This article is for those who want to fix the The Request Must Contain The Parameter Signature error that they may be experiencing as of August 15, 2009. It addresses those who use AWS REST requests within PHP files.
I originally wrote about this a couple of weeks ago in an article entitled The Request Must Contain The Parameter Signature: Amazon Web Services Error and Quick Solution which you may want to read first. This article presented a one-time fix for those who quickly needed to convert an “old-type” of AWS Rest Request into a new one. However, it did not present a solution which you can use as a permanent fixture to REST requests with PHP scripts.
That is what I will do in this article–present a permanent solution to the The Request Must Contain The Parameter Signature error that you may be receiving from your AWS Requests that reside in a PHP file.
First, let me say two things: (1) This solution worked for me in all of my PHP files that contained AWS REST requests. And (2), I provide this with no support or guarantees. I would like to…but I just don’t have the time.
So let’s get started.
To determine if this solution will work for you, let me tell you how I connected (the old way) to AWS within php files with these two steps:
Step 1: I did my initial REST request like this:
$request=”http://ecs.amazonaws.com/onca/xml?Service=AWSECommerceService&AWSAccessKeyId=XXX&AssociateTag=XXX&Operation=ItemSearch&SearchIndex=XXX&BrowseNode=XXX&sort=XXX&ResponseGroup=XXX”;
Step 2: To load the data:
$response = simplexml_load_file($request); // get the XML data
Most of you probably do your REST requests within scripts similarly. If so, this solution should work for you!
The Request Must Contain The Parameter Signature: Permanent Fix for Your AWS REST Requests Within PHP Files
I am going to present this solution in two easy steps. After you implement this, you should no longer receive the The Request Must Contain The Parameter Signature error from your php files.
Step 1: Change “$request” above to “$url” (without quotes)
Step 2: Add the following lines before your $response line:
$secret = ‘yoursecretkey’;
$host = parse_url($url,PHP_URL_HOST);
$timestamp = gmstrftime(”%Y-%m-%dT%H:%M:%S.000Z”);
$url=$url. “&Timestamp=” . $timestamp;
$paramstart = strpos($url,”?”);
$workurl = substr($url,$paramstart+1);
$workurl = str_replace(”,”,”%2C”,$workurl);
$workurl = str_replace(”:”,”%3A”,$workurl);
$params = explode(”&”,$workurl);
sort($params);
$signstr = “GET\n” . $host . “\n/onca/xml\n” . implode(”&”,$params);
$signstr = base64_encode(hash_hmac(’sha256′, $signstr, $secret, true));
$signstr = urlencode($signstr);
$signedurl = $url . “&Signature=” . $signstr;
$request = $signedurl;
That’s it. There is no more. The lines above satisfy the new requirements set forth in the AWS Request Authentication parameters. With these two changes, the AWS Parameter Signature Error should be gone.
I hope this helps you correct your Request Must Contain The Parameter Signature error.
Thanks,
Richard
PS: Special thanks to all those on the AWS boards for their writings and recommendations to fix this problem.
Want a fresh, unique SEO perspective once a week? Subscribe to Richard Cummings now.
September 3rd, 2009 at 11:35 am
The above solution requires PHP 5. For those still using PHP 4, please see:
http://www.a2sdeveloper.com/page-rest-authentication-for-php4.html
– Roger
September 9th, 2009 at 6:44 am
Roger,
Thanks for the insight about PHP4…
–Richard
September 9th, 2009 at 7:13 am
Dude… thanks for this!
I stumbled on an old site of mine that was returning this error. After pulling up the API docs from Amazon, I was pretty sure what needed to be done, but was lacking inspiration. Your code pretty much slapped right in to place on my problem pages. The only thing I had to change was to change the 3 cases “n” to “\n” (newline). It might just be a formatting issue with the way it shows up in your post.
September 9th, 2009 at 7:56 am
There’s some errors:
Row:
Step 1: Change “$response” above to “$url” (without quotes)
Must Be:
Step 1: Change “$request” above to “$url” (without quotes)
and
$signstr = “GETn” . $host . “n/onca/xmln” . implode(”&”,$params);
Must be:
$signstr = “GET\n” . $host . “\n/onca/xml\n” . implode(”&”,$params);
And now is perfect
thanx!
September 10th, 2009 at 8:03 am
PHPTutor/Vincenzo,
Thanks for the notes above (the \n was Wordpress working its GUI demons).
I have fixed the \n issue and the above copy should work fine now. If anybody else made mods to the above lines, please comment so that others can quickly fix their problems.
Thanks,
Richard
September 22nd, 2009 at 8:57 am
Thx for the help!
Good article 
September 29th, 2009 at 9:22 pm
I have been fighting this for a month. Your PHP 4 solution did not work for me. It doesn’t give a PHP error, but Amazon returns “The request signature we calculated does not match the signature you provided.”
While Amazon has been good to me, I think it’s time to switch to Ebay’s new API - I can’t imagine it’s this complicated!
September 30th, 2009 at 11:33 am
Technobabe,
I know your frustration.
I was extremely surprised that Amazon did this and do not know how they expect people to so quickly adapt.
As mentioned by the first commenter, this solution only works for PHP 5. The commenter above gives a reference for those with PHP 4 but I have not tried it.
Good luck,
Richard
November 28th, 2009 at 4:42 am
At last, the solution, thanks a lot Richard!