Open kingkong404 opened 4 years ago
I'm still in the process of getting a successful call through myself, and trying to get some clarification from the sp-api people as to how exactly they intend on it to work. Right now, i'm still getting a Forbidden error when trying to get through, and it's not entirely clear to me if it's because I've misconfigured my AWS setup, or if I'm doing something wrong in code, or if the provided examples are incorrect.
I really don't know -- I'd like to get something working this week, so I can start seeing how it all works. My initial idea here is that you should be able to supply a couple of pieces (secret key, access key, and either a refresh_token or the oauth token), and turn that into an object with a long lifetime, that can keep itself working ... i think to get to that, though, i might need to have some additional layers, and it may have some different properties that are necessary to fill in, depending on how your account is configured.....
I'm having a hard time getting auth to work after following steps 1 to 6 here
I've tried to use https://github.com/amz-tools/amazon-sp-api with no luck.
Can't figure out if its amazons docs that are the issue or something I'm doing.
Sounds like a similar issue. I wonder if the docs are missing a key step in terms of configuring AWS
The configuration part of the documentation sets it up so that you need to make a call to STS::AssumeRole to get some additional keys, which are then passed to SP-API in some fashion or another. I'm looking for clarification on if that's necessary or intentional, as the back half of the documentation (how to use the API) makes no mention of it at all.
Thanks for pointing out that link to amz-tools, it looks like they've already solved that part of the problem (with the added bonus of not including the entire AWS SDK just to make a single call to a service), and at least that should tell me if my AWS settings are correct.. although I describe this as a "simple" api, that tool is more like my 'mws-simple', whereas i think this is going to be a little more complex, if i can get all of these pieces that i have to work together correctly :-)
What I also don't see there is the individual user authentication part (though i haven't really read it, just skimmed it a bit), which is pretty important to me to get working.
Well, I have managed to configure my account correctly so that amz-tools/amazon-sp-api works . . . so i can confirm that if you follow the setup directions exactly, and plug in the right credentials to the right places, that lib does in fact work, at least to call getMarketplaceParticipations.
So.. I do have that going for me.. which is nice. :-D
This means that I have an account that is actually succeeding, so I should be able to get mine to successfully authorize .. although i'm still looking for some clarification on how it's intended to work vs how it's documented to work vs how it does actually work.
and, i know which keys go where.. So, it's looking like, if this is how it's supposed to work, to be able to self-maintain a long-lived API object, we are going to need to have:
LWA Client Id, LWA Client Secret, AWS User Access Key, AWS Secret Access Key, the IAM Role ARN, and one of either the oauth code given when the user authorizes the application, or the refresh_token provided by LWA.
So, I believe that my current structure will work -- fromOauthCode() and fromRefreshToken() should be able to initialize everything, and return a new SP object, and once that is complete, it will have a refresh token available, that you can query and save somewhere.
Once authorization is complete, it should just be a matter of figuring out a good way to mate TypeScript to the API calls.
My gut feel is that the simple way might be the best way -- produce a wrapper that accepts the inputs for each operation, calls the operation, and returns the results typed as they should be. And this is where we get to find out if the api-types.d.ts actually works like it should. :-D That's actually the very first piece I put together of this, and it'll be the last major piece of the puzzle that I get to find out if it works, so that'll be exciting.
So.. I do have that going for me.. which is nice. :-D
Haha yes that is nice. I'm thinking my issue might be my amazon account as I created it purely for SP API access. It's brand new with no products, but I have paid for pro and set up everything I can see so I'm a little lost. My next step is going to be to set up oAuth and see if I can get a friends account to work who's actually a seller.
Sounds like a plan! Would be great to have some TS goodness and if you manage to have a basic working version this week that would be amazing! Happy to help test.
Here's the code that I got working with amz-tools. I grabbed the refresh_token from my dev work with this, and filled in the ./credentials file according to the documentation in the amz-tools README.
import SellingPartnerAPI from 'amazon-sp-api';
const sp = new SellingPartnerAPI({
region: 'na',
refresh_token: 'Atzr|.....XV8g4',
options: {
credentials_path: './credentials',
}
});
const res = await sp.callAPI({
operation: 'getMarketplaceParticipations'
});
console.warn('* res=', res);
I do have my local copy of this repo calling into STS now, but I haven't quite got that call working yet. I may end up borrowing a bit of amz-tools to get that part working, rather than trying to jam it through node-fetch which seems to be doing something weird.
