Could anyone explain me what information should I put from this URL:
http://webservices.amazon.com/onca/xml?
Service=AWSECommerceService&
AWSAccessKeyId=[AWS Access Key ID]&
Operation=ItemSearch&
ItemId=B000Q678OO&
ResponseGroup=Images&
SearchIndex=Blended&
Version=2011-08-01
&Timestamp=[YYYY-MM-DDThh:mm:ssZ]
&Signature=[Request Signature]
AWSAccessKeyId: Access Key ID
Timestamp: UTC time display as YYYY-MM-DDThh:mm:ssZ -> so how can i display like this to add to the url
Signature: is it the Secret Access Key ?
No, the signature is a string generated from the request parameters and the Secret Access Key.
The following article explains how to generate the signature:
http://docs.amazonwebservices.com/AWSECommerceService/latest/DG/rest-signature.html
Related
Excepted: I want to get signed urls with my AWS CloudFront url.
What I have done: I have created a AWS CloudFront instence and enabled Restrict Viewer Access function, Trusted Signers is Self.
Below is the php code I want to sign the url
function getSignedURL()
{
$resource = 'http://d2qui8qg6d31zk.cloudfront.net/richardcuicks3sample/140-140.bmp';
$timeout = 300;
//This comes from key pair you generated for cloudfront
$keyPairId = "YOUR_CLOUDFRONT_KEY_PAIR_ID";
$expires = time() + $timeout; //Time out in seconds
$json = '{"Statement":[{"Resource":"'.$resource.'","Condition":{"DateLessThan":{"AWS:EpochTime":'.$expires.'}}}]}';
//Read Cloudfront Private Key Pair
$fp=fopen("private_key.pem","r");
$priv_key=fread($fp,8192);
fclose($fp);
//Create the private key
$key = openssl_get_privatekey($priv_key);
if(!$key)
{
echo "<p>Failed to load private key!</p>";
return;
}
//Sign the policy with the private key
if(!openssl_sign($json, $signed_policy, $key, OPENSSL_ALGO_SHA1))
{
echo '<p>Failed to sign policy: '.openssl_error_string().'</p>';
return;
}
//Create url safe signed policy
$base64_signed_policy = base64_encode($signed_policy);
$signature = str_replace(array('+','=','/'), array('-','_','~'), $base64_signed_policy);
//Construct the URL
$url = $resource.'?Expires='.$expires.'&Signature='.$signature.'&Key-Pair-Id='.$keyPairId;
return $url;
}
For $keyPairId and private_key.pem, I logged in my root account and generated this two variables in Security Credentials->CloudFront Key Pairs section.
If I access http://d2qui8qg6d31zk.cloudfront.net/richardcuicks3sample/140-140.bmp on browser directly. It will response like
<Error>
<Code>MissingKey</Code>
<Message>
Missing Key-Pair-Id query parameter or cookie value
</Message>
</Error>
After I run the function, I got a long signed url, parse the url on chrome browser, it will response like
<Error>
<Code>InvalidKey</Code>
<Message>Unknown Key</Message>
</Error>
Question: I have search AWS document and google much time about this, Could anyone tell me why this happened or if I miss something? Thanks in advance!
$priv_key=fread($fp,8192);
If I understand, you generated the key. If so, it looks like you are setting a key size that is not supported.
The key pair must be an SSH-2 RSA key pair.
The key pair must be in base64 encoded PEM format.
The supported key lengths are 1024, 2048, and 4096 bit
Docs: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html#private-content-creating-cloudfront-key-pairs
I opted for Trusted Key Groups and i got that invalidkey/unknownkey error when i initially thought that the keypair id is the same as the access key id under "My Security Credentials". The correct one to use is that ID from your public keys (CloudFront > Key Management > Public Keys).
Thanks #imperalix for answering this question.
I have solved this issue,
Inspired by this site, I found I used the wrong CloudFront url to be signed.
Before: http://d2qui8qg6d31zk.cloudfront.net/richardcuicks3sample/140-140.bmp
After: http://d2qui8qg6d31zk.cloudfront.net/140-140.bmp
Because I create the CloudFront distribution for the richardcuicks3sample bucket, so don't need include this bucket name in the url. After I changed the url, the signed url works well.
How can i get the user id from facebook url and get the basic info ?
This will be possible if i use the http://www.facebook.com/[username] '
In order to get the ID of a Facebook User, you need to authorize the User: https://developers.facebook.com/docs/facebook-login/
After that, you will get an "App Scoped ID" for that User with this API endpoint: https://graph.facebook.com/me?access_token=[user-token]
It is NOT possible to get the ID of a user by his username (or URL). Scraping is not allowed on Facebook - that i what some platforms do. But you do not need that ID anyway, you can just use the App Scoped ID instead.
i'm currently using the following api of FB Login integration in my Mobile Website : FB.api('/me', function(response){...} . In the resposnse i am only getting an id field and a name field. Is there any way where i can retrieve the actual email of the user who logs on to the site using FB Login pop up.
