1

我正在从文档中集成 Amazon Pay php SDK ,但收到此错误。 在此处输入图像描述

这是我的php实现代码:

$amazonpay_config = array(
    'public_key_id' => 'XXXXXXXX',
    'private_key'   => 'my_private_key_path',
    'region'        => 'US',
    'sandbox'       => true
);
$payload = array(
    'webCheckoutDetails' => array(
        'checkoutReviewReturnUrl' => 'https://www.example.com/review',
        'checkoutResultReturnUrl' => 'https://www.example.com/result'
    ),
    'storeId' => 'amzn1.application-oa2-client.XXXXXXXXX'
);

$headers = array('x-amz-pay-Idempotency-Key' => uniqid());
$requestResult = [
    'error' => 1,
    'msg' => 'Error. Can not create checkout session.',
    'checkoutSession' => null,
    'payloadSign' => null
];

$client = new Client($amazonpay_config);
$resultCheckOut = $client->createCheckoutSession($payload, $headers);
$resultSignPayload = $client->generateButtonSignature($payload);

if($resultCheckOut['status'] !== 201) {
    return json_encode($requestResult, true);
}
else {
    $requestResult = [
        'error' => 0,
        'msg' => null,
        'checkoutSession' => json_decode($resultCheckOut['response']),
        'payloadSign' => $resultSignPayload
    ];
    return $requestResult;
}

这是生成 Amazon Pay 按钮的 JS 实现代码。

amazon.Pay.renderButton('#amazon-pay-btn', {
    // set checkout environment
    merchantId: 'XXXXXXXX',
    ledgerCurrency: 'USD',
    sandbox: true,
    checkoutLanguage: 'en_US',
    productType: 'PayOnly',
    placement: 'Cart',
    buttonColor: 'Gold',
    createCheckoutSessionConfig: {
        payloadJSON: jsonResult['checkoutSession'], 
        signature: jsonResult['payloadSign'], 
        publicKeyId: 'XXXXXXXXXXX'
    }
});
4

2 回答 2

3

代码有几个问题,主要是您没有正确地将有效负载和签名传递给前端。对于有效负载,您使用的是 jsonResult['checkoutSession'],而它应该是 jsonResult['payloadSign']。虽然这不包含有效负载,但从 PHP 代码来看,它显然是您放入其中的签名。完整的代码示例应该更像这样(未经测试)。

后端:

$headers = array('x-amz-pay-Idempotency-Key' => uniqid());
$requestResult = [
    'error' => 1,
    'msg' => 'Error. Can not create checkout session.',
    'signature' => null,
    'payload' => null
];

$client = new Client($amazonpay_config);
$resultCheckOut = $client->createCheckoutSession($payload, $headers);
$resultSignature = $client->generateButtonSignature($payload);

if($resultCheckOut['status'] !== 201) {
    return json_encode($requestResult, true);
}
else {
    $requestResult = [
        'error' => 0,
        'msg' => null,
        'signature' => $resultSignature,
        'payload' => $payload
    ];
    return json_encode($requestResult);
}

前端:

amazon.Pay.renderButton('#amazon-pay-btn', {
    // set checkout environment
    merchantId: 'XXXXXXXX',
    ledgerCurrency: 'USD',
    sandbox: true,
    checkoutLanguage: 'en_US',
    productType: 'PayOnly',
    placement: 'Cart',
    buttonColor: 'Gold',
    createCheckoutSessionConfig: {
        payloadJSON: JSON.stringify(jsonResult['payload']), 
        signature: jsonResult['signature'], 
        publicKeyId: 'XXXXXXXXXXX'
    }
});

我不确定您如何将 $requestResult 传递回前端,可能需要一些额外的 JSON 编码/解码才能获得正确的字符串。为防止出现签名不匹配错误,请确保后端用于签名生成的负载字符串与分配给“payloadJSON”参数的负载字符串完全匹配(特别注意空格、转义字符、换行符等) .)。

于 2020-07-17T07:07:21.313 回答
1

关于这个问题的两条评论:

  1. 我已将有效负载定义为字符串(这是当前 AmazonPay 文档状态的方式 - Link)。
$payload = '{
    "webCheckoutDetails": {
        "checkoutReviewReturnUrl": "https://www.example.com/review",
        "checkoutResultReturnUrl": "https://www.example.com/result"
    },
    "storeId": "amzn1.application-oa2-client.XXXXXXXXX"
}';

而不是数组

$payload = array(
    'webCheckoutDetails' => array(
        'checkoutReviewReturnUrl' => 'https://www.example.com/review',
        'checkoutResultReturnUrl' => 'https://www.example.com/result'
    ),
    'storeId' => 'amzn1.application-oa2-client.XXXXXXXXX'
);

签名已创建,但在呈现按钮并单击它时,出现以下错误。

Error Message: Signature Dk4qznkoiTVqjcY8Yn1l0iLbsoIj2pEAHWVtgYrphLtFXR9BKhJJPD53It4qYOswS1T/STYMHRy5jtCHGqvLntDjuy0MrhkpoHTpYEtwdOqGHA2qk+QnSGV5LoYldQ/UkAxSG7m8s2iOr11q2sWxUjrk2M3fgzAIxDeZRjJYeAr97eGANYva3jtGDfM6cJdieInBM4dEWWxKqGIh6HxOrY5K/ga26494vAwZAGvXRhZG48FOVp/XCr0mbu6V5pkEOzRJSc+hN5WKAs/c49UsfKPx75Ce7QbaBCZZT1UiczfyYx/mBuZuysUlGmnXPhLOLTPw4+SIizH/pOQyClOQyw== does not match signedString AMZN-PAY-RSASSA-PSS dfff7a87b93cfa78685a233f2dd59e18ad0451b2e3a90af11e500fcc0ceee924 for merchant XXXXXXXX

我过了一段时间才意识到这是错误的原因。实际上,在写这篇文章时,字符串中的新行是原因。如果字符串仅在一行中,则可以使用。

  1. 该按钮只需要有效负载和签名的有效负载。$client->createCheckoutSession不需要。此外,checkoutSessionIdof the与调用resultCheckOutthe 时获得的不同。checkoutReviewReturnUrl
于 2021-05-11T07:51:56.880 回答