Walmart.io身份验证问题-无法对请求中的身份验证进行身份验证 [英] Walmart.io authentication issue - Could not authenticate in-request, auth signature

问题描述

我正在尝试与Walmart.io API链接以从其资源中获取一些数据.但是我被困在第一阶段.

I am trying to link up with Walmart.io API to get some data from their resources. But I am stuck up in the first phase.

根据Walmart.io快速入门文档( https://walmart.io/docs/affiliate/quick-start-guide )，我应该按照以下步骤操作:

According to Walmart.io Quick Start Doc (https://walmart.io/docs/affiliate/quick-start-guide) I am supposed to follow following steps:

1. 使用Walmart.io创建帐户
2. 为Web应用程序创建应用程序
3. 生成证书(根据他们的指南，应该有一些功能可以自动生成证书，但我没有找到它)
4. 将公钥上传到应用程序
5. 我们将获得消费者ID和密钥版本，并可以使用该版本和私钥进行请求.我们还需要添加包括签名和时间戳在内的其他标头.

所以，我做了所有事情，但仍然无法正常工作.

So, I did everything, but it still isn't working.

我正在按照他们的建议使用Open SSL生成私钥和公钥: https://walmart.io/key-tutorial 我尝试避免使用-des3，这样它也不会要求我输入密码，但这也不起作用.

I am using Open SSL to generate private and public key as suggested by them: https://walmart.io/key-tutorial I tried avoiding -des3 so that it doesn't ask me for passphrase too, but it didn't work either.

这是我尝试过的脚本

curl --location --request GET 'https://developer.api.walmart.com/api-proxy/service/affil/product/v2/taxonomy' \
--header 'WM_SEC.KEY_VERSION: 2' \
--header 'WM_CONSUMER.ID: <Consumer_ID>' \
--header 'WM_CONSUMER.INTIMESTAMP: 1594389945813' \
--header 'WM_SEC.AUTH_SIGNATURE: W5PEHIew3LsnATk0zxJddeo416YEpMIjvk1b7lW9VMIZFx55erc/5df/FK9UtS5i48q057oASo0AX3SDd2hx+QSeyiX3FtLAgAgiZnGqQ6nJndySWgL5ih/GaUTXIC6dd048GFEZlC6axXdGoTWNzX9P0n/2DwLF9EtvMjdvjB1kum0z2xKz/lQGlvnjVkGK9sZdSUa5rfgxKSPi7ix+LRIJWYwt6mTKUlGz2vP1YjGcZ7gVwAs9o8iFC//0rHUWFwaEGrT0aZJtS7fvSFtKj5NRfemX4fwRO4cgBRxPWy9MRooQwXPmKxRP75PxHKTerv8X6HvRo0GdGut+2Krqxg==' \

我得到的答复是

{
    "details": {
        "Description": "Could not authenticate in-request, auth signature :  Signature verification failed: affil-product, version: 2.0.0, env: prod",
        "wm_svc.version": "2.0.0",
        "wm_svc.name": "affil-product",
        "wm_svc.env": "prod"
    }
}

希望有人给我一些有关这个问题的见识.

Hope someone gives me some insight into this problem.

预先感谢

推荐答案

原来是生成签名的问题(这解释了为什么在更改脚本后它可以工作.

Turns out it was issue with generated Signature (That explains why it worked after I changed the script.

这是运行良好的脚本:

<?php

use GuzzleHttp\Psr7;
use GuzzleHttp\Exception\RequestException;

class Walmart{

    private $host;

    private $consumer_id;

    private $private_key_file;

    private $headers;

    private $sec_key_version;

    private $client;

    private $options;

    public function __construct($config){
        $this->host             = $config['host'];
        $this->consumer_id      = $config['consumer_id'];
        $this->private_key_file = $config['private_key_file'];
        $this->sec_key_version  = $config['sec_key_version'];

        $this->options = array();
        
        $this->client           = new GuzzleHttp\Client();
    }
    
    public function lookup_product($publisher_id='', $ids='', $upc='', $format='json'){
        $this->load_options();

        $url_params = array(
            'format' => $format,
        );

        if($publisher_id){
            $url_params['publisher_id'] = $publisher_id;
        }

        if($ids){
            $url_params['ids'] = $ids;
        }

        if($upc){
            $url_params['upc'] = $upc;
        }

        $query = http_build_query($url_params);

        $url = $this->host . '/product/v2/items?'.$query;
        try {
            $res = $this->client->request('GET', $url, $this->options);
            $body = $res->getBody();
            if($res->getStatusCode() == 200){
                return $this->response(false, json_decode($body, true));
            }else{
                return $this->response(array(
                    'title' => 'Unable to get products',
                    'stack' => $body,
                ));
            }
        } catch (RequestException $e) {
            $err = Psr7\str($e->getRequest());

            if ($e->hasResponse()) {
                $err .= Psr7\str($e->getResponse());
            }

            return $this->response(array(
                'title' => 'Unable to get products',
                'stack' => $err,
            ));
        }
    }

    private function load_options(){
        $timestamp = time()*1000;
        $this->options = array(
            'debug' => (defined("DEBUG") && DEBUG) ? true: false,
            'headers' => array(
                'WM_SEC.KEY_VERSION'        => $this->sec_key_version,
                'WM_CONSUMER.ID'            => $this->consumer_id,
                'WM_CONSUMER.INTIMESTAMP'   => $timestamp,
                'WM_SEC.AUTH_SIGNATURE'     => $this->get_signature($timestamp),
            )
        );
    }

    private function get_signature($timestamp){

        $message = $this->consumer_id."\n".$timestamp."\n".$this->sec_key_version."\n";

        $pkeyid = openssl_pkey_get_private("file://".$this->private_key_file);

        openssl_sign($message, $signature, $pkeyid, OPENSSL_ALGO_SHA256);

        $signature = base64_encode($signature);

        openssl_free_key($pkeyid);

        return $signature;
    }

    private function response($err, $data=false){
        return array(
            'error' => $err,
            'data' => $data,
        );
    }
}

注意:它将 guzzlehttp/guzzle 库用于HTTP请求

Note: It uses guzzlehttp/guzzle library for HTTP Request

这篇关于Walmart.io身份验证问题-无法对请求中的身份验证进行身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！