search

amzn / selling-partner-api-models

This repository contains OpenAPI models for developers to use when developing software to call Selling Partner APIs.
Apache License 2.0
612 stars 736 forks source link

Selling Partner API is generating Invalid Signature #59

Closed abhi2434 closed 2 years ago

abhi2434 commented 3 years ago

Hi,

I am facing an issue while calling Selling Partner API from my code. Here is what I did to call Selling Partner API

Step 1

https://sellingpartnerapi-na.amazon.com/feeds/2020-09-04/documents REQUEST BODY

{"contentType":"text/plain;charset=utf-8"} Request Headers = {Host: sellingpartnerapi-na.amazon.com x-amz-date: 20210203T120516Z Authorization: AWS4-HMAC-SHA256 Credential=XXXXXXXX/20210203/us-east-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date, Signature=XXXX

The Credential and Signature are created on the partner portal.

Response from Step 1 RESPONSE STEP 1

{"payload": {"encryptionDetails":{"standard":"AES","initializationVector":"TTAVo5bUDNfuk7KPzgm+ow==", "key":"GrpKm3UIvxiM5xUTlzaCC9xJFORMX41chAKUk0G6Cbg="}, "feedDocumentId":"amzn1.tortuga.3.9968967c-048c-4e8b-a6c1-ffd764f005d4.T508PJ0OCPKJ3", "url":"https://tortuga-prod-na.s3-external-1.amazonaws.com/%2FNinetyDays/amzn1.tortuga.3.9968967c-048c-4e8b-a6c1-ffd764f005d4.T508PJ0OCPKJ3?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20210203T114111Z&X-Amz-SignedHeaders=content-type%3Bhost&X-Amz-Expires=300&X-Amz-Credential=AKIA5U6MO6RANYPNEUPL%2F20210203%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=1fd8b69523c06d76664c22c4093be5e8adc187436f7119aa9d4b51302cc8ae84"}}

Step 2 In step 2 I am using the URL coming from the first Step Response but it is not getting me result.

Request URL

https://tortuga-prod-na.s3-external-1.amazonaws.com/%2FNinetyDays/amzn1.tortuga.3.9968967c-048c-4e8b-a6c1-ffd764f005d4.T508PJ0OCPKJ3?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20210203T114111Z&X-Amz-SignedHeaders=content-type%3Bhost&X-Amz-Expires=300&X-Amz-Credential=AKIA5U6MO6RANYPNEUPL%2F20210203%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=1fd8b69523c06d76664c22c4093be5e8adc187436f7119aa9d4b51302cc8ae84

See the Signature and the Credential here are coming different than one we have got from the response of Step 1

Response from Step 2

RESPONSE FROM STEP 2

<?xml version="1.0" encoding="UTF-8"?>

-<Error>

<Code>SignatureDoesNotMatch</Code>

<Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message>

<AWSAccessKeyId>AKIA5U6MO6RANYPNEUPL</AWSAccessKeyId>

<StringToSign>AWS4-HMAC-SHA256 20210203T114111Z 20210203/us-east-1/s3/aws4_request 057d93b83f8254c64b8ffccdfb885b79e5d96c0d2045c27732fc42ae722e335e</StringToSign>

<SignatureProvided>1fd8b69523c06d76664c22c4093be5e8adc187436f7119aa9d4b51302cc8ae84</SignatureProvided>

<StringToSignBytes>41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 0a 32 30 32 31 30 32 30 33 54 31 31 34 31 31 31 5a 0a 32 30 32 31 30 32 30 33 2f 75 73 2d 65 61 73 74 2d 31 2f 73 33 2f 61 77 73 34 5f 72 65 71 75 65 73 74 0a 30 35 37 64 39 33 62 38 33 66 38 32 35 34 63 36 34 62 38 66 66 63 63 64 66 62 38 38 35 62 37 39 65 35 64 39 36 63 30 64 32 30 34 35 63 32 37 37 33 32 66 63 34 32 61 65 37 32 32 65 33 33 35 65</StringToSignBytes>

<CanonicalRequest>PUT //NinetyDays/amzn1.tortuga.3.9968967c-048c-4e8b-a6c1-ffd764f005d4.T508PJ0OCPKJ3 X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIA5U6MO6RANYPNEUPL%2F20210203%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210203T114111Z&X-Amz-Expires=300&X-Amz-SignedHeaders=content-type%3Bhost content-type:text/plain; charset=utf-8 host:tortuga-prod-na.s3-external-1.amazonaws.com content-type;host UNSIGNED-PAYLOAD</CanonicalRequest>

