Fatal编程技术网
  • php/
  • 使用PHP为Amazon Shipping API生成AWS签名

使用PHP为Amazon Shipping API生成AWS签名

php

使用PHP为Amazon Shipping API生成AWS签名,php,amazon-product-api,Php,Amazon Product Api,我正在尝试为授权头生成签名以调用Amazon Shipping API。 还想知道是否有其他方法集成Shippin API,因为amazon提供了不同的文档,但没有一个文档清楚如何集成。他们的支持团队已告知使用AWS签名方法生成标题,但其sdk在PHP中不可用 这是我生成签名的代码,但它总是导致400 HTTP错误 $host = "https://sellingpartnerapi-eu.amazon.com"; $accessKey

我正在尝试为授权头生成签名以调用Amazon Shipping API。 还想知道是否有其他方法集成Shippin API,因为amazon提供了不同的文档,但没有一个文档清楚如何集成。他们的支持团队已告知使用AWS签名方法生成标题,但其sdk在PHP中不可用

这是我生成签名的代码,但它总是导致400 HTTP错误

$host               = "https://sellingpartnerapi-eu.amazon.com";
$accessKey          = ACCESS_KEY;
$secretKey          = SECRET_KEY;
$region             = "eu-west-1";
$service            = "execute-api";
$requestUrl         = "https://sellingpartnerapi-eu.amazon.com/shipping/v2/shipments/rates";
$uri                = 'shipping/v2/shipments/rates';

function calcualteAwsSignatureAndReturnHeaders($host, $uri, $requestUrl, 
            $accessKey, $secretKey, $region, $service, 
            $httpRequestMethod, $data, $debug = TRUE){

    $terminationString  = 'aws4_request';
    $algorithm      = 'AWS4-HMAC-SHA256';
    $phpAlgorithm       = 'sha256';
    $canonicalURI       = $uri;
    $canonicalQueryString   = '';
    $signedHeaders      = 'content-type;host;x-amz-date';


    $currentDateTime = new DateTime('UTC');
    $reqDate = $currentDateTime->format('Ymd');
    $reqDateTime = $currentDateTime->format('Ymd\THis\Z');

    // Create signing key
    $kSecret = $secretKey;
    $kDate = hash_hmac($phpAlgorithm, $reqDate, 'AWS4' . $kSecret, true);
    $kRegion = hash_hmac($phpAlgorithm, $region, $kDate, true);
    $kService = hash_hmac($phpAlgorithm, $service, $kRegion, true);
    $kSigning = hash_hmac($phpAlgorithm, $terminationString, $kService, true);

    // Create canonical headers
    $canonicalHeaders = array();
    $canonicalHeaders[] = 'content-type:application/x-www-form-urlencoded';
    $canonicalHeaders[] = 'host:' . $host;
    $canonicalHeaders[] = 'x-amz-date:' . $reqDateTime;
    $canonicalHeadersStr = implode("\n", $canonicalHeaders);

    // Create request payload
    $requestHasedPayload = hash($phpAlgorithm, $data);

    // Create canonical request
    $canonicalRequest = array();
    $canonicalRequest[] = $httpRequestMethod;
    $canonicalRequest[] = $canonicalURI;
    $canonicalRequest[] = $canonicalQueryString;
    $canonicalRequest[] = $canonicalHeadersStr . "\n";
    $canonicalRequest[] = $signedHeaders;
    $canonicalRequest[] = $requestHasedPayload;
    $requestCanonicalRequest = implode("\n", $canonicalRequest);
    $requestHasedCanonicalRequest = hash($phpAlgorithm, utf8_encode($requestCanonicalRequest));
    if($debug){
        echo "<h5>Canonical to string</h5>";
        echo "<pre>";
        echo $requestCanonicalRequest;
        echo "</pre>";
    }

    // Create scope
    $credentialScope = array();
    $credentialScope[] = $reqDate;
    $credentialScope[] = $region;
    $credentialScope[] = $service;
    $credentialScope[] = $terminationString;
    $credentialScopeStr = implode('/', $credentialScope);

    // Create string to signing
    $stringToSign = array();
    $stringToSign[] = $algorithm;
    $stringToSign[] = $reqDateTime;
    $stringToSign[] = $credentialScopeStr;
    $stringToSign[] = $requestHasedCanonicalRequest;
    $stringToSignStr = implode("\n", $stringToSign);
    if($debug){
        echo "<h5>String to Sign</h5>";
        echo "<pre>";
        echo $stringToSignStr;
        echo "</pre>";
    }

    // Create signature
    $signature = hash_hmac($phpAlgorithm, $stringToSignStr, $kSigning);

    // Create authorization header
    $authorizationHeader = array();
    $authorizationHeader[] = 'Credential=' . $accessKey . '/' . $credentialScopeStr;
    $authorizationHeader[] = 'SignedHeaders=' . $signedHeaders;
    $authorizationHeader[] = 'Signature=' . ($signature);
    $authorizationHeaderStr = $algorithm . ' ' . implode(', ', $authorizationHeader);


