0 
<?php
/** 
 *  PHP Version 5
 *
 *  @category    Amazon
 *  @package     Amazon_FPS
 *  @copyright   Copyright 2008-2011 Amazon Technologies, Inc.
 *  @link        http://aws.amazon.com
 *  @license     http://aws.amazon.com/apache2.0  Apache License, Version 2.0
 *  @version     2010-08-28
 */
/******************************************************************************* 
 *    __  _    _  ___ 
 *   (  )( \/\/ )/ __)
 *   /__\ \    / \__ \
 *  (_)(_) \/\/  (___/
 * 
 *  Amazon FPS PHP5 Library
 *  Generated: Wed Sep 23 03:35:04 PDT 2009
 * 
 */

require_once '.config.inc.php';
require_once 'Amazon/IpnReturnUrlValidation/SignatureUtilsForOutbound.php';

class Amazon_FPS_IPNVerificationSampleCode {

    public static function test() {

        $utils = new Amazon_FPS_SignatureUtilsForOutbound();

        //Parameters present in ipn.
        $params["TransactionId"] = "17UD7UO16UVR84O88ZMHJ1QUMDE1GFETHOE";
        $params["TransactionDate"] = "1372686606";
        $params["Status"] = "SUCCESS";
        $params["NotificationType"] = "TransactionStatus";
        $params["CallerReference"] = "callerReference=ReferenceString51d18879000f4";
        $params["Operation"] = "PAY";
        $params["TransactionAmount"] = "USD 5.00";
        $params["BuyerName"] = "prabhnoor";
        $params["PaymentMethod"] = "CC";
        $params["PaymentReason"] = "DescriptionString-1251832057319108";
        $params["RecipientEmail"] = "zoccusmed@gmail.com";
        $params["SignatureMethod"] = "RSA-SHA1";
        $params["SignatureVersion"] = "2";
        $params["CertificateUrl"] = "https://fps.sandbox.amazonaws.com/certs/090911/PKICert.pem";
        $params["Signature"] = "Mmyahn7nFpOhYgg76orkNv88Psw4is3H9fHIC0VUdNA"
                               ."PaT81jGIKgLezCk/z2xSpacot3NzhGUw9"
                               ."f18nXR1dFSDItu2AHYEtcZ9efeEqo73H"
                               ."lQxG0ysnIOjuXTX3K2gqBlAFnVHTmcADTDUKHfceqm2H"
                               ."w8wf+oz+Er8zCY58uFw=";

        $urlEndPoint = "http://www.dekhfashion.com/testamazon/test/ipn/"; //Your url end point receiving the ipn.

        print "Verifying IPN signed using signature v2 ....\n";
        //IPN is sent as a http POST request and hence we specify POST as the http method.
        //Signature verification does not require your secret key
        print "Is signature correct: " . $utils->validateRequest($params, $urlEndPoint, "POST") . "\n";
    }
}

Amazon_FPS_IPNVerificationSampleCode::test(); 
?>

如果这给出了无效的签名错误

保留所有变量的首字母大写,它将开始工作....

4

1 回答 1

4

把正确
的定义('AWS_ACCESS_KEY_ID','XXXXXXXXXXXXXXXXXX'); 定义('AWS_SECRET_ACCESS_KEY','XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX);

它会正确

也改变

介绍:

Amazon FPS 以 GET 和 POST 的形式分别在您的 ReturnURL 和 IPN 终端节点上向您发送出站通知。当您处理这些通知时,我们建议您验证签名以确保通知确实来自我们。您可以使用签名版本 2 通过服务器端调用 VerifySignature API 来验证签名。在此调用中,您将包括收到的 HTTP 参数在内的整个 URL 发送到 FPS VerifySignature API,它将返回一个布尔值,指示签名是否经过验证。使用此 API 验证签名的示例包含在 src/com/amazonaws/ipnreturnurlvalidation 文件夹中。它们的用法如下所述。包内容目录概述 src/Amazon/FPS 所有来源,包括演示进行 FPS 调用的代码示例。src/Amazon/IpnReturnUrlValidation 所有来源,包括演示 ipn 验证和返回 url 通知的代码示例。验证传入签名 验证返回 URL 的步骤

Go to src/Amazon/IpnReturnUrlValidation/Samples directory and open ReturnUrlVerificationSampleCode.php
In function test, replace/add the parameters you received at your return url and also update urlEndPoint to your return url end point.