<CanonicalRequestBytes>50 55 54 0a 2f 2f 4e 69 6e 65 74 79 44 61 79 73 2f 61 6d 7a 6e 31 2e 74 6f 72 74 75 67 61 2e 33 2e 39 39 36 38 39 36 37 63 2d 30 34 38 63 2d 34 65 38 62 2d 61 36 63 31 2d 66 66 64 37 36 34 66 30 30 35 64 34 2e 54 35 30 38 50 4a 30 4f 43 50 4b 4a 33 0a 58 2d 41 6d 7a 2d 41 6c 67 6f 72 69 74 68 6d 3d 41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 26 58 2d 41 6d 7a 2d 43 72 65 64 65 6e 74 69 61 6c 3d 41 4b 49 41 35 55 36 4d 4f 36 52 41 4e 59 50 4e 45 55 50 4c 25 32 46 32 30 32 31 30 32 30 33 25 32 46 75 73 2d 65 61 73 74 2d 31 25 32 46 73 33 25 32 46 61 77 73 34 5f 72 65 71 75 65 73 74 26 58 2d 41 6d 7a 2d 44 61 74 65 3d 32 30 32 31 30 32 30 33 54 31 31 34 31 31 31 5a 26 58 2d 41 6d 7a 2d 45 78 70 69 72 65 73 3d 33 30 30 26 58 2d 41 6d 7a 2d 53 69 67 6e 65 64 48 65 61 64 65 72 73 3d 63 6f 6e 74 65 6e 74 2d 74 79 70 65 25 33 42 68 6f 73 74 0a 63 6f 6e 74 65 6e 74 2d 74 79 70 65 3a 74 65 78 74 2f 70 6c 61 69 6e 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 0a 68 6f 73 74 3a 74 6f 72 74 75 67 61 2d 70 72 6f 64 2d 6e 61 2e 73 33 2d 65 78 74 65 72 6e 61 6c 2d 31 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 0a 0a 63 6f 6e 74 65 6e 74 2d 74 79 70 65 3b 68 6f 73 74 0a 55 4e 53 49 47 4e 45 44 2d 50 41 59 4c 4f 41 44</CanonicalRequestBytes>

<RequestId>48A2CCE3EFA66E89</RequestId>

<HostId>hiZxZwoTgGG4PBvGLchnKV94AA57zzGqnHh5BbTCIAt1ubD47O+8uQMClkDDBoJBgiXgVb57TRE=</HostId>

</Error>

Can you help me where I am doing wrong.

I am using the same code mentioned over this post How to Encrypt and upload data using selling-partner-api in Amzon using .net

twanlee commented 3 years ago

I'm facing this problem too. I do exactly every step in the documentation. I'm using Java SDK, so evething like Signature, they already did in SDK. I don't know why they calculated it wrong. I'm reseaching for this issued. If you have any ideas or fix the problems, please tell me!!!!!

twanlee commented 3 years ago

I have figured it out. The content type in this step defferent with content type in step 1. I've changed and it worked for me !!

abhi2434 commented 3 years ago

Okay... Let me check that too.

abhi2434 commented 3 years ago

Hi @twanlee

I have used ContentType as "text/plain; charset=utf-8", but still I am getting the same issue. Can you please let me know what is your content type in Step 2 ?

Or else, can you share me the step by step Request - Response structure for me, so that I can minutely see where I am missing out.

twanlee commented 3 years ago

This is my CONTENT_TYPE = "text/tab-separated-values; charset=UTF-8"; I just flow through the document step by step. Request and Response are exactly like what they said. Do you have any social account so that we can discuss for further step instantly for this integration!

abhi2434 commented 3 years ago

Yes I have. Twitter: @abhi2434 or anywhere you want, to connect you.

abhi2434 commented 3 years ago

The problem is solved as of now.

But now, I am facing an issue with decrypting the data that is coming from server. Can you help me in this regard.

