08:13:49 PM
3K517D35N
Hard to say - you probably need to compare the headers and raw request data.
But, what are you actually doing here? You're setting up for a POST but where are you actually assigning the POST data? Nowhere do I see an AddPostKey() or assignment to cPostBuffer - so data is only passed on the URL.
It's possible there are cookies set or some other mechanism that Amazon doesn't allow. The best way to see what's going on is using Fiddler to to trace the two requests and compare whats different. You can load each request into the the test mode where you can modify or tweak the headers and data to see which part is actually making the second request fail.
+++ Rick ---
Hi
I was testing some code with Amazon MWS and everything worked all right in my tests but in production I kept getting errors saying the signature I supplied did not agree with what Amazon calculated. I tracked it down to reusing the HTTP object. If I create a new HTTP object for each request everything works fine. If I reuse the HTTP object and just change the query string I get the signature errors. So I would like to know how the reuse of the HTTP object is affecting the signature that Amazon calculates. My code is shown below.
Thanks,
Simon
lo=CreateObject("wwHTTP") lo.nHTTPPostMode=1 lo.nHTTPConnectType=0 lo.nConnectTimeOut=60 lo.cHTTPProxyName="" lo.cHTTPVerb="POST" lo.AddHeader("User-Agent",Alltrim(GetSysVal("AR","Amzn_UserAgent"))) lcStr1="POST"+Chr(10)+; Strtran(Lower(Alltrim(GetSysVal("AR","Amzn_DomainName"))),"https://","",1,1,1)+Chr(10)+; [/]+Chr(10) lcStr2=[AWSAccessKeyId=]+URLEncode(AllTrim(GetSysVal("AR","Amzn_AWSAccessKeyID")))+; [&Action=RequestReport]+; [&EndDate=]+URLEncode(Ttoc(ToTimeZone(Datetime(),lcAppTimZon,"TIMZONE12"),3))+; [&Merchant=]+URLEncode(Alltrim(GetSysVal("AR","Amzn_MerchantID")))+; [&ReportType=_GET_FLAT_FILE_ORDERS_DATA_]+; [&SignatureMethod=]+URLEncode(Alltrim(GetSysVal("AR","Amzn_SigMethod")))+; [&SignatureVersion=]+URLEncode(Alltrim(GetSysVal("AR","Amzn_SigVersion")))+; [&StartDate=]+URLEncode(Ttoc(ToTimeZone(Datetime()-86400,lcAppTimZon,"TIMZONE12"),3))+; [&Timestamp=]+URLEncode(Ttoc(ToTimeZone(Datetime(),lcAppTimZon,"TIMZONE12"),3)+"Z")+; [&Version=]+URLEncode(Alltrim(GetSysVal("AR","Amzn_Version"))) lcSig=Strconv(HMAC(lcStr1+lcStr2,Alltrim(GetSysVal("AR","Amzn_SecretKey")),DC_SHA256),13) lcStr2=lcStr2+[&Signature=]+URLEncode(lcSig) leRtn=lo.HTTPGet(Chrtran(Addbs(Alltrim(GetSysVal("AR","Amzn_DomainName"))),"\","/")+"?"+lcStr2) lcReqID=StrExtract(leRtn,"<ReportRequestId>","</ReportRequestId>",1,1) lo="" Set Step on * * If I uncomment the following 10 lines Amazon confirms that the signature is * correct. If I leave them commented Amazon says the signature is incorrect. * * lo=CreateObject("wwHTTP") * lo.nHTTPPostMode=1 * lo.nHTTPConnectType=0 * lo.nConnectTimeOut=60 * lo.cHTTPProxyName="" * lo.cHTTPVerb="POST" * lo.AddHeader("User-Agent",Alltrim(GetSysVal("AR","Amzn_UserAgent"))) * lcStr1="POST"+Chr(10)+; * Strtran(Lower(Alltrim(GetSysVal("AR","Amzn_DomainName"))),"https://","",1,1,1)+Chr(10)+; * [/]+Chr(10) * * Only retrieve the reports that have not been acknowledged. * lcStr2=[AWSAccessKeyId=]+URLEncode(AllTrim(GetSysVal("AR","Amzn_AWSAccessKeyID")))+; [&Acknowledged=false]+; [&Action=GetReportList]+; [&MaxCount=100]+; [&Merchant=]+URLEncode(Alltrim(GetSysVal("AR","Amzn_MerchantID")))+; [&ReportTypeList.Type.1=_GET_FLAT_FILE_ORDERS_DATA_]+; [&SignatureMethod=]+URLEncode(Alltrim(GetSysVal("AR","Amzn_SigMethod")))+; [&SignatureVersion=]+URLEncode(Alltrim(GetSysVal("AR","Amzn_SigVersion")))+; [&Timestamp=]+URLEncode(Ttoc(ToTimeZone(Datetime(),lcAppTimZon,"TIMZONE12"),3)+"Z")+; [&Version=]+URLEncode(Alltrim(GetSysVal("AR","Amzn_Version"))) lcSig=Strconv(HMAC(lcStr1+lcStr2,Alltrim(GetSysVal("AR","Amzn_SecretKey")),DC_SHA256),13) lcStr2=lcStr2+[&Signature=]+URLEncode(lcSig) leRtn=lo.HTTPGet(Chrtran(Addbs(Alltrim(GetSysVal("AR","Amzn_DomainName"))),"\","/")+"?"+lcStr2) lo=""
West Wind Technologies
Making waves on the Web
from Hood River, Oregon