        $utils = new Amazon_FPS_SignatureUtilsForOutbound();

        //Parameters present in return url.
        $params["expiry"] = "10/2013";
        $params["tokenID"] = "Q5IG5ETFCEBU8KBLTI4JHINQVL6VAJVHICBRR49AKLPIEZH1KB1S8C7VHAJJMLJ3";
        $params["status"] = "SC";
        $params["callerReference"] = "1253247023946cMcrTRrjtLjNrZGNKchWfDtUEIGuJfiOBAAJYPjbytBV";
        $params["signatureMethod"] = "RSA-SHA1";
        $params["signatureVersion"] = "2";
        $params["certificateUrl"] = "https://fps.amazonaws.com/certs/090909/PKICert.pem";
        $params["signature"] = "H4NTAsp3YwAEiyQ86j5B53lksv2hwwEaEFxtdWFpy9xX764AZy/Dm0RLEykUUyPVLgqCOlMopay5"
          . "Qxr/VDwhdYAzgQzA8VCV8x9Mn0caKsJT2HCU6tSLNa6bLwzg/ildCm2lHDho1Xt2yaBHMt+/Cn4q"
          . "I5B+6PDrb8csuAWxW/mbUhk7AzazZMfQciJNjS5k+INlcvOOtQqoA/gVeBLsXK5jNsTh09cNa7pb"
          . "gAvey+0DEjYnIRX+beJV6EMCPZxnXDGo0fA1PENLWXIHtAoIJAfLYEkVbT2lva2tZ0KBBWENnSjf"
          . "26lMZVokypIo4huoGaZMp1IVkImFi3qC6ipCrw==";

        $urlEndPoint = "http://www.mysite.com/call_pay.jsp"; //Your return url end point. 
        print "Verifying return url signed using signature v2 ....\n";
        //return url is sent as a http GET request and hence we specify GET as the http method.
        //Signature verification does not require your secret key
        print "Is signature correct: " . $utils->validateRequest($params, $urlEndPoint, "GET") . "\n";


Run the sample and make sure the signature is valid.

验证 IPN 帖子的步骤

Go to src/Amazon/IpnReturnUrlValidation/Samples directory and open IpnVerificationSampleCode.php
In function test, replace/add the parameters that you got in your IPN post. Also, set the urlEndPoint to your IPN end point.

        $utils = new Amazon_FPS_SignatureUtilsForOutbound();

        //Parameters present in ipn.
        $params["transactionId"] = "14DRG2JGR7LK4J54P544DKKNDLQFFZLE323";
        $params["transactionDate"] = "1251832057";
        $params["status"] = "INITIATED";
        $params["notificationType"] = "TransactionStatus";
        $params["callerReference"] = "callerReference=ReferenceStringJYI1251832057319108";
        $params["operation"] = "PAY";
        $params["transactionAmount"] = "USD 1.00";
        $params["buyerName"] = "BuyerName-SsUo3oDjHx";
        $params["paymentMethod"] = "CC";
        $params["paymentReason"] = "DescriptionString-1251832057319108";
        $params["recipientEmail"] = "recipientemail@amazon.com";
        $params["signatureMethod"] = "RSA-SHA1";
        $params["signatureVersion"] = "2";
        $params["certificateUrl"] = "https://fps.amazonaws.com/certs/090909/PKICert.pem";
        $params["signature"] = "vKXXCbtxvSkRR+Zn8YNW6DNGpbi474h2iM4L+xaOi16kYKdYpuGbvKyXQ36uTZTVHdUGAAcvpXFL"
                . "wDfnTcqcckr2IUElrVJKQeT0WeWR+IqmABwSRGo+YqjzPNISSNXNzg6LFhouhUvmmwY15X3YgXfc"
                . "ERN5IhPwv04YkyCLPCA9P0/QgD8Jum/hc9jj0HYjj3s3MuuQ3yoIhf2x+2CBZRm5lslRqnoF/8OJ"
                . "1ZHmAHt9VvQSZ+QC3fwJgeqzJPAvtuOm930BP6hPYZVhXE5w7ByLt0qLk1ZFE/vzQ4io4vOyie6W"
                . "bhp5+AuNyAs+QrGMYO8VZruZJfkZO4b6QOgV2A==";

        $urlEndPoint = "http://www.mysite.com/ipn.jsp"; //Your url end point receiving the ipn.

        print "Verifying IPN signed using signature v2 ....\n";
        //IPN is sent as a http POST request and hence we specify POST as the http method.
        //Signature verification does not require your secret key
        print "Is signature correct: " . $utils->validateRequest($params, $urlEndPoint, "POST") . "\n";


Run the sample make sure the signature is valid.

对返回 URL 和 IPN 使用服务器端验证的步骤摘要:

1

在您的 IPN 端点上捕获通知

2

将所有参数传递给 SignatureUtilsForOutbound 的 validateRequest 方法

3

捕获 validateRequest 方法返回的布尔值并根据其值处理 IPN 或丢弃

关于图书馆

Based on the 2010-08-28 API version.
Version: 2.1
Release Date: 2012-10-01

在你开始之前

将 amazon-fps-2010-08-28-php5-library.zip 的内容提取到一个文件夹中。将创建文件夹“amazon-fps-2010-08-28-php5-library”。从此时起,该文件夹将被称为。此文件夹应包含以下子目录:

src — This folder contains the code files for the library and sample API calls to Amazon FPS.