Here are the steps. /feeds/2020-09-04/feeds/50052018663

Feed response: {"payload":{"processingEndTime":"2021-02-05T15:26:27+00:00","processingStatus":"DONE","marketplaceIds":["ATVPDKIKX0DER"],"feedId":"50052018663","feedType":"POST_PRODUCT_DATA","createdTime":"2021-02-05T15:17:30+00:00","processingStartTime":"2021-02-05T15:17:36+00:00","resultFeedDocumentId":"amzn1.tortuga.3.c0299f56-c33a-45e8-b574-f870e156d912.T2RQ421L5311ZQ"}}

Feed Proceesing Report URL: feeds/2020-09-04/documents/amzn1.tortuga.3.c0299f56-c33a-45e8-b574-f870e156d912.T2RQ421L5311ZQ

Response URL: {"payload":{"encryptionDetails":{"standard":"AES","initializationVector":"q+s1ajTr/R0q6OkRJEyetA==", "key":"TTEGX+Cvqy02lgfgnzudoG+tQgTePtT/c5j6WsCFbeA="}, "feedDocumentId":"amzn1.tortuga.3.c0299f56-c33a-45e8-b574-f870e156d912.T2RQ421L5311ZQ", "url":"https://tortuga-prod-na.s3-external-1.amazonaws.com/%2FNinetyDays/amzn1.tortuga.3.c0299f56-c33a-45e8-b574-f870e156d912.T2RQ421L5311ZQ?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20210208T140603Z&X-Amz-SignedHeaders=host&X-Amz-Expires=300&X-Amz-Credential=AKIA5U6MO6RANYPNEUPL%2F20210208%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=1c66443858b4d3b62d1a11c72d6f0916401455ef4228944322e19cca75697c43"}}

Now we are calling "url":"https://tortuga-prod-na.s3-external-1.amazonaws.com/%2FNinetyDays/amzn1.tortuga.3.c0299f56-c33a-45e8-b574-f870e156d912.T2RQ421L5311ZQ?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20210208T140603Z&X-Amz-SignedHeaders=host&X-Amz-Expires=300&X-Amz-Credential=AKIA5U6MO6RANYPNEUPL%2F20210208%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=1c66443858b4d3b62d1a11c72d6f0916401455ef4228944322e19cca75697c43" to get the encrypted data.

Now to decrypt data, I am using this code : 

public string DecryptStringFromBytes_Aes(string cipherText, string Key, string initializationVector, string compressionAlgorithm, ApplicationUtil appUtil)
        {
            byte[] textData = System.Text.Encoding.UTF8.GetBytes(cipherText); 
            byte[] keyData = Convert.FromBase64String(Key); //Encoding.ASCII.GetBytes(Key);
            byte[] IVData = Convert.FromBase64String(initializationVector);
            string plaintext = null;
            // Validate Compression Algorithm
            try
            {
                var isGzip = string.Equals(compressionAlgorithm, "GZIP", StringComparison.OrdinalIgnoreCase);
                var compressionAlgorithmValid = compressionAlgorithm == null || isGzip;

                if (!compressionAlgorithmValid)
                {
                    throw new InvalidOperationException($"Unexpected CompressionAlgorithm encounted. compressionAlgorithm = {compressionAlgorithm}");
                }

                // Check arguments.
                if (textData == null || textData.Length <= 0)
                    throw new ArgumentNullException("textData");
                if (keyData == null || keyData.Length <= 0)
                    throw new ArgumentNullException("keyData");
                if (IVData == null || IVData.Length <= 0)
                    throw new ArgumentNullException("IVData");

                // Declare the string used to hold
                // the decrypted text.

                    // Create an Aes object
                    // with the specified key and IV.
                    using (Aes aesAlg = Aes.Create())
                {
                    aesAlg.Key = keyData;
                    aesAlg.IV = IVData;

                    // Create a decryptor to perform the stream transform.
                    ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV);
                    //byte[] decryptedText = decryptor.TransformFinalBlock(textData, 0, textData.Length);
                    // Create the streams used for decryption.
                    using (MemoryStream msDecrypt = new MemoryStream(textData))
                    {
                        using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
                        {
                            if (isGzip)
                            {
                                using (var decompressedFileStream = new MemoryStream())
                                {

                                    using (GZipStream decompressionStream = new GZipStream(csDecrypt, CompressionMode.Decompress))
                                    {
                                        decompressionStream.CopyTo(decompressedFileStream);
                                        decompressedFileStream.Position = 0;

                                        using (var writer = new StreamReader(decompressedFileStream))
                                        {
                                            plaintext = writer.ReadToEnd();
                                        }
                                    }

                                }
                            }
                            else
                            {
                                using (StreamReader srDecrypt = new StreamReader(csDecrypt, Encoding.UTF8))
                                {
                                    // Read the decrypted bytes from the decrypting stream
                                    // and place them in a string.
                                    plaintext = srDecrypt.ReadToEnd();
                                }
                            }
                        }
                    }
                }
            }
            catch(Exception ex)
            {
                appUtil.Logger.ErrorLog("Exception in DecryptStringFromBytes_Aes", $"Error Details :{ex.ToString()}");
            }

            return plaintext;
        }

Can you help me where I am missing out in this ?