Hey @ericblade Yeah that sounds like a good option for the time being - borrowing a bit of amz-tools to get that part working
Nice work!
might take me a little longer to get the auth going than i anticipated, i suddenly got a temporary contract to handle some other things.. so.. when i find time. :-D
Well, it's pretty messy, but I have one function call returning results now.
Soon I'll try to get the test code out of the main file (lol), and have a good long think about the structure of it, now that i can see the entire process working, I won't quite be flying seat-of-the-pants with no gauges. :)
Theoretically, it might even vaguely function as a library right as it is now.
I'm going to have to do a ton of cross-referencing where all of this information is exactly, but, if you have:
1) Login With Amazon Client ID 2) Login With Amazon Client Secret 3) AWS User Access Key 4) AWS User Secret Key 5) AWS Role ARN 6) -either- a oauth key from LWA -or- a refresh_token from LWA
then it presently exposes SpApi.swaggerClient, and you could call any API with
const api = new SpApi({ ...params... });
// const res = await api.swaggerClient.apis.(categoryname).(operationname)() ... ie
const res = await api.swaggerClient.apis.listCatalogItems({ ...listCatalogItemsParams });
console.log(res);
The categorynames and operationnames are available in the models in the https://github.com/amzn/selling-partner-api-models/tree/main/models repo
To build it, you need to run
npm run build:apitypes
npm run build:swagger
tsc
.. something like that.
i'm hoping that i can find some sort of shortcut to building typescript assertions for everything. :|
Boom! Great work! I'll have a play around with it this afternoon / tomorrow and see if I can get it working on my end as well!
it's pretty messy, and probably not anywhere near as thorough as the amz-tools code, which seems to have more explicit parameter handling than swagger-client does presently.. also amz-tools has some basic throttle handling...
but one neat thing about this setup, is that if amazon makes any changes to the APIs, updating them (right now) is as simple as adding any new API definition files to swagger-combine.json, then running build:apitypes and build:swagger to pick them up. ofc that doesn't add typescript support to them, but if this API is still undergoing changes, it does make it pretty easy to pick them up.
Like, last night while I was messing around, I realized I'd forgotten to add the sellers category in my initial setup. Just added the github URL for the raw file, rebuilt, and it was there right away.
big cleanups in it today, with working test suite framework and code coverage reporting, some possibility it might actually be usable at this point, although it's very very rough still. it should do minimal verification of api function call parameters, handle automatic exchange of refresh tokens for access keys when needed, and handle converting oauth codes from LWA into access keys/refresh tokens.
I'm pretty sure you could actually write something functional with this right now, but you're not going to get any benefit from typescript for API calls or anything nice like that just yet.
Amazing work @ericblade ! I managed to get it up and running although still having a few auth issues and I'm thinking they're on my end at this point. Will look into it a bit more tomorrow.
I might be able to help with the configuration problem, I think I've got my head wrapped around how it works.
Did some more poking and prodding, fixed some things that were absolutely broken. I still haven't tried it imported into an external library, but i'm pretty confident in it being minimally functional now.
Nice! Are you able to put it up on NPM to make keeping in sync a little easier going forward?
well, not really ready for that yet, it wouldn't surprise me if i start to really change things up once i start getting into actually implementing the wrappers for the api calls, and actually using it..
Hey mate, how's everything going, manage to get any further?
I haven't at the moment, just got a short term contract to write some code for paying customers, that doesn't at all involve amazon/mws/sp-api so I'm probably away from my github repos for a couple of weeks, sorry. :-D
@ericblade Haha understandable. Hope your contract goes well!
just leaving this link here so i can close my browser tab for it, useful code that is probably worth referring to to see how others solve some issues https://github.com/amz-tools/amazon-sp-api/blob/main/lib/SellingPartner.js
Hey @ericblade managed to sort out all the auth issues, seems it was amazon at fault and everything is now resolved.
Looking forward to using this once you get some more time!
Hey Eric,
How are things going? Any idea when this would be functional in terms of logging in / authentication?
I can then send the API calls manually for the time being.