3

I've been trying to integrate Amazon pay as a payment method for customers on my website but am running into issues with some of what's detailed in the documentation. I'm hoping to better understand the request headers that are to be associated with a call to the amazon pay api.

I'm making a request to 'https://pay-api.amazon.com/v2/checkoutSessions/checkoutSessionId' and receiving a CORS policy error.

Access to fetch at 'https://pay-api.amazon.com/v2/checkoutSessions/d9b4418d-0c6f-4085-8c37-08bef6da6807' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Here is the fetch request where I am trying to make the request

fetch(`https://pay-api.amazon.com/v2/checkoutSessions/${this.$route.query.amazonCheckoutSessionId}`, {
    method: 'GET',
    headers: {
      'Content-Type': 'application/json',
      'authorization': 'Px2e5oHhQZ88vVhc0DO%2FsShHj8MDDg%3DEXAMPLESIGNATURE',
      'x-amz-pay-date': `${new Date()}`
    }
  })

this.$route.query.amazonCheckoutSessionId references the returned url extension after the user creates a checkout session using the amazon pay button.

The documentation outlines a request should be made as follows

curl "https://pay-api.amazon.com/:version/checkoutSessions/:checkoutSessionId"
-X GET
-H "authorization:Px2e5oHhQZ88vVhc0DO%2FsShHj8MDDg%3DEXAMPLESIGNATURE"
-H "x-amz-pay-date:20201012T235046Z"

Can someone please explain where I'm supposed to get the authorization string and its format? Also, is there a way to easily format a date string into the format displayed in the documentation? Or does the date string format not matter?

I have searched quite extensively through the stack overflow posts associated with Amazon pay (of which there are few) as well as searching other Amazon and AWS documentation for elaboration on how to format the auth string. Unfortunately, I can't seem to find an answer. I have also tried passing my button signature as my authorization string, but that didn't seem to help.

Thank you for any help you can give.

4

2 回答 2

2

您的问题有两个部分:

  1. 该 API 并非旨在像您的示例中那样侦听浏览器 JS (AJAX) 请求。CORS 限制是为了防止这种情况发生。而这部分过程将在服务器端完成
  2. 要使用 API,我强烈建议使用其中一个 SDK ( https://pay.amazon.co.uk/help/201212390?ld=APUKLPADirect )。您会在文档 ( https://developer.amazon.com/docs/amazon-pay-checkout/add-the-amazon-pay-button.html ) 中注意到,他们始终拥有所有四个提供的 SDK 的代码示例. 因此,遵循这些说明要容易得多。在此处输入图像描述
于 2021-10-28T08:46:31.690 回答
1

Amazon Pay API 不支持直接客户端请求,因此您需要在服务器端发出这些请求。这就是您看到 CORS 错误的原因。

您可以在此处找到签署每个 API 请求所需的签名生成的详细说明:https ://developer.amazon.com/docs/amazon-pay-api-v2/signing-requests.html

您应该能够利用 Amazon Pay Node.js SDK,这将节省大量编码 - https://developer.amazon.com/docs/amazon-pay-checkout/get-set-up-for-integration .html#nodejstab

我还建议使用开发人员暂存器来检查您的工作并获取所需代码的提示,因为它会为您发出请求并生成代码片段! https://pay-api.amazon.com/tools/scratchpad/index.html

于 2021-10-28T14:12:51.047 回答