I read in the documentations about another URL /{id} , but it also returns only id and name.
Please suggest
To get the email of a user, you have to autorize the user with the email permission, and you have to add the field parameter to the API call:
FB.api('/me?fields=name,email', function(response){...}
or:
FB.api('/me', {fields: 'name,email'}, function(response){...}
Check out the changelog, about "Declarative Fields": https://developers.facebook.com/docs/apps/changelog#v2_4
I'm requesting graph.facebook.com like that :
graph.facebook.com/bordeauxmaville?fields=posts.limit(1).fields(message,picture,created_time,shares,likes,actions)&access_token=MYAPIKEY|MYAPPSECRET
You can try it with your own access-token on :
https://developers.facebook.com/tools/explorer/?method=GET&path=bordeauxmaville%3Ffields%3Dposts.limit(1).fields(message%2Cpicture%2Ccreated_time%2Cshares%2Clikes%2Cactions)
I get message, picture, created_time, shares, and likes but with the last : actions, the graph api writes : field is empty or disallowed by the access-token.
It works with the access-token of my Facebook account with the permission user_friends enabled.
On my app's authorizations parameters on developers.facebook.com I tried to set :
user_actions.news, manage_pages, read_stream, and user_friends
But I still can't get the actions field.
==>Which parameter should I set to get this field with the same access token ?
Thx
--It's my First Ask
--I'm French and trying to speak English, sorry for grammar
I solved the problem by using the "id" field given with the request :
graph.facebook.com/bordeauxmaville?fields=posts.limit(1).fields(message,picture,created_time,shares,likes)&access_token=MYAPIKEY|MYAPPSECRET
I got : "10655XXXX47646_530492XXX87198"
I split it into two string :
String str1 = "10655XXXX47646";
String str2 = "530492XXX87198";
String link = "https://www.facebook.com/" + str1 + "/posts/" + str2
I finally got the same information as in the disallowed field named "actions".
I'm working on building a library for a client to integrate with LinkedIn's API and am currently working on the OAuth implementation. I am able to request the initial token's no problem and have the user grant the authentication to my app, but when I try to request the access token with the oauth_token and oauth_verifier (along with the rest of the oauth information that I send with ever request, I get a signature invalid error.
The OAuth settings that I send are as follows:
oauth_consumer_key
oauth_nonce
oauth_timestamp
oauth_signature_method
oauth_version
oauth_token
oauth_verifier
I also add in the oauth_signature which is a signed version of all of those keys. I sign the request with the following method:
public void function signRequest(any req){
var params = Arguments.req.getAllParameters();
var secret = "#Variables.encoder.parameterEncodedFormat(getConsumer().getConsumerSecret())#&#Variables.encoder.parameterEncodedFormat(Arguments.req.getOAuthSecret())#";
var base = '';
params = Variables.encoder.encodedParameter(params, true, true);
secret = toBinary(toBase64(secret));
local.mac = createObject('java', 'javax.crypto.Mac').getInstance('HmacSHA1');
local.key = createObject('java', 'javax.crypto.spec.SecretKeySpec').init(secret, local.mac.getAlgorithm());
base = "#Arguments.req.getMethod()#&";
base = base & Variables.encoder.parameterEncodedFormat(Arguments.req.getRequestUrl());
base = "#base#&#Variables.encoder.parameterEncodedFormat(params)#";
local.mac.init(local.key);
local.mac.update(JavaCast('string', base).getBytes());
Arguments.req.addParameter('oauth_signature', toString(toBase64(mac.doFinal())), true);
}
I know that it works, because I can use the same method to request the initial token (without the oauth_token or oauth_verifier parameters), so I am assuming that it is a problem with the parameters that I am signing. (And yes I am alphabetically ordering the parameters before I sign them)
So is there a parameter that I shouldn't be including in the signature or another one that I should be?
This is an example of a base string that gets encrypted:
POST&https%3A%2F%2Fwww.linkedin.com%2Fuas%2Foauth%2FaccessToken&oauth_consumer_key%3Dwfs3ema3hi9s%26oauth_nonce%3D1887241367210%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1331326503%26oauth_token%3D8b83142a-d5a6-452e-80ef-6e75b1b0ce18%26oauth_verifier%3D94828%26oauth_version%3D1.0
When sending a POST request, you need to put the authentication information in the header, not in the query parameters.
See this page for information (look for "Sending an Authorization Header"):
https://developer.linkedