【发布时间】:2017-08-26 10:34:27
【问题描述】:
我想使用 AWS API Gateway 从网站 content.geappliances.io 获得响应,但总是出错:
{"message":"我们计算的请求签名与您提供的签名不匹配。请检查您的 AWS 秘密访问密钥和签名方法。有关详细信息,请参阅服务文档。\n\n此请求的规范字符串应具有已\n'GET\n/search/b2b/results\n\ncontent-type:\nhost:content.geappliances.io\nx-amz-date:20170401T041050Z\n\ncontent-type;host;x-amz-date \ ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 '\ n \ n该字符串到注册应该已经\ n'AWS4-HMAC-SHA256 \ n20170401T041050Z \ n20170401 / US-东-1 /执行的API / aws4_request \ na8aec6a82c0f9a2471bd17faa5f2ce5cd810a16f129fca9b04347ceed54fdc61' \ n“个}
请有人帮助我,我的代码有什么问题。这是代码:
function signRequest(){
$method ='GET';
$uri = '/search/b2b/results?N=0&Ntk=SKU&Ntt=GTX33EASKWW';
$access_key = 'my-access-key';
$secretKey = 'my-secret-key';
$region = 'us-east-1';
$kService = 'execute-api';
$service = 'execute-api';
$options = array();
$headers = array();
$host = "content.geappliances.io";
$alg = 'sha256';
$date = new DateTime( 'UTC' );
$dd = $date->format( 'Ymd\THis\Z' );
$amzdate2 = new DateTime( 'UTC' );
$amzdate2 = $amzdate2->format( 'Ymd' );
$amzdate = $dd;
$algorithm = 'AWS4-HMAC-SHA256';
$requestPayload = "UNSIGNED_PAYLOAD";
$hashedPayload = hash($alg, $requestPayload);
$canonical_uri = $uri;
$canonical_querystring = '';
$canonical_headers = "content-type:"."application/json"."\n"."host:".$host."\n"."x-amz-date:".$amzdate."\n";
$signed_headers = 'content-type;host;x-amz-date';
$canonical_request = "".$method."\n".$canonical_uri."\n".$canonical_querystring."\n".$canonical_headers."\n".$signed_headers."\n".$hashedPayload;
$credential_scope = $amzdate2 . '/' . $region . '/' . $service . '/' . 'aws4_request';
$string_to_sign = "".$algorithm."\n".$amzdate ."\n".$credential_scope."\n".hash('sha256', $canonical_request)."";
$kSecret = 'AWS4' . $secretKey;
$kDate = hash_hmac( $alg, $amzdate2, $kSecret, true );
$kRegion = hash_hmac( $alg, $region, $kDate, true );
$kService = hash_hmac( $alg, $service, $kRegion, true );
$kSigning = hash_hmac( $alg, 'aws4_request', $kService, true );
$signature = hash_hmac( $alg, $string_to_sign, $kSigning );
$authorization_header = $algorithm . ' ' . 'Credential=' . $access_key . '/' . $credential_scope . ', ' . 'SignedHeaders=' . $signed_headers . ', ' . 'Signature=' . $signature;
$headers = array(
'content-typeapplication/json',
"cache-control: no-cache",
"host: content.geappliances.io",
'x-amz-date: '.$amzdate.'',
'Authorization: '.$authorization_header.''
);
return $headers;
}
$curl = curl_init();
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt_array($curl, array(
CURLOPT_URL => "https://content.geappliances.io/search/b2b/results?N=0&Ntk=SKU&Ntt=GTX33EASKWW",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => signRequest(),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
在邮递员中,我生成了我的访问密钥和秘密密钥,然后它就可以很好地工作了。
【问题讨论】:
-
你有没有想过这个问题?您能否告诉我们您为解决此问题所做的工作?
-
无论如何要向我发送这个示例,但要使用 POST 而不是 GET?
标签: php api amazon-web-services amazon-s3