00Z";
String param4 = "MarketplaceId.Id.1"; String value4 = "A1F83G8C2ARO7P";
String param5 = "SellerId"; String value5 = "A3A2272JFHXROO";
String param6 = "SignatureMethod"; String value6 = "HmacSHA256";
String param7 = "SignatureVersion"; String value7 = "2";
String param8 = "Timestamp"; String value8 = amazonTimestamp;
String param9 = "Version"; String value9 = "2011-01-01";
String param10 = "Signature"; String value10 = null;
/*
* build sections of URL components for signature
*/
String URLforSignature = "POST\n" + "mws.amazonservices.co.uk\n" + "/Orders/2011-01-01\n" +
URLEncoder.encode(param1,"UTF-8") + "=" +
URLEncoder.encode(value1,"UTF-8") + "&" +
URLEncoder.encode(param2,"UTF-8") + "=" +
URLEncoder.encode(value2,"UTF-8") + "&" +
URLEncoder.encode(param3,"UTF-8") + "=" +
URLEncoder.encode(value3,"UTF-8") + "&" +
URLEncoder.encode(param4,"UTF-8") + "=" +
URLEncoder.encode(value4,"UTF-8") + "&" +
URLEncoder.encode(param5,"UTF-8") + "=" +
URLEncoder.encode(value5,"UTF-8") + "&" +
URLEncoder.encode(param6,"UTF-8") + "=" +
URLEncoder.encode(value6,"UTF-8") + "&" +
URLEncoder.encode(param7,"UTF-8") + "=" +
URLEncoder.encode(value7,"UTF-8") + "&" +
URLEncoder.encode(param8,"UTF-8") + "=" +
URLEncoder.encode(value8,"UTF-8") + "&" +
URLEncoder.encode(param9,"UTF-8") + "=" +
URLEncoder.encode(value9,"UTF-8");
/*
* hash and base64 encode the signature using the URLforSignature
*/
GetAmazonSignature signatureObj = new GetAmazonSignature();
value10 = signatureObj.getSignature(URLforSignature);
/*
* create the http post
*/
HttpClient client = new DefaultHttpClient();
HttpPost post = new HttpPost(URLendpoint);
String line = null;
try {
List<NameValuePair> nameValuePairs = new ArrayList<NameValuePair>();
post.addHeader("Content-Type", "application/x-www-form-urlencoded");
nameValuePairs.add(new BasicNameValuePair(param1, value1));
nameValuePairs.add(new BasicNameValuePair(param2, value2));
nameValuePairs.add(new BasicNameValuePair(param3, value3));
nameValuePairs.add(new BasicNameValuePair(param4, value4));
nameValuePairs.add(new BasicNameValuePair(param5, value5));
nameValuePairs.add(new BasicNameValuePair(param6, value6));
nameValuePairs.add(new BasicNameValuePair(param7, value7));
nameValuePairs.add(new BasicNameValuePair(param8, value8));
nameValuePairs.add(new BasicNameValuePair(param9, value9));
nameValuePairs.add(new BasicNameValuePair(param10, value10));
post.setEntity(new UrlEncodedFormEntity(nameValuePairs, "UTF-8"));
HttpResponse response = client.execute(post);
BufferedReader rd = new BufferedReader(new InputStreamReader(
response.getEntity().getContent()));
line = "";
while ((line = rd.readLine()) != null) {
System.out.println(line);
}
}
感谢您的帮助。
为什么不使用亚马逊为MWS提供的Java客户端库?
转到MWS并单击您感兴趣的API。您将看到一个Java客户端库链接,您可以在其中获取所需的文件。它们包含示例并将处理您通常必须执行的URL签名,解析和其他工作。
您构建URLforSignature
的方式看起来没问题。
尽管如此,您并未显示代码GetAmazonSignature
。我会怀疑这个缺陷在那里。可能你忘了base64编码你的结果?请注意,MWS scratchpad在“请求详细信息”页面上显示了十六进制签名以及base64编码的签名。您应该能够通过将这些详细信息与您的功能结果进行比较来发现缺陷。
感谢那些帮助过我的人,但最终我发现“https://mws.amazonservices.co.uk/orders/2011-01-01”在订单中需要大写“O”。亚马逊的开发支持同意在这种情况下'SignatureDoesNotMatch'错误信息不是很有帮助,并且表示他们会研究它。
再次感谢
非常感谢您的回复。我花了一些时间与亚马逊MWS订单API,但我发现它是不可逾越的。因为我正在学习用java编程,所以我认为我将能够逐步构建适当的代码,我相信这正是我所做的。我不介意创建我的应用程序需要更长的时间,我只是想了解它在做什么,以便我可以继续构建它。 – Bacon 2013-02-12 13:03:23