views:

290

answers:

1

Hello, I have a problem searching through amazon web servise using PHP in my CodeIgniter. I get InvalidParameter timestamp is not in ISO-8601 format response from the server. But I don't think that timestamp is the problem,because I have tryed to compare with given date format from http://associates-amazon.s3.amazonaws.com/signed-requests/helper/index.html and it seems its fine. Could anyone help? Here is my code:

                $private_key = 'XXXXXXXXXXXXXXXX'; // Took out real secret key
                $method = "GET";
                $host = "ecs.amazonaws.com";
                $uri = "/onca/xml";

                $timeStamp = gmdate("Y-m-d\TH:i:s.000\Z");
                $timeStamp = str_replace(":", "%3A", $timeStamp);
                $params["AWSAccesskeyId"] = "XXXXXXXXXXXX"; // Took out real access key
                $params["ItemPage"] = $item_page;
                $params["Keywords"] = $keywords;
                $params["ResponseGroup"] = "Medium2%2525COffers";
                $params["SearchIndex"] = "Books";
                $params["Operation"] = "ItemSearch";
                $params["Service"] = "AWSECommerceService";
                $params["Timestamp"] = $timeStamp;
                $params["Version"] = "2009-03-31";

                ksort($params);

                $canonicalized_query = array();
                foreach ($params as $param=>$value)
                {
                  $param = str_replace("%7E", "~", rawurlencode($param));
                  $value = str_replace("%7E", "~", rawurlencode($value));
                   $canonicalized_query[] = $param. "=". $value;
                }
                $canonicalized_query = implode("&", $canonicalized_query);

                $string_to_sign = $method."\n\r".$host."\n\r".$uri."\n\r".$canonicalized_query;

                $signature = base64_encode(hash_hmac("sha256",$string_to_sign, $private_key, True));

                $signature = str_replace("%7E", "~", rawurlencode($signature));

                $request = "http://".$host.$uri."?".$canonicalized_query."&Signature=".$signature;

                $response = @file_get_contents($request);

                if ($response === False)
                {
                    return "response fail";
                }
                else
                {
                    $parsed_xml = simplexml_load_string($response);
                    if ($parsed_xml === False)
                    {
                        return "parse fail";
                    }
                    else
                    {
                        return $parsed_xml;
                    }
                }

P.S. - Personally I think that something is wrong in the generation of the from the $string_to_sign when hashing it.

+1  A: 

You can try this:

// some paramters
$method = "GET";
$host = "ecs.amazonaws.".$region;
$uri = "/onca/xml";

// additional parameters
$params["Service"] = "AWSECommerceService";
$params["AWSAccessKeyId"] = $public_key;
// GMT timestamp
$params["Timestamp"] = gmdate("Y-m-d\TH:i:s\Z");
// API version
$params["Version"] = "2009-03-31";

// sort the parameters
ksort($params);

// create the canonicalized query
$canonicalized_query = array();
foreach ($params as $param=>$value)
{
    $param = str_replace("%7E", "~", rawurlencode($param));
    $value = str_replace("%7E", "~", rawurlencode($value));
    $canonicalized_query[] = $param."=".$value;
}
$canonicalized_query = implode("&", $canonicalized_query);

// create the string to sign
$string_to_sign = $method."\n".$host."\n".$uri."\n".$canonicalized_query;

// calculate HMAC with SHA256 and base64-encoding
$signature = base64_encode(hash_hmac("sha256", $string_to_sign, $private_key, True));

// encode the signature for the request
$signature = str_replace("%7E", "~", rawurlencode($signature));

// create request
$request = "http://".$host.$uri."?".$canonicalized_query."&Signature=".$signature;

// do request
$response = @file_get_contents($request);

if ($response === False)
{
    return False;
}
else
{
    // parse XML
    $pxml = simplexml_load_string($response);
    if ($pxml === False)
    {
        return False; // no xml
    }
    else
    {
        return $pxml;
    }
}

// public and private keys
$public_key = "xxxxxxxxxxxxxxxxxxxxxxxx";
$private_key = "xxxxxxxxxxxxxxxxxxxxxxxxxxx";

// the request
$pxml = aws_signed_request("com", array("Operation"=>"ItemLookup",
                       "ItemId"=>"B000X9FLKM",
                       "ResponseGroup"=>"Small"),
                       $public_key,
                       $private_key);
Vasil Dakov