使用 delphi 请求 Amazon API:得到 HTTP/1.1 403 Forbidden [英] Request to Amazon API with delphi : Got HTTP/1.1 403 Forbidden

问题描述

我不知道我的代码是对还是错.当我尝试运行程序时出现 403 错误..

I do not know my code is right or wrong. when i try to run a program error occurs 403..

unit Unit1;
interface
uses
  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs,ssbase64, StdCtrls,secutils,OmniXMLUtils,OmniXML, xmldom,
  XMLIntf, msxmldom, XMLDoc, IdBaseComponent, IdComponent, IdTCPConnection,
  IdTCPClient, IdHTTP,IdURI;

type
  TForm1 = class(TForm)
    Button1: TButton;
    Memo1: TMemo;
    XMLDocument1: TXMLDocument;
    IdHTTP1: TIdHTTP;
    Memo2: TMemo;
    Memo3: TMemo;
    procedure Button1Click(Sender: TObject);
  private
    { Private declarations }
  public
    { Public declarations }
  end;

var
  Form1: TForm1;
implementation
{$R *.dfm}
function MyEncodeUrl(source:string):string;
 var i:integer;
 begin
   result := '';
   for i := 1 to length(source) do
       if not (source[i] in ['A'..'Z','a'..'z','0','1'..'9','-','_','~','.']) then result := result + '%'+inttohex(ord(source[i]),2) else result := result + source[i];
 end;

procedure TForm1.Button1Click(Sender: TObject);
var
  uhost,uri,public_key, private_key,signature,timestamp,string_to_sign : string;
  request : String;
begin
uhost  := 'ecs.amazonaws.com';
uri   := 'onca/xml';
public_key    := '1ETPTJHQ37P671HNXXX';
private_key     := 'j4JtMHQwL6wR39fy2CJgNfHibLjK9GsC5Z6XXXX';
timestamp     := MyEncodeUrl(XMLDateTimeToStr(now));
string_to_sign := 'AWSAccessKeyId=1ETPTJHQ37P671HN9282';
string_to_sign := string_to_sign+ '&AssociateTag=moc-20&ItemPage=1&Keywords=kitchen%20aid&Operation=ItemSearch&ResponseGroup=Large&SearchIndex=Kitchen&';
string_to_sign := string_to_sign+'service=AWSECommerceService&Timestamp='+timestamp;
string_to_sign := string_to_sign+'&Version=2009-03-31';

Memo1.Clear;
Memo1.Lines.Append('GET');
Memo1.Lines.Append('ecs.amazonaws.com');
Memo1.Lines.Append('/onca/xml');
Memo1.Lines.Append(string_to_sign);

signature := StrToMime64(HMACString(haSHA256, private_key, 32, Memo1.Text));
request := 'http://ecs.amazonaws.com/onca/xml?AWSAccessKeyId=1ETPTJHQ37P671HN9282';
request := request+ '&AssociateTag=moc-20&ItemPage=1&Keywords=kitchen%20aid&Operation=ItemSearch&ResponseGroup=Large&SearchIndex=Kitchen&';
request := request+'service=AWSECommerceService&Timestamp='+timestamp;
request := request+'&Version=2009-03-31';
request := request+'&Signature='+signature;

Memo1.Text := IdHTTP1.Get(request);
end;
end.

任何机构都可以追踪我的错误吗??

can any body trace my error??

FYI ::
 Delphi 7 with build in Indy;
 use OmniXML to generate timestamp
 use OpenStrSecII to generate signature

推荐答案

Amazon 实际上发回了一个 XML 文档，该文档准确地描述了您收到 403 错误的原因.查看消息的最简单方法是使用 Fiddler 并设置您的 Indy HTTP 以使用 127.0.0.1 作为代理.这样，您的所有流量都会通过 Fiddler，您将看到您发送的内容和亚马逊返回的内容.

Amazon actually sends back a XML document that precisely describes why you got the 403 error. The easiest way to see the message would be to use Fiddler and set up your Indy HTTP to use 127.0.0.1 as a proxy. That way all your traffic goes through Fiddler and you'll see both what you sent and what Amazon returned.

当我实现我的 REST API 以使用 Amazon S3 服务时，我在找出需要签名的规范标头"时遇到了一些问题.令人高兴的是，亚马逊 API 将他们正在签署的文本发回给您以测试您的签名，因此您可以逐字节比较并确定您是否做错了.如果没有完全按照他们准备这些标头的方式准备这些规范标头"，显然会导致 403.例如，亚马逊使用的行分隔符是 LINEFEED (#10).由于您将标题放在 TMemo 中，因此您将获得 Windows 样式的 CRLF 分隔符.仅此一项就足以让您的代码失败.

When I implemented my REST API to work with the Amazon S3 service I had some problems figuring out the "Canonical Headers" that need to be signed. Happily the Amazon API sends you back the text they're signing to test your signature, so you can compare that byte-by-byte and figure out if you're doing it wrong. Failure to prepare those "canonical headers" exactly as they're preparing those headers will obviously result in an 403. For example the line separator Amazon is using is LINEFEED (#10). Since you're putting your headers in a TMemo, you're going to get the Windows-style CRLF separator. That alone is enough for your code to fail.

我遇到的另一件事是在我的 Indy 请求中发送额外的标头.我正在关注在线 API 示例，查看我应该发送的内容以及亚马逊应该回答的内容.Fiddler 是实际测试并查看我发送的内容的唯一方法，而不是我认为我发送的内容.例如，我错误地使用 TIdHttp.Request.RawHeaders 来编写我的自定义标头，但是在准备请求时这些标头会被刷新.我应该将我的标头写入 TIdHttp.Request.CustomHeaders - 但如果没有 Fiddler 的帮助，我不知道我实际上并没有发送我的标头.我的代码看起来很好.

An other thing I had problems with was sending the extra headers with my Indy requests. I was following the on-line API samples, looking at what I'm supposed to send and what Amazon is supposed to answer. Fiddler was the only way to actually test and see what I'm sending, as opposed to what I thought I was sending. For example I mistakenly used TIdHttp.Request.RawHeaders to write my custom headers, but those headers get flushed while the Request is prepared. I was supposed to write my headers to TIdHttp.Request.CustomHeaders - but without Fiddler's help I wouldn't know I'm not actually sending my headers. My code looked just fine.

这篇关于使用 delphi 请求 Amazon API:得到 HTTP/1.1 403 Forbidden的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！