使用PHP为Amazon Shipping API生成AWS签名
我正在尝试为授权头生成签名以调用Amazon Shipping API。 还想知道是否有其他方法集成Shippin API,因为amazon提供了不同的文档,但没有一个文档清楚如何集成。他们的支持团队已告知使用AWS签名方法生成标题,但其sdk在PHP中不可用 这是我生成签名的代码,但它总是导致400 HTTP错误使用PHP为Amazon Shipping API生成AWS签名,php,amazon-product-api,Php,Amazon Product Api,我正在尝试为授权头生成签名以调用Amazon Shipping API。 还想知道是否有其他方法集成Shippin API,因为amazon提供了不同的文档,但没有一个文档清楚如何集成。他们的支持团队已告知使用AWS签名方法生成标题,但其sdk在PHP中不可用 这是我生成签名的代码,但它总是导致400 HTTP错误 $host = "https://sellingpartnerapi-eu.amazon.com"; $accessKey
$host = "https://sellingpartnerapi-eu.amazon.com";
$accessKey = ACCESS_KEY;
$secretKey = SECRET_KEY;
$region = "eu-west-1";
$service = "execute-api";
$requestUrl = "https://sellingpartnerapi-eu.amazon.com/shipping/v2/shipments/rates";
$uri = 'shipping/v2/shipments/rates';
function calcualteAwsSignatureAndReturnHeaders($host, $uri, $requestUrl,
$accessKey, $secretKey, $region, $service,
$httpRequestMethod, $data, $debug = TRUE){
$terminationString = 'aws4_request';
$algorithm = 'AWS4-HMAC-SHA256';
$phpAlgorithm = 'sha256';
$canonicalURI = $uri;
$canonicalQueryString = '';
$signedHeaders = 'content-type;host;x-amz-date';
$currentDateTime = new DateTime('UTC');
$reqDate = $currentDateTime->format('Ymd');
$reqDateTime = $currentDateTime->format('Ymd\THis\Z');
// Create signing key
$kSecret = $secretKey;
$kDate = hash_hmac($phpAlgorithm, $reqDate, 'AWS4' . $kSecret, true);
$kRegion = hash_hmac($phpAlgorithm, $region, $kDate, true);
$kService = hash_hmac($phpAlgorithm, $service, $kRegion, true);
$kSigning = hash_hmac($phpAlgorithm, $terminationString, $kService, true);
// Create canonical headers
$canonicalHeaders = array();
$canonicalHeaders[] = 'content-type:application/x-www-form-urlencoded';
$canonicalHeaders[] = 'host:' . $host;
$canonicalHeaders[] = 'x-amz-date:' . $reqDateTime;
$canonicalHeadersStr = implode("\n", $canonicalHeaders);
// Create request payload
$requestHasedPayload = hash($phpAlgorithm, $data);
// Create canonical request
$canonicalRequest = array();
$canonicalRequest[] = $httpRequestMethod;
$canonicalRequest[] = $canonicalURI;
$canonicalRequest[] = $canonicalQueryString;
$canonicalRequest[] = $canonicalHeadersStr . "\n";
$canonicalRequest[] = $signedHeaders;
$canonicalRequest[] = $requestHasedPayload;
$requestCanonicalRequest = implode("\n", $canonicalRequest);
$requestHasedCanonicalRequest = hash($phpAlgorithm, utf8_encode($requestCanonicalRequest));
if($debug){
echo "<h5>Canonical to string</h5>";
echo "<pre>";
echo $requestCanonicalRequest;
echo "</pre>";
}
// Create scope
$credentialScope = array();
$credentialScope[] = $reqDate;
$credentialScope[] = $region;
$credentialScope[] = $service;
$credentialScope[] = $terminationString;
$credentialScopeStr = implode('/', $credentialScope);
// Create string to signing
$stringToSign = array();
$stringToSign[] = $algorithm;
$stringToSign[] = $reqDateTime;
$stringToSign[] = $credentialScopeStr;
$stringToSign[] = $requestHasedCanonicalRequest;
$stringToSignStr = implode("\n", $stringToSign);
if($debug){
echo "<h5>String to Sign</h5>";
echo "<pre>";
echo $stringToSignStr;
echo "</pre>";
}
// Create signature
$signature = hash_hmac($phpAlgorithm, $stringToSignStr, $kSigning);
// Create authorization header
$authorizationHeader = array();
$authorizationHeader[] = 'Credential=' . $accessKey . '/' . $credentialScopeStr;
$authorizationHeader[] = 'SignedHeaders=' . $signedHeaders;
$authorizationHeader[] = 'Signature=' . ($signature);
$authorizationHeaderStr = $algorithm . ' ' . implode(', ', $authorizationHeader);
