search

amzn / selling-partner-api-models

This repository contains OpenAPI models for developers to use when developing software to call Selling Partner APIs.
Apache License 2.0
580 stars 730 forks source link

> Hi #136

Closed tenitre closed 3 years ago

tenitre commented 3 years ago

Hi

Not sure you have went through this process to create your application: https://github.com/amzn/selling-partner-api-docs/blob/main/guides/developer-guide/SellingPartnerApiDeveloperGuide.md

After your are done with above, then you can follow these steps for getting your orders:

Step 1: Make sure you self auth your app in seller central. and click Generate Token to get your refresh token.

Step 2: Make sure you download the credentials of the user (AWS key and secret) you created in above documentation

Step 3: Go ahead and download this: https://github.com/amzn/selling-partner-api-models/tree/main/clients/sellingpartner-api-aa-csharp

IMPORTANT NOTE: These are R&D examples/codes and code, and there is no guarantee that it will work for you or anybody else.. I am still in learning and wanted to share my experience

Step 4: Add new console app and then add Amazon.SellingPartnerAPIAA to console app

Step 5: Setup your request

var resource = $"/orders/v0/orders"; IRestRequest restRequest = new RestRequest(resource, Method.GET);

      restRequest.AddParameter("MarketplaceIds", MARKETPLACE_ID, ParameterType.QueryString);
      restRequest.AddParameter("CreatedAfter", DateTime.UtcNow.AddDays(-5).ToString("yyyy-MM-dd"), ParameterType.QueryString);

Step 6: The most important step, ppl (like me) spent days to figure out how to that... Create two functions to sign your app with your access token and your AWS keys

private static IRestRequest SignWithAccessToken(IRestRequest restRequest, string clientId, string clientSecret, string refreshToken) { var lwaAuthorizationCredentials = new LWAAuthorizationCredentials { ClientId = clientId, ClientSecret = clientSecret, Endpoint = new Uri("https://api.amazon.com/auth/o2/token"), RefreshToken = refreshToken, };

      return new LWAAuthorizationSigner(lwaAuthorizationCredentials).Sign(restRequest);
  }

and this is for your AWS keys

Note1: roleARN This is the role IRN you created with your app (refer the first document) Note2: The Amazon documents are missing (surprised, surprised) steps. This AssumeRole call is very important otherwise you will keep getting Forbidden

private static IRestRequest SignWithSTSKeysAndSecurityTokenn(IRestRequest restRequest, string host, string roleARN, string accessKey, string secretKey) { AssumeRoleResponse response1 = null; using (var STSClient = new AmazonSecurityTokenServiceClient(accessKey, secretKey, RegionEndpoint.USEast1)) { var req = new AssumeRoleRequest() { RoleArn = roleARN, DurationSeconds = 950, //put anything you want here RoleSessionName = Guid.NewGuid().ToString() };

          response1 = STSClient.AssumeRoleAsync(req, new CancellationToken()).Result;
      }

      //auth step 3
      var awsAuthenticationCredentials = new AWSAuthenticationCredentials
      {
          AccessKeyId = response1.Credentials.AccessKeyId,
          SecretKey = response1.Credentials.SecretAccessKey,
          Region = "us-east-1"
      };

      restRequest.AddHeader("x-amz-security-token", response1.Credentials.SessionToken);

      return new AWSSigV4Signer(awsAuthenticationCredentials)
                      .Sign(restRequest, host);
  }

Now sign your request:

create some class like that and fill it wit your info

public class SellerAPICredentials { public string ClientId { get; set; } public string ClientSecret { get; set; } public string RefreshToken { get; set; } public string AWSKey { get; set; } public string AWSSecret { get; set; } public string RoleARN { get; set; } }

Then call these functions to sign your request

restRequest = SignWithAccessToken(restRequest, credentials.ClientId, credentials.ClientSecret, credentials.RefreshToken);

restRequest = SignWithSTSKeysAndSecurityTokenn(restRequest, Client.BaseUrl.Host, credentials.RoleARN, credentials.AWSKey, credentials.AWSSecret, overrideHost);

Step 5: Finally use your request to call

var client = new RestClient("https://sellingpartnerapi-na.amazon.com"); var response = client.Execute(restRequest);

Good luck!

Why are all these links giving 404 Not Found ?

Originally posted by @nrogers805 in https://github.com/amzn/selling-partner-api-models/issues/31#issuecomment-822047638

It is b/ you can only post those urls, get will return 44

nafberger commented 3 years ago

hi @tenitre not sure if you are the original author of the code snippet, we are looking for similar code to be able to use the authorization API to migrate the existing MWS credentials to seller-api credentials. for that call no refresh token is available-needed. we are willing to pay for help. please reply

tenitre commented 3 years ago

hi @tenitre not sure if you are the original author of the code snippet, we are looking for similar code to be able to use the authorization API to migrate the existing MWS credentials to seller-api credentials. for that call no refresh token is available-needed. we are willing to pay for help. please reply

hi @nafberger I m the OP of the code, here is the thing: (1)if you use MWS API for your store, it is easy, just create brand new SP API and do not publish, then use your refresh token to connect your app.. (2) but if you do have other clients that use your MWS application to get their data etc. you need to create brand new SP API app then submit it to App Store, then your clients will login to their account and auth your application...

check this document out: https://developer.amazon.com/docs/app-submission-api/auth.html

nafberger commented 3 years ago

hi @tenitre, we have a app in production with many users, the app was already converted to a hybrid app that can make calls both as MWS and seller-API, so the only issue is making a successful getAuthorizationCode() call to convert the creds of our existing clients to seller-API creds. can you help. my email is naftaly@inventoryahead.com