    // Request headers
    $headers = array();
    $headers[] = 'authorization:'.$authorizationHeaderStr;
    $headers[] = 'content-length:'.strlen($data);
    $headers[] = 'content-type: application/x-www-form-urlencoded';
    $headers[] = 'host: ' . $host;
    $headers[] = 'x-amz-date: ' . $reqDateTime;

    return $headers;
}


$host=”https://sellingpartnerapi-eu.amazon.com";
$accessKey=ACCESS\u KEY;
$secretKey=SECRET\u密钥;
$region=“eu-west-1”;
$service=“执行api”;
$requestUrl=”https://sellingpartnerapi-eu.amazon.com/shipping/v2/shipments/rates";
$uri='发货/v2/发货/费率';
函数CalculteAwSignatureAndReturnHeaders($host、$uri、$requestUrl、,
$accessKey、$secretKey、$region、$service、,
$httpRequestMethod,$data,$debug=TRUE){
$terminationString='aws4_请求';
$algorithm='AWS4-HMAC-SHA256';
$phpAlgorithm='sha256';
$canonicalURI=$uri;
$canonicalQueryString='';
$signedHeaders='content-type;host;x-amz-date';
$currentDateTime=新日期时间('UTC');
$reqDate=$currentDateTime->格式('Ymd');
$reqDateTime=$currentDateTime->format('Ymd\THis\Z');
//创建签名密钥
$kSecret=$secretKey;
$kDate=hash_hmac($phpAlgorithm,$reqDate,'AWS4'。$kSecret,true);
$kRegion=hash_hmac($phpAlgorithm,$region,$kDate,true);
$kService=hash_hmac($phpAlgorithm,$service,$kRegion,true);
$kSigning=hash_hmac($phpAlgorithm,$terminationString,$kService,true);
//创建规范标头
$canonicalHeaders=array();
$canonicalHeaders[]='内容类型:application/x-www-form-urlencoded';
$canonicalHeaders[]=“主机:”。$host;
$canonicalHeaders[]=“x-amz-date:”。$reqDateTime;
$canonicalHeadersStr=内爆(“\n”,$canonicalHeaders);
//创建请求负载
$requestHasedPayload=hash($phpAlgorithm$data);
//创建规范请求
$canonicalRequest=array();
$canonicalRequest[]=$httpRequestMethod;
$canonicalRequest[]=$canonicalURI;
$canonicalRequest[]=$canonicalQueryString;
$canonicalRequest[]=$canonicalHeadersStr.“\n”;
$canonicalRequest[]=$signedHeaders;
$canonicalRequest[]=$requestHasedPayload;
$requestCanonicalRequest=内爆(“\n”,$canonicalRequest);
$requestHasedCanonicalRequest=hash($phpAlgorithm,utf8_encode($requestCanonicalRequest));
如果($debug){
回显“规范到字符串”;
回声“;
echo$requestCanonicalRequest;
回声“;
}
//创建范围
$credentialScope=array();
$credentialScope[]=$reqDate;
$credentialScope[]=$region;
$credentialScope[]=$service;
$credentialScope[]=$terminationString;
$credentialScopeStr=内爆(“/”,$credentialScope);
//创建要签名的字符串
$stringToSign=array();
$stringToSign[]=$algorithm;
$stringToSign[]=$reqDateTime;
$stringToSign[]=$CredentialsScopestr;
$stringToSign[]=$requestHasedCanonicalRequest;
$stringToSignStr=内爆(“\n”,$stringToSign);
如果($debug){
回显“要签名的字符串”;
回声“;
echo$stringToSignStr;
回声“;
}
//创建签名
$signature=hash_hmac($phpAlgorithm,$stringToSignStr,$kSigning);
//创建授权标头
$authorizationHeader=array();
$authorizationHeader[]='Credential='.$accessKey./'.$credentialScopeStr;
$authorizationHeader[]='SignedHeaders='。$SignedHeaders;
$authorizationHeader[]='Signature='($Signature);
$authorizationHeaderStr=$algorithm.'''。内爆(',',$authorizationHeader);
//请求头
$headers=array();
$headers[]=“授权:”。$authorizationHeaderStr;
$headers[]=“内容长度:”.strlen($data);
$headers[]='内容类型:application/x-www-form-urlencoded';
$headers[]=“主机:”。$host;
$headers[]=“x-amz-date:”。$reqDateTime;
返回$headers;
}
您需要在标题字段中添加“x-amz-access-token”,如下所示

您可以从生成x-amz-access-token,您需要在标题字段中添加“x-amz-access-token”,如下所示

您可以从生成x-amz-access-token

$headers = array();
$headers[] = 'authorization:'.$authorizationHeaderStr;
$headers[] = 'content-length:'.strlen($data);
$headers[] = 'content-type: application/json';
$headers[] = 'host: ' . $host;
$headers[] = 'x-amz-date: ' . $reqDateTime;
$headers[] = 'x-amz-access-token: ' . $reqToken;