先决条件

Amazon FPS Sandbox Account (Click here to sign up).
Amazon FPS Developer Account (Click here to sign up).
You must have PHP version 5.2.6 or later installed
You must have cURL version 7.26 or later installed

配置

Update the keys required to make the API call. This is one time activity and should be same for all APIs
    Goto <ROOT>/src/Amazon/FPS/Samples directory
    Open the .config.inc.php file
    Change the following two lines and save the file
        define('AWS_ACCESS_KEY_ID', '<Your aws access key>');
        define('AWS_SECRET_ACCESS_KEY', '<Your aws secret key>');
Update the FPS/CBUI endpoints (only required for sandbox environment, for prodouction no changes are required)
    Open the CBUIPipeline.php file
    Change the following line if needed and save the file
        protected static $CBUI_URL = "https://authorize.payments-sandbox.amazon.com/cobranded-ui/actions/start";
    Open the Client.php file
    Change the following line if needed and save the file
        private $_config = array ('ServiceURL' ='https://fps.sandbox.amazonaws.com')

付款步骤

付款涉及两个部分。首先,您通过将买家重定向到由 Amazon FPS 托管的联名页面来获得买家的付款授权。当买家返回您的网站时,您会收到一个支付授权(也称为发件人令牌)作为返回 URL 的一部分。其次,您在“支付”API 调用中使用此支付授权或发件人令牌进行支付。获得买家授权的步骤

Setup an app server at your side to receive HTTP redirect from Cobranded UI.
Get the authorization from the buyer
    Go to <ROOT>/src/Amazon/CBUI/Samples directory and open CBUISingleUsePipelineSample.php
    In function test, set the following fields

    $pipeline = new Amazon_FPS_CBUISingleUsePipeline(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY);
    $pipeline->setMandatoryParameters("callerReferenceSingleUse",
                    "http://www.mysite.com/call_back.jsp", "5");

    //optional parameters
    $pipeline->addParameter("currencyCode", "USD");
    $pipeline->addParameter("paymentReason", "HarryPotter 1-5 DVD set");

    //SingleUse url
    print "Sample CBUI url for SingleUse pipeline : " . $pipeline->getUrl() . "\n";


    Run this smaple and copy the URL printed on console and paste it on your browser. You will be redirected to Amazon FPS CBUI
    Go through the pipeline. Make sure you use a different Amazon FPS account, while acting as buyer. At the end of the pipeline, you(buyer) will be redirected back to the return URL provided in the query string above.
    The return URL will include expiry, tokenID, status, callerReference and signature parameters. Please note that tokenID will be used in Pay later.
    Validate that Amazon Payments CBUI actually redirected the customer to the Return URL specified. We use server-side validation using VerifySignature API call. Click here for steps.
Steps to make a payment
    Open PaySample.php in <ROOT>/src/Amazon/FPS/Samples
    Replace the following line

     // @TODO: set request. Action can be passed as Amazon_FPS_Model_PayRequest

    with the code snippet below:

    $request =  new Amazon_FPS_Model_PayRequest();
    $request->setSenderTokenId('A12345666666BCDEFFF');//set the proper senderToken here.
    $amount = new Amazon_FPS_Model_Amount();
    $amount->setCurrencyCode("USD");
    $amount->setValue('1'); //set the transaction amount here;
    $request->setTransactionAmount($amount);
    $request->setCallerReference('CallerReference123456789'); //set the unique caller reference here.


    Set SenderTokenId the same as the one returned by CBUI above
    Run php PaySample.php to make the pay API call. You should see the output similar to the following:

    PayResponse
       PayResult
          TransactionId
              13L1AFBDB54MM68LBL8UDPJTQOZNP1F3PTC
                  TransactionStatus
                      Pending
                         ResponseMetadata
                             RequestId
                                 85b069ef-8b27-43e1-89cf-f1cfcb3a0e72:0
                                 ...


    Experiment with other samples, examine samples sources. When ready, add library project to your solution, and use it.
    If the response status is Pending, you can use GetTransactionStatus API to get latest transaction status
    Amazon Payments will post an IPN for this transaction to your ipn url registered with us. We use server-side validation using VerifySignature API call . Click here for steps.

相关资源 有关 Amazon FPS 文档的更多信息 代码示例 有关技术问题,请联系我们 评论、问题或反馈 如果您对库有任何意见、问题或反馈,请在此处开始讨论(Amazon FPS 论坛)。

于 2013-12-12T09:56:27.707 回答