This article is for those who want to fix the The Request Must Contain The Parameter Signature error that they may be experiencing as of August 15, 2009. It addresses those who use AWS REST requests within PHP files.
I originally wrote about this a couple of weeks ago in an article entitled The Request Must Contain The Parameter Signature: Amazon Web Services Error and Quick Solution which you may want to read first. This article presented a one-time fix for those who quickly needed to convert an “old-type” of AWS Rest Request into a new one. However, it did not present a solution which you can use as a permanent fixture to REST requests with PHP scripts.
That is what I will do in this article–present a permanent solution to the The Request Must Contain The Parameter Signature error that you may be receiving from your AWS Requests that reside in a PHP file.
First, let me say two things: (1) This solution worked for me in all of my PHP files that contained AWS REST requests. And (2), I provide this with no support or guarantees. I would like to…but I just don’t have the time.
So let’s get started.
To determine if this solution will work for you, let me tell you how I connected (the old way) to AWS within php files with these two steps:
Step 1: I did my initial REST request like this:
$request=”http://ecs.amazonaws.com/onca/xml?Service=AWSECommerceService&AWSAccessKeyId=XXX&AssociateTag=XXX&Operation=ItemSearch&SearchIndex=XXX&BrowseNode=XXX&sort=XXX&ResponseGroup=XXX”;
Step 2: To load the data:
$response = simplexml_load_file($request); // get the XML data
Most of you probably do your REST requests within scripts similarly. If so, this solution should work for you!
The Request Must Contain The Parameter Signature: Permanent Fix for Your AWS REST Requests Within PHP Files
I am going to present this solution in two easy steps. After you implement this, you should no longer receive the The Request Must Contain The Parameter Signature error from your php files.
Step 1: Change “$request” above to “$url” (without quotes)
Step 2: Add the following lines before your $response line:
$secret = ‘yoursecretkey’;
$host = parse_url($url,PHP_URL_HOST);
$timestamp = gmstrftime(“%Y-%m-%dT%H:%M:%S.000Z”);
$url=$url. “&Timestamp=” . $timestamp;
$paramstart = strpos($url,”?”);
$workurl = substr($url,$paramstart+1);
$workurl = str_replace(“,”,”%2C”,$workurl);
$workurl = str_replace(“:”,”%3A”,$workurl);
$params = explode(“&”,$workurl);
sort($params);
$signstr = “GET\n” . $host . “\n/onca/xml\n” . implode(“&”,$params);
$signstr = base64_encode(hash_hmac(‘sha256’, $signstr, $secret, true));
$signstr = urlencode($signstr);
$signedurl = $url . “&Signature=” . $signstr;
$request = $signedurl;
That’s it. There is no more. The lines above satisfy the new requirements set forth in the AWS Request Authentication parameters. With these two changes, the AWS Parameter Signature Error should be gone.
I hope this helps you correct your Request Must Contain The Parameter Signature error.
Thanks,
Richard
PS: Special thanks to all those on the AWS boards for their writings and recommendations to fix this problem.
15 Comments on “The Request Must Contain The Parameter Signature: Quick Fix for Your PHP Rest Requests”
The above solution requires PHP 5. For those still using PHP 4, please see:
http://www.a2sdeveloper.com/page-rest-authentication-for-php4.html
— Roger
Roger,
Thanks for the insight about PHP4…
–Richard
Dude… thanks for this!
I stumbled on an old site of mine that was returning this error. After pulling up the API docs from Amazon, I was pretty sure what needed to be done, but was lacking inspiration. Your code pretty much slapped right in to place on my problem pages. The only thing I had to change was to change the 3 cases “n” to “\n” (newline). It might just be a formatting issue with the way it shows up in your post.
There’s some errors:
Row:
Step 1: Change “$response” above to “$url” (without quotes)
Must Be:
Step 1: Change “$request” above to “$url” (without quotes)
and
$signstr = “GETn” . $host . “n/onca/xmln” . implode(”&”,$params);
Must be:
$signstr = “GET\n” . $host . “\n/onca/xml\n” . implode(”&”,$params);
And now is perfect 🙂
thanx!
PHPTutor/Vincenzo,
Thanks for the notes above (the \n was WordPress working its GUI demons).
I have fixed the \n issue and the above copy should work fine now. If anybody else made mods to the above lines, please comment so that others can quickly fix their problems.
Thanks,
Richard
Thx for the help! 🙂 Good article 🙂
I have been fighting this for a month. Your PHP 4 solution did not work for me. It doesn’t give a PHP error, but Amazon returns “The request signature we calculated does not match the signature you provided.”
While Amazon has been good to me, I think it’s time to switch to Ebay’s new API – I can’t imagine it’s this complicated!
Technobabe,
I know your frustration.
I was extremely surprised that Amazon did this and do not know how they expect people to so quickly adapt.
As mentioned by the first commenter, this solution only works for PHP 5. The commenter above gives a reference for those with PHP 4 but I have not tried it.
Good luck,
Richard
At last, the solution, thanks a lot Richard!
Amazing,,, your solution worked like charm.
I just say i hate amazon for bad bad customer service for their affiliate and then they expect us to make sale !!! lol
YES–a five-minute fix! Thanks for doing what Amazon should have done, instead of that long, complicated, “figure-it-out-yourselves” solution they gave.
Thanks you save my time, I was searching into the amazon docs, and its not easy to find the solution.
Cheers
Can i get example in java..
I have converted php code into java but its giving error as signature does not match.
Any solution?
Thanks so much…this is fantastic!
Excellent post. I have been fighting with getting the authentication working for 3 days now and took me 10 minutes with what you say here. Great work.