c# - 错误 Amazon Selling Partner API [请求中包含的安全令牌无效]

Question

连接到 Amazon SP API 时出现问题。我已遵循亚马逊上的指南https://github.com/amzn/ sell-partner-api-docs/blob/main/guides/en-US/developer-guide/SellingPartnerApiDeveloperGuide.md

我使用的 C# SDK 是https://github.com/amzn/ sell -partner-api-models

我已将以下内联策略添加到我的 IAM 用户

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": "sts:AssumeRole",
            "Resource": "arn:aws:iam::0000000:role/SellingPartnerAPI_Role"
        }
    ]
}

下面是我的c#源代码

var accessKey = "xxx";
var secretKey = "xxx";
var credentials = new BasicAWSCredentials(accessKey, secretKey);
var client = new AmazonSecurityTokenServiceClient(credentials);
var assumeRoleRequest = new AssumeRoleRequest()
{
    // AWS IAM Role ARN
    DurationSeconds = 3600,
    RoleArn = "arn:aws:iam::0000000000:role/SellingPartnerAPI_Role",
    RoleSessionName = DateTime.Now.Ticks.ToString()
};
AssumeRoleResponse assumeRoleResponse = await client.AssumeRoleAsync(assumeRoleRequest);

RestClient restClient = new RestClient("https://sellingpartnerapi-fe.amazon.com");
IRestRequest restRequest = new RestRequest("/orders/v0/orders", Method.GET);
restRequest.AddQueryParameter("CreatedAfter", "2020-12-01T00:00:00Z");
restRequest.AddQueryParameter("marketplaceIds", "A21BRDQVFO45XV");
var lwaAuthCreds = new LWAAuthorizationCredentials
{
    ClientId = "amzn1.application-oa2-client.xxxxxxxxxx",
    ClientSecret = "ClientSecretxxxxx",
    RefreshToken = "RefreshTokenxxxxxx,
    Endpoint = new Uri("https://api.amazon.com/auth/o2/token")
};
restRequest = new LWAAuthorizationSigner(lwaAuthCreds).Sign(restRequest);
var awsAuthCreds = new AWSAuthenticationCredentials
{
    AccessKeyId = assumeRoleResponse.Credentials.AccessKeyId,
    SecretKey = assumeRoleResponse.Credentials.SecretAccessKey,
    Region = "us-west-2"
};

restRequest.AddHeader("X-Amz-Security-Token", assumeRoleResponse.Credentials.SessionToken);
restRequest = new AWSSigV4Signer(awsAuthCreds)
    .Sign(restRequest, restClient.BaseUrl.Host);
var resp = restClient.Execute(restRequest);
Console.WriteLine(resp.StatusCode);
Console.WriteLine(resp.Content);

回应是

{
  "errors": [
    {
      "message": "The security token included in the request is invalid",
      "code": "InvalidInput"
    }
  ]
}

c# - 错误 Amazon Selling Partner API [请求中包含的安全令牌无效]

0 回答 0

Related

Reference