DragonflyCMS Projects > BizStore > [fixed] Product Advertising API > Community Forums > Phoenix Netology
Forum Index > eCommerce > BizStore

[fixed] Product Advertising API Reply to topic

Did you get this Email? Is it something I need to do or is it in the program?

Amazon wrote
Dear Product Advertising API Developer,
We wanted to remind you that all Product Advertising API developers will be required to authenticate all calls to the Product Advertising API by August 15, 2009. We noticed that requests with your AWS Access Key ID are not being signed and, while you have more than 60 days until the date on which authentication is required, we are, as a courtesy, sending you this email to remind you of the new authentication requirement. Please remember that calls to the Product Advertising API that are not signed will not be processed after August 15, 2009.

We’d also like to take this opportunity to point out the resources available to help you make this change to your applications:

The Developer Guide has details on what signed requests are and how to construct signed requests.
Sample Code for Signed Requests is available in Java, C# and Perl.
Our technical staff and other customers are available to answer questions on our Community Forums.
More resources can be found at the Product Advertising API home page.

Initiated by Bugger (Original Entry) - Comments Here Please.

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Linux infong 2.4 /5.0.91-log (client: 5.0.92)/5.2.17/

I also have received the email - to my knowledge, there is no need to make a change.
AWS Request Authentication wrote
There are two types of requests to AWS:
  • Anonymous requests. Requests to free services can be made anonymously. Though a valid Access Key ID must be included in all requests to AWS, no attempt is made to confirm that the request originated from the party responsible for the AWS account associated with the Access Key ID. In other words, no authentication is necessary for the request to succeed.

    Services to which anonymous requests can be made include: Amazon E-Commerce Service (ECS) 4.0 and Amazon Historical Pricing.

  • Authenticated requests. Services that want to track service usage, either for the purpose of calculating usage statistics or to bill for usage, must be able to verify that the identity of the sender of a request is the person or party responsible for the AWS account. The identity of the sender is verified by confirming that the Secret Access Key used in the request signature is the Secret Access Key associated with the Access Key ID included in the request.

    Services to which authenticated (signed) requests must be made include: Alexa Top Sites, Alexa Web Information Service (AWIS), Alexa Web Search Platform, Amazon Mechanical Turk, and Amazon Simple Queue Service (SQS).
To use a service that requires authenticated requests, a signature for each request must be calculated and included as the value of the Signature parameter in requests to those services.
Investigating further - their conflicting info doesn't help much.

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):

Okay, no problem - this site now meets the new requirements and operates with the Secret Key now required for "signed requests". If Amazon are doing this to eliminate abuse of their system, then it's a positive move. Given that it was only previously required for paid services, a suspicious person would see it as a pre-cursor to Amazon charging for use of its API in the future, a negative move.

I'll just let it run a while to see if there are any unexpected glitches - we have plenty of time before August 15th, so no rush.

I've also added capability for Canada and France, plus updated the descriptor and language values.

To ensure a clean break from past ID values I have started afresh by generating a new Access Key ID, which also provides the corresponding Secret Key - I recommend others do the same.

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):

Provision added for operating multi-locales from the same BizStore installation.
e.g. this site now provides access to US, Canada, UK, Germany, France and Japan simply by clicking on the flag icons, and you can provide your own associates ID for each one.

Signed requests now fully debugged and operational for all requests including cart functions.

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):

Are you releasing an update?
My BizStore is no longer returning any results.

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Linux infong 2.4 /5.0.91-log (client: 5.0.92)/5.2.17/

I am terribly sorry about the delay - I fixed it ages ago and just left it running to establish any bugs.

Well, there were no bugs and I completely forgot about the deadline.


DonationsPro for vBulletin, SMF, MyBB, DragonflyCMS

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):

Thank you that did the trick.

Now if I can just find out why it dont work on 1and1 with PHP 5

Server specs (Server OS / Apache / MySQL / PHP / DragonflyCMS):
Linux infong 2.4 /5.0.91-log (client: 5.0.92)/5.2.17/

All times are Australia/Adelaide

Jump to: