Closed net-caster closed 1 year ago
Hi @net-caster. Try moving content-digest
before @signature-params
in the signature base. @signature-params
needs to be last. Also, when you perform a POST, add the following headers to your HTTP request:
Accept: application/json
Content-Type: application/json
And BTW, you will no longer need to include the x-ebay-enforce-signature
header.
@uherberg Awesome! It works.
Here's the new signature base I'm using:
params = (
f'"content-digest": sha-256=:{digest}:\n'
f'"x-ebay-signature-key": {ebay_public_key_jwe}\n'
f'"@method": POST\n'
f'"@path": {url.path}\n'
f'"@authority": {url.netloc}\n'
f'"@signature-params": {signature_params}'
).encode()
and the headers:
headers = {
"Authorization": "TOKEN " + access_token,
"Signature-Input": f'sig1={signature_input}',
"Signature": f"sig1=:{signature}:",
"Accept": "application/json",
"Content-Type": "application/json",
"x-ebay-signature-key": ebay_public_key_jwe,
"content-digest": f"sha-256=:{content_digest}:"
}
Note: Because I'm calling the /post-order/v2/return/{return_id}/issue_refund
API endpoint I had to replace Bearer
with TOKEN
inside the Authorization
header.
Speaking of authorization, right now I'm generating a token within the sell.fulfillment
scope and the post-order
API doesn't specify one. It seems to be working but I was wondering if it matters/is a good idea to do it like that.
Thanks
@net-caster Great that it works now!
I am not sure about the scope; I will ask my colleague to respond here.
Hello @net-caster, Post Order API accepts both Auth'n'Auth and OAuth tokens.
We recommend generating the OAuth token with sell.fulfillment
scope, whereas for Auth'n'Auth tokens it is not required as they do not use OAuth scopes.
For more information, please refer to the documentation here.
Oh, I guess I've been doing it right, then.
I'll keep using the OAuth token with the sell.fulfillment
scope going forward.
Thank you, @LokeshRishi and thanks again, @uherberg
@net-caster Can you please post a working code which refunds ebay cases using PostOrderAPI. I have been trying more then a month but all in vain. If you have a PHP version would be best, or Python will be a base for me to transform. Thanks
Hi,
I know Python is technically not supported but I thought I'd ask anyway
I've been able to make the GET requests work (e.g. by fetching https://apiz.ebay.com/sell/finances/v1/transaction?limit=20&offset=0) but can't seem to POST to the issueRefund endpoint for some reason.
Here's the script I found (and slightly modified) that I'm using:
Note: this is the POST version of the script. The GET version doesn't have the content-digest header/signature property as you can guess
After running the code above I get this error:
Any help would be appreciated
Thanks