问题描述

我正在尝试通过Google脚本向亚马逊发出发布请求，以收集信息.

I am trying to make a post request through google scripts to amazon to collect information.

我们正在尝试将订单发送到MWS并自动将其转移到工作表上.

We are trying to get our orders to MWS and transfer them to sheets automatically.

我到了签署请求的最后一步.

I got to the last step which is signing the request.

我不确定的几件事:

1. 他们说我们使用密钥进行散列，我只看到一个客户机密 以及访问密钥ID，该怎么使用?
2. 我是否将URL添加为已签名内容的一部分?他们在MWS Scratch pad上添加如下所示:

1. They say we use the secret key for hashing,I only see a client secret and an access key id, which do I use?
2. Do I add the URL as part of whats getting signed? On the MWS Scratch pad they add this as shown:

POSTmws.amazonservices.com/Orders/2013-09-01

POSTmws.amazonservices.com/Orders/2013-09-01

是否必须在单独的行上，是否需要张贴以及其余内容.有点不清楚.?

Does it have to be on separate lines does it need post and the rest of the stuff. Its a little unclear.?

1. 我在网上阅读了sha256字节代码是经过base64编码的，而不是字符串文字，那是真的吗?
2. 我尝试使用在线工具对亚马逊提供给我的字符串进行哈希处理，并将其与他们提供的哈希值进行比较，并与base64编码匹配.我也尝试解码，没有匹配项

有人可以给我发送一个可行的示例，以便我了解发生了什么以及如何运行吗?

Can someone please send me an example that works, so I can understand what happens and how it works?

谢谢！

以下是我到目前为止的内容:

Below is what I have so far:

function POSTRequest() {

  var url = 'https:mws.amazonservices.com/Orders/2013-09-01?';

  var today = new Date();
  var todayTime = ISODateString(today);

  var yesterday = new Date();
  yesterday.setDate(today.getDate() - 1);
  yesterday.setHours(0,0,0,0);
  var yesterdayTime = ISODateString(yesterday);

  var dayBeforeYesterday = new Date();
  dayBeforeYesterday.setDate(today.getDate() - 2);
  dayBeforeYesterday.setHours(0,0,0,0);
  var dayBeforeYesterdayTime = ISODateString(dayBeforeYesterday);

  var unsignedURL =
  'POST\r\nhttps:mws.amazonservices.com\r\n/Orders/2013-09-01\r\n'+
  'AWSAccessKeyId=xxxxxxxxxxx' +
  '&Action=ListOrders'+
  '&CreatedAfter=' + dayBeforeYesterdayTime +
  '&CreatedBefore' + yesterdayTime +
  '&FulfillmentChannel.Channel.1=AFN' +
  '&MWSAuthToken=xxxxxxxxxxxx'+
  '&MarketplaceId.Id.1=ATVPDKIKX0DER' +
  '&SellerId=xxxxxxxxxxx'+
  '&SignatureMethod=HmacSHA256'+
  '&SignatureVersion=2'+
  '&Timestamp='+ ISODateString(new Date) +
  '&Version=2013-09-0';

  var formData = {
        'AWSAccessKeyId' : 'xxxxxxxxx',
        'Action' : "ListOrders",
        'CreatedAfter' : dayBeforeYesterdayTime,
        'CreatedBefore' : yesterdayTime,
        'FulfillmentChannel.Channel.1' : 'AFN',
        'MWSAuthToken' : 'xxxxxxxxxxxx',
        'MarketplaceId.Id.1' : 'ATVPDKIKX0DER',
        'SellerId' : 'xxxxxxxxxx',
        'SignatureMethod' : 'HmacSHA256',
        'SignatureVersion' : '2',
        'Timestamp' : ISODateString(new Date),
        'Version' : '2013-09-01',
        'Signature' : calculatedSignature(unsignedURL)

      };

   var options = {
     "method" : "post",
     "muteHttpExceptions" : true,
     "payload" : formData
   };


  var result = UrlFetchApp.fetch(url, options);
  writeDataToXML(result);
  Logger.log(result);


  if (result.getResponseCode() == 200) {
  writeDataToXML(result);
  }
}




function calculatedSignature(url) {
var urlToSign = url;
var secret = "xxxxxxxxxxxxxxxxxxx";
var accesskeyid = 'xxxxxxxxxxxxxxx';

  var byteSignature = Utilities.computeHmacSha256Signature(urlToSign, secret);
// convert byte array to hex string
var signature = byteSignature.reduce(function(str,chr){
  chr = (chr < 0 ? chr + 256 : chr).toString(16);
  return str + (chr.length==1?'0':'') + chr;
},'');


