I want to get response from website content.geappliances.io using AWS API Gateway but always get error :
{"message":"The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.\n\nThe Canonical String for this request should have been\n'GET\n/search/b2b/results\n\ncontent-type:\nhost:content.geappliances.io\nx-amz-date:20170401T041050Z\n\ncontent-type;host;x-amz-date\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855'\n\nThe String-to-Sign should have been\n'AWS4-HMAC-SHA256\n20170401T041050Z\n20170401/us-east-1/execute-api/aws4_request\na8aec6a82c0f9a2471bd17faa5f2ce5cd810a16f129fca9b04347ceed54fdc61'\n"}
please somebody help me, what's wrong with my code. Here's the code :
function signRequest(){
$method ='GET';
$uri = '/search/b2b/results?N=0&Ntk=SKU&Ntt=GTX33EASKWW';
$access_key = 'my-access-key';
$secretKey = 'my-secret-key';
$region = 'us-east-1';
$kService = 'execute-api';
$service = 'execute-api';
$options = array();
$headers = array();
$host = "content.geappliances.io";
$alg = 'sha256';
$date = new DateTime( 'UTC' );
$dd = $date->format( 'Ymd\THis\Z' );
$amzdate2 = new DateTime( 'UTC' );
$amzdate2 = $amzdate2->format( 'Ymd' );
$amzdate = $dd;
$algorithm = 'AWS4-HMAC-SHA256';
$requestPayload = "UNSIGNED_PAYLOAD";
$hashedPayload = hash($alg, $requestPayload);
$canonical_uri = $uri;
$canonical_querystring = '';
$canonical_headers = "content-type:"."application/json"."\n"."host:".$host."\n"."x-amz-date:".$amzdate."\n";
$signed_headers = 'content-type;host;x-amz-date';
$canonical_request = "".$method."\n".$canonical_uri."\n".$canonical_querystring."\n".$canonical_headers."\n".$signed_headers."\n".$hashedPayload;
$credential_scope = $amzdate2 . '/' . $region . '/' . $service . '/' . 'aws4_request';
$string_to_sign = "".$algorithm."\n".$amzdate ."\n".$credential_scope."\n".hash('sha256', $canonical_request)."";
$kSecret = 'AWS4' . $secretKey;
$kDate = hash_hmac( $alg, $amzdate2, $kSecret, true );
$kRegion = hash_hmac( $alg, $region, $kDate, true );
$kService = hash_hmac( $alg, $service, $kRegion, true );
$kSigning = hash_hmac( $alg, 'aws4_request', $kService, true );
$signature = hash_hmac( $alg, $string_to_sign, $kSigning );
$authorization_header = $algorithm . ' ' . 'Credential=' . $access_key . '/' . $credential_scope . ', ' . 'SignedHeaders=' . $signed_headers . ', ' . 'Signature=' . $signature;
$headers = array(
'content-typeapplication/json',
"cache-control: no-cache",
"host: content.geappliances.io",
'x-amz-date: '.$amzdate.'',
'Authorization: '.$authorization_header.''
);
return $headers;
}
$curl = curl_init();
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt_array($curl, array(
CURLOPT_URL => "https://content.geappliances.io/search/b2b/results?N=0&Ntk=SKU&Ntt=GTX33EASKWW",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => signRequest(),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
in the postman, I generate my access key and secret key then it works nicely.