abhi2434 commented 3 years ago

@twanlee

rugved1991 commented 3 years ago

Hi @abhi2434 ,

You can use the Java helper code for downloading and decrypting the feed report. https://github.com/amzn/selling-partner-api-models/tree/main/clients/sellingpartner-api-documents-helper-java

Best, Rugved Solutions Architect, SP API

abhi2434 commented 3 years ago

Hi,

We are able to post the Feed to amazon, but not able to decrypt the response. Can anyone please help me on what are we missing ? Or any C# code which could decode it ... would be helpful. I have tried to look into the java package, but nothing helped as such. The code is optimized as it is, like the one in java, This led me think if I am using correct key to decrypt or not, or even I am using UTF8 encoding for key and iv, is it correct ? The code we are using is listed above.

When posting to this url finally, https://tortuga-prod-na.s3-external-1.amazonaws.com/%2FNinetyDays/amzn1.tortuga.3.c0299f56-c33a-45e8-b574-f870e156d912.T2RQ421L5311ZQ?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20210208T140603Z&X-Amz-SignedHeaders=host&X-Amz-Expires=300&X-Amz-Credential=AKIA5U6MO6RANYPNEUPL%2F20210208%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Signature=1c66443858b4d3b62d1a11c72d6f0916401455ef4228944322e19cca75697c43