  Logger.log("URL to sign: " + urlToSign);
  Logger.log("");
  Logger.log("byte " + byteSignature);
  Logger.log("");
  Logger.log("reg " + signature);

var byte64 =  Utilities.base64Encode(byteSignature)
Logger.log("base64 byte " + Utilities.base64Encode(byteSignature));
  Logger.log("");
Logger.log("base64 reg " + Utilities.base64Encode(signature));

 return byte64;
}

推荐答案

步骤1，创建要签名的字符串

string_to_sign是以下各项的组合:

• 字符串POST后跟NEWLINE字符
• 主机名mws.amazonservices.com，后跟NEWLINE
• API URL，通常只是/，或类似/Orders/2013-09-01之类的，其后是NEWLINE
• URL编码中除Signature以外的所有参数的字母顺序列表，例如a=1&b=2，后没有任何内容

• The string POST followed by a NEWLINE character
• The name of the host, mws.amazonservices.com, followed by a NEWLINE
• The API URL, often just /, or somthing like /Orders/2013-09-01, followed by a NEWLINE
• An alphabetical list of all parameters except Signature in URL encoding, like a=1&b=2, not followed by anything

最小参数似乎如下:

• AWSAccessKeyId是Amazon提供的20个字符的代码
• Action是您的API调用的名称，例如GetReport
• SellerId是您的14个字符的卖方ID
• SignatureMethod是HmacSHA256
• SignatureVersion是2
• Timestamp是类似于20181231T23:59:59Z的日期，该日期比新年UTC早一秒
• Version是类似于2013-09-01
的API版本呼叫可能需要
• 其他参数 ，具体取决于Action
的值

• AWSAccessKeyId is a 20-character code provided by Amazon
• Action is the name of your API call, like GetReport
• SellerId is your 14-character seller ID
• SignatureMethod is HmacSHA256
• SignatureVersion is 2
• Timestamp is a date like 20181231T23:59:59Z for one second before new year UTC
• Version is the API version like 2013-09-01
• additional parameters may be needed for your call, depending on the value of Action

请注意:

• NEWLINE字符只是"\ n"，而不是"\ r \ n"
• 主机名应不包括"https://"或"http://"
• Signature参数对于以后的实际调用是必需的(请参阅步骤3)，但不是string_to_sign的 部分.

• The NEWLINE character is just "\n", not "\r\n"
• The name of the host should not include "https://" or "http://"
• The Signature parameter is necessary for the actual call later (see step 3), but is not part of the string_to_sign.

您的string_to_sign现在应该看起来像这样:

Your string_to_sign should now look somewhat like this:

POST
mws.amazonservices.com
/Orders/2013-09-01
AWSAccessKeyId=12345678901234567890&Action=ListOrders&CreatedAfter .... &Version=2013-09-01

第2步，对该字符串签名

• 使用40个字符Secret Key
计算上述字符串的SHA256哈希
• 使用Base64对此哈希进行编码
• 在伪代码中:signature = Base64encode( SHA256( string_to_sign, secret_key ))

• Calculate a SHA256 hash of above string using the 40-character Secret Key
• Encode this hash using Base64
• In Pseudocode: signature = Base64encode( SHA256( string_to_sign, secret_key ))

第3步，发送呼叫

使用完整的字母顺序的参数列表发送HTTPS POST请求，现在将包括上面的签名作为Signature放在中间的某个位置，因为您需要保持字母顺序升序.

Send a HTTPS POST request, using the full alphabetical list of parameters, now including above signature as Signature somewhere in the middle, because you need to keep ascending alphabetical order.

https://mws.amazonservices.com/Orders/2013-09-01?AWSAccessKeyId....Version=2013-09-01

第4步，处理结果

您应该返回两件事:响应标头和XML文档.确保评估标头中的HTTP状态以及XML文档的所有内容. HTTP返回"200 OK"时，某些错误消息被XML深深地隐藏.

You should be getting two things back: a response header and a XML document. Be sure to evaluate the HTTP status in the header as well as all contents of the XML document. Some error messages are hidden deeply in XML while HTTP returns "200 OK".

第5步，高级资料

如果使用要求发送文档的呼叫(例如SendFeed)，则需要执行以下附加步骤:

If you use calls that require you to send a document, like SendFeed, you need to do the following additional steps:

• 计算文档的MD5哈希值
• 使用Base64对此哈希进行编码
• 在伪代码中:contentmd5= Base64encode( MD5( document ))
• 添加Content-Type: text/xml(或任何适合您文档的内容)作为HTTP标头
• 添加Content-MD5:加base64编码的哈希作为HTTP标头

• Calculate the MD5 hash of your document
• Encode this hash using Base64
• In Pseudocode: contentmd5= Base64encode( MD5( document ))
• Add Content-Type: text/xml (or whatever fits your document) as HTTP header
• Add Content-MD5: plus the base64 encoded hash as HTTP header

这篇关于带有Google脚本的MWS发布请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！