亚马逊MWS的订单签名不匹配
问题描述:
当我运行这段代码,我得到一个错误SignatureDoesNotMatch我们 计算出你所提供的签名不匹配的请求签名。检查您的AWS秘密访问密钥和签名方法。详细信息请参阅服务文档。亚马逊MWS的订单签名不匹配
<?php
$param = array();
$param['AWSAccessKeyId'] = 'AWSAccessKeyId';
$param['Action'] = 'ListOrders';
$param['MWSAuthToken'] = 'MWSAuthToken';
$param['MarketplaceId'] = 'A21TJRUUN4KGV';
$param['FulfillmentChannel.Channel.1'] = 'MFN';
$param['PaymentMethod.Method.1'] = 'COD';
$param['OrderStatus.Status.1'] = 'Pending';
$param['OrderStatus.Status.2'] = 'PendingAvailability';
$param['SellerId'] = 'AGNFZGZRZBUP1';
$param['SignatureMethod'] = 'HmacSHA256';
$param['SignatureVersion'] = '2';
$param['CreatedAfter'] = "2017-09-01T13:41:49Z";
$param['Timestamp'] = gmdate("Y-m-d\TH:i:s.\\0\\0\\0\\Z", time());
$param['Version'] = '2013-09-01';
$secret = 'secret key';
$url = array();
foreach ($param as $key => $val) {
$val = str_replace("%7E", "~", rawurlencode($val));
$url[] = $key . "=" . $val;
}
sort($url);
$arr = implode('&', $url);
$sign = 'POST' . "\n";
$sign .= 'mws.amazonservices.in' . "\n";
$sign .= '/Orders/2013-09-01' . "\n";
$sign .= $arr;
$signature = hash_hmac("sha256", $sign, $secret, true);
$signature = urlencode(base64_encode($signature));
$link = "https://mws.amazonservices.in/Orders/2013-09-01?";
$link .= $arr;
$link .= "&Signature=" . $signature;
echo($link); //for debugging - you can paste this into a browser and see if it loads.
$ch = curl_init($link);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-type: application/xml'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
$response = curl_exec($ch);
$info = curl_getinfo($ch);
curl_close($ch);
echo "<pre>";
print_r($response);
print_r($info);
?>
答
您的签名计算看起来不错。但是,你计算基于“POST”的签名,但你实际上做一个GET。我想这就是抛开另一边的签名计算。
我试图同时支持GET和POST但都扔相同签名小姐比赛的错误 –