亚马逊MWS产品SignatureDoesNotMatch

Question

当我运行这段代码时，我会得到一个SignatureDoesNotMatch错误。我没发现问题所在。我甚至注释了sort()，以保持数组的自然顺序。任何帮助都将不胜感激。

    $params = array(
    'AWSAccessKeyId' => "*********",
    'Action' => "GetCompetitivePricingForASIN",
    'SellerId' => "********",
    'SignatureVersion' => "2",
    'Timestamp' => gmdate("Y-m-d\TH:i:s.\\0\\0\\0\\Z", time()),
    'Version' => "2011-10-01",
    'SignatureMethod' => "HmacSHA256",
    'MarketplaceId' => "ATVPDKIKX0DER",
    'AsinList.ASIN.1' => $asin


    );

    $url_parts = array();
    foreach (array_keys($params) as $key)
    $url_parts[] = $key . "=" . str_replace('%7E', '~', rawurlencode($params[$key]));
    //sort($url_parts);
    $url_string     = implode("&", $url_parts);
    $string_to_sign = "GET\nmws.amazonservices.com\n/Products/2011-10-01\n" .     $url_string;
    $signature = hash_hmac("sha256", $string_to_sign, AWS_SECRET_ACCESS_KEY, TRUE);
    $signature = urlencode(base64_encode($signature));
    $url = "https://mws.amazonservices.com/Orders/2011-10-01" . '?' . $url_string .  "&Signature=" . $signature;
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
    $response = curl_exec($ch);
    $xml      = simplexml_load_string($response);

    echo $xml->asXML();

Answer 1

我花了两天时间才意识到

 $string_to_sign = "GET\nmws.amazonservices.com\n/Products/2011-10-01\n"

和

 $url = "https://mws.amazonservices.com/Orders/2011-10-01" . '?' . $url_string

只是不合作。产品和订单不是一回事。谢谢大家的帮助。菜鸟弄错了。

Answer 2

签名错配是一个很常见的错误，也很难找出准确的错误！我个人的建议是将请求与Amazon的便签请求进行比较。这对我的案子总是有帮助的。而仿真器必须是字母顺序才能匹配签名。在这里尝试您的API请求:https://mws.amazonservices.in/scratchpad/index.html并单击request选项卡查看完整的请求url、签名、md5哈希等。

Answer 3

这花费了我几个小时的时间，我希望这可以帮助任何人遇到简单但不太明显的SignatureDoesNotMatch错误原因。

当调用所需的方法为POST时，请确保在生成的签名字符串和curl选项中指定该方法：

curl_setopt($ch, CURLOPT_POST, 1);