It responds like this : ��0�r�\aOhƔ�$��ʽ'\u0002��~<a\u001a�&���\r��\u0018d{>��'}e���V�=�.\u0002�d\u0015\nY���W�!����;\u0012�.���\u0001\v�k\v�N�\u001a|t�\u0003P��L��Q�S\��e\u001c�Lh\u0003��}\b����eФ#N���L'NQ6�'�\u001co�͢�8#�z\u0016g~!�\"�su�Hn�j\u0001\u0018\u001cݏ<\u001eK�w\0�^��Yv\u001e0 [:��\u0006\u001b\u001a{�M�ӿ\u0013��V�^J�]��;����%���e�,?�&-mBa���Q��\�t���+�l�dRd��a�\u001cB�:��\u0017�\u00060�@~�v\u007f�C�K�Ɉ���J�\u000e+y����\u0001p\u001b6&��h+Y�͐\u0019��\v\u0016N�\u0015�;./��dU�\u000e���ғ������>?�\u001b�@�q�\u001e��T�O�O,\u0017Y��\"\b�Ê\u0013�E?�d�=��A>8Ώ|��ϱo���kjg\u001a��\tb���\u0013H��0g\u0016Y0�n��'i La��;\u001c�ߘ���\"ϝg�\u0017�D#������\u007f�c�510\u001c\u0012�#\u0010��RvZlW�t����A/�Q�7���\u0010\u0012^$�\"��NW��\u001b�\u001f\u0011�Qrg�$��jӕģ�\u001bq�|ō<q���&��\u0014S�+�w�S����0qj/t[\u0004!��\u001f05�>�S��ud;�|���l�(XNh�\rK�$�ڴd6l��Ϭ{���W�I��P�2\u0019j����\u001eΩ\u0003�(��\u001d�C#7\0\u0006gN~KOӭ|�\t6�;��|n!�6�h�#��WL̴\a D\u001c�\u0006p�D���\u0003\u0018�\u0019�����\u0010���o�$�3D�\u0002���̫�6k\u0012��\u001a~\u0005��#��푏��E�H�\u0004z�.�S�o��MY������S i\u0004\n��{r����� `\u0018$���u���#��R�6�\u000f���6x0k��\vɹ���\v�b�\u0014j�\u0018�\u001c�f&e���,w��w��\u000fe�l�q\u001bq�����1��$$@�4m��\u0017�o�[ٽ\u001a�rI�Kn.�:�\u0013�[\u001aL�x��\u001d��\s1N��q\u007fL:52�wS_^L����\u001bQ\u0003q�n���؄�y]���^��,��D��\u0010��)�ޡ]�۩�f^�7�}z\n~=�\u0017�M>8t����g\u001b�I:?\t��e��\r\u0002����:{?��4K\u0005�u.��H�\u001e�1\u0011-ws�\u001c99�>�\tfgHC+�y+�\�ұ.kB��K\u0005R\u0019{�x0���p���%�Z��?Ղ\u0013i���\u007f�����z��\u00031�7sn�#\nm��\u0011\u0018٤\u0015}��bd\u001c+Θ�j��\\H\u0014�\u0097�\u0015��ꀒ�F���u$�ŷ�\b� �̶��\u058cҾ���\u0003H\u0006\u001b�'�#��wN�M�\f��U�\n\u0015\"�ڞ\u0013\u0010!�L\u0010LOclsS���\f��y�����j�\u000f.��84��\u001e߭\u0003\"y����\u001aLU\u0010W�7�To��K�\"W���u\u0015��ס�S��C\\�;�:\a\u007f�q\\\u001c�������\r\u0010Ŝ\u0005�\"T�\u0014B���\u007f��\U00095738h���R\u0014�IR\u0013\u001b��p1��>س�yl���i�I�mG\u0006�x����9=�@�Y\u0017T��6��s\u000e����,h[5�� ��\u0001)��\u0012�4\b/%�2k�\u000e=.fj�#��!d���\T�\u0005R�#�eu���q\u0004�\u0018���n���&���fC\n��zӱ�i۪��R��C\fOބ\u001b �\u001aJ\u001av/�N�O@Թ|$��K��Ce��-&�����u�8G>���8\u0015?\u001f�w:\u001b�n�i��\"�KRn���]!B��R�\u0010�5�Х�J�K|���z�$�~����{��b\u0019��xl\u0018:��G\n�ҮȪ�)\u0015m\u0001\b\u0013��f\u0004��\u001b�F[58\u0013 \u0003�\u0005\u00019f\b�}�\��8��\u001d�\u0013x�R7KFKs�qw��ŵP���;���\u001aѶ�̙\u0011;��\u0017��7�f�8]�Vi�\u000fg��+3�p9\u000f�%mh1\u001fXaa�P8}��#��7M�.�ň\a�{}���)�t��a�\u0014q��]\r|�I��\u007f�\b�����/�0J��}\0�{����œ\u001a�A�};\u0003��ٻ*�!o�,��xQz�|�ė��곫lZ)\u0018dkGPc���t\r\u0004\u0006�-ėz�u\b�ο�H���nd0^e[~Jd\u0004۴\rgc2�B�P�|�#\u001c���^�����2>y�\u001f�p?\\�e�)]\u000e��YW��O���\u0006>[c\t,���v�[�G�f\0�~/=n��ɫB\u007f�\u000e�\"�H\u0006���)�֯;\"��q\r�iB�R5�\u001ce.y#�/\b�+���d}ϻ���\u001f\"8��k)NфT&\fp���Ȱe@Ep�C��\u001f\u0015�[�t���s/7jס\u0004H��!�c\u007f\"�,�?�\a\u0002��\t�<0X�뛻�ܧg�p�Yw�m\fJ��߉n�1?\"?\u0004���Iv\n���[��O�\rb���{\u000fܜ��\t�'�\\w�K�,~\u0019�^\bA\v%�M\u0010.��a6��5l�\u0003�\"}K�\u0004��\ayL�\u0006�9x��\u00045��\b�V8\u0006��/d�\u0016\u0010C���֕�w�.l\v�\u0016�<�Ӹ�N\u0014?-~�\u0006@�(��\u0001�̵l!�{���\b�/S���\u0017��6�ՁY%�~���\bu�\u000f�uAa��\u0015J�\u001a�\u0012�H�`

Please help me if anyone found a solution to it...

DawidWawrzyniak commented 3 years ago

Working code for me: `

        byte[] rawData = new System.Net.WebClient().DownloadData(getReportDocumentResult.Payload.Url);
        byte[] key = Convert.FromBase64String(getReportDocumentResult.Payload.EncryptionDetails.Key);
        byte[] iv = Convert.FromBase64String(getReportDocumentResult.Payload.EncryptionDetails.InitializationVector);

        string documentText; // this will contain the decrypted document
        using (var rijndaelManaged = new RijndaelManaged { Key = key, IV = iv, Mode = CipherMode.CBC })
        using (var memoryStream = new MemoryStream(rawData))
        using (var cryptoStream = new CryptoStream(memoryStream, rijndaelManaged.CreateDecryptor(key, iv), CryptoStreamMode.Read))
        {
            using (var fileStream = File.Create($"D:\\report_{reportType}.{extension}"))
            {
                cryptoStream.CopyTo(fileStream);
            }
        }`

I am uncompressing the file after save.

github-actions[bot] commented 2 years ago

This is a very old issue that is probably not getting as much attention as it deserves. We encourage you to check if this is still an issue after the latest release and if you find that this is still a problem, please feel free to open a new issue and make a reference to this one.