2

我在指南的这一部分(http://amazonpaycheckoutintegrationguide.s3.amazonaws.com/amazon-pay-checkout/set-payment-info.html)中设置签名时遇到问题。这是我的代码:

<?
header('Content-Type: application/json');

define("STORE_ID", "amzn1.application-oa2-client.fb120c0b541e4007aaf987a73b365a3e");
define("VENDOR_ID", "A6SFQPANHYSL0");
define("PUBLIC_KEY_ID", "AGBUUNBAKQW5OMTKHP5WZH55");
define("PRIVATE_KEY_ID", "AmazonPay_AGBUUNBAKQW5OMTKHP5WZH55.pem");

$method = 'POST';

// API Merchant Scan
$url = 'https://pay-api.amazon.eu/sandbox/v2/checkoutSessions/'.$_GET['amazonCheckoutSessionId'];

$payload = array(
    'webCheckoutDetails' => array(
        'checkoutResultReturnUrl'=> 'https://a.com/merchant-confirm-page'
    ),
    'paymentDetails' => array(
        'paymentIntent'=> 'AuthorizeWithCapture',
        'canHandlePendingAuthorization'=>false,
        'softDescriptor'=> 'Descriptor',
        'chargeAmount'=> array(
            'amount'=> '1',
            'currencyCode'=> 'EUR'
            ),
        ),
    'merchantMetadata'=> array(
        'merchantReferenceId'=> 'Merchant reference ID',
        'merchantStoreName'=> 'Merchant store name',
        'noteToBuyer'=> 'Note to buyer',
        'customInformation'=> 'Custom information'
    )
); 

// Convert to json string
$payload = json_encode($payload);

$requestParameters = array();

include 'amazon-pay-api-sdk-php-master/vendor/autoload.php';

$amazonpay_config = array(
    'public_key_id' => PUBLIC_KEY_ID,
    'private_key'   => PRIVATE_KEY_ID,
    'region'        => 'EU',
    'sandbox'       => true
);

$client = new Amazon\Pay\API\Client($amazonpay_config);

// Create an array that will contain the parameters for the charge API call
$pre_signed_headers = array();
$pre_signed_headers['Accept'] = 'application/json';
$pre_signed_headers['Content-Type'] = 'application/json';
$pre_signed_headers['X-Amz-Pay-Region'] = 'eu';

$timestamp_data = date("Ymd");
$timestamp_orario = date("His");

$timestamp = $timestamp_data."T".$timestamp_orario."Z";

$signedInput = $client->createSignature($method, $url, $requestParameters, $pre_signed_headers, $payload, $timestamp);


$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, 'https://pay-api.amazon.eu/sandbox/v2/checkoutSessions/'.$_GET['amazonCheckoutSessionId']);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'PATCH');
curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);

$headers = array();
$headers[] = 'Authorization: AMZN-PAY-RSASSA-PSS PublicKeyId=AGBUUNBAKQW5OMTKHP5WZH55, SignedHeaders=accept;content-type;x-amz-pay-date;x-amz-pay-host;x-amz-pay-region, Signature= '.$signedInput;
$headers[] = 'X-Amz-Pay-Date: '.$timestamp;
$headers[] = 'Content-Type: application/json';
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);

$result = curl_exec($ch);
if (curl_errno($ch)) {
    echo 'Error:' . curl_error($ch);
}
curl_close($ch);

$json = json_decode($result);
print_r($json);


?>

$client->createSignature是:

public function createSignature($http_request_method, $request_uri, $request_parameters, $pre_signed_headers, $request_payload, $timeStamp)
    {
        $rsa = $this->setupRSA();

        $pre_signed_headers['X-Amz-Pay-Date'] = $timeStamp;
        $pre_signed_headers['X-Amz-Pay-Host'] = $this->getHost($request_uri);

        $hashedPayload = $this->hexAndHash($request_payload);
        $canonicalURI = $this->getCanonicalURI($request_uri);
        $canonicalQueryString = $this->createCanonicalQuery($request_parameters);
        $canonicalHeader = $this->getHeaderString($pre_signed_headers);
        $signedHeaders = $this->getCanonicalHeadersNames($pre_signed_headers);
        
        $canonicalRequest = (
            $http_request_method . "\n" .
            $canonicalURI . "\n" .
            $canonicalQueryString . "\n" .
            $canonicalHeader . "\n" .
            $signedHeaders . "\n" .
            $hashedPayload
        );

        $hashedCanonicalRequest = self::AMAZON_SIGNATURE_ALGORITHM . "\n" . $this->hexAndHash($canonicalRequest);

        $signature = $rsa->sign($hashedCanonicalRequest);
        if ($signature === false) {
            throw new \Exception('Unable to sign request, is your RSA private key valid?');
        }

        return base64_encode($signature);
    }

我从要加载的页面收到的问题是:

[reasonCode] => InvalidRequestSignature
[message] => Unable to verify signature, signing String ...

你知道我怎样才能得到一个有效的签名吗?我可以使用我之前获得 2 个步骤的那个(创建亚马逊支付按钮的那个),但我认为它不一样。

感谢您的时间。

4

0 回答 0