// Request headers
$headers = array();
$headers[] = 'authorization:'.$authorizationHeaderStr;
$headers[] = 'content-length:'.strlen($data);
$headers[] = 'content-type: application/x-www-form-urlencoded';
$headers[] = 'host: ' . $host;
$headers[] = 'x-amz-date: ' . $reqDateTime;
return $headers;
}
$host=”https://sellingpartnerapi-eu.amazon.com";
$accessKey=ACCESS\u KEY;
$secretKey=SECRET\u密钥;
$region=“eu-west-1”;
$service=“执行api”;
$requestUrl=”https://sellingpartnerapi-eu.amazon.com/shipping/v2/shipments/rates";
$uri='发货/v2/发货/费率';
函数CalculteAwSignatureAndReturnHeaders($host、$uri、$requestUrl、,
$accessKey、$secretKey、$region、$service、,
$httpRequestMethod,$data,$debug=TRUE){
$terminationString='aws4_请求';
$algorithm='AWS4-HMAC-SHA256';
$phpAlgorithm='sha256';
$canonicalURI=$uri;
$canonicalQueryString='';
$signedHeaders='content-type;host;x-amz-date';
$currentDateTime=新日期时间('UTC');
$reqDate=$currentDateTime->格式('Ymd');
$reqDateTime=$currentDateTime->format('Ymd\THis\Z');
//创建签名密钥
$kSecret=$secretKey;
$kDate=hash_hmac($phpAlgorithm,$reqDate,'AWS4'。$kSecret,true);
$kRegion=hash_hmac($phpAlgorithm,$region,$kDate,true);
$kService=hash_hmac($phpAlgorithm,$service,$kRegion,true);
$kSigning=hash_hmac($phpAlgorithm,$terminationString,$kService,true);
//创建规范标头
$canonicalHeaders=array();
$canonicalHeaders[]='内容类型:application/x-www-form-urlencoded';
$canonicalHeaders[]=“主机:”。$host;
$canonicalHeaders[]=“x-amz-date:”。$reqDateTime;
$canonicalHeadersStr=内爆(“\n”,$canonicalHeaders);
//创建请求负载
$requestHasedPayload=hash($phpAlgorithm$data);
//创建规范请求
$canonicalRequest=array();
$canonicalRequest[]=$httpRequestMethod;
$canonicalRequest[]=$canonicalURI;
$canonicalRequest[]=$canonicalQueryString;
$canonicalRequest[]=$canonicalHeadersStr.“\n”;
$canonicalRequest[]=$signedHeaders;
$canonicalRequest[]=$requestHasedPayload;
$requestCanonicalRequest=内爆(“\n”,$canonicalRequest);
$requestHasedCanonicalRequest=hash($phpAlgorithm,utf8_encode($requestCanonicalRequest));
如果($debug){
回显“规范到字符串”;
回声“;
echo$requestCanonicalRequest;
回声“;
}
//创建范围
$credentialScope=array();
$credentialScope[]=$reqDate;
$credentialScope[]=$region;
$credentialScope[]=$service;
$credentialScope[]=$terminationString;
$credentialScopeStr=内爆(“/”,$credentialScope);
//创建要签名的字符串
$stringToSign=array();
$stringToSign[]=$algorithm;
$stringToSign[]=$reqDateTime;
$stringToSign[]=$CredentialsScopestr;
$stringToSign[]=$requestHasedCanonicalRequest;
$stringToSignStr=内爆(“\n”,$stringToSign);
如果($debug){
回显“要签名的字符串”;
回声“;
echo$stringToSignStr;
回声“;
}
//创建签名
$signature=hash_hmac($phpAlgorithm,$stringToSignStr,$kSigning);
//创建授权标头
$authorizationHeader=array();
$authorizationHeader[]='Credential='.$accessKey./'.$credentialScopeStr;
$authorizationHeader[]='SignedHeaders='。$SignedHeaders;
$authorizationHeader[]='Signature='($Signature);
$authorizationHeaderStr=$algorithm.'''。内爆(',',$authorizationHeader);
//请求头
$headers=array();
$headers[]=“授权:”。$authorizationHeaderStr;
$headers[]=“内容长度:”.strlen($data);
$headers[]='内容类型:application/x-www-form-urlencoded';
$headers[]=“主机:”。$host;
$headers[]=“x-amz-date:”。$reqDateTime;
返回$headers;
}
您需要在标题字段中添加“x-amz-access-token”,如下所示
您可以从生成x-amz-access-token,您需要在标题字段中添加“x-amz-access-token”,如下所示
您可以从生成x-amz-access-token
$headers = array();
$headers[] = 'authorization:'.$authorizationHeaderStr;
$headers[] = 'content-length:'.strlen($data);
$headers[] = 'content-type: application/json';
$headers[] = 'host: ' . $host;
$headers[] = 'x-amz-date: ' . $reqDateTime;
$headers[] = 'x-amz-access-token: ' . $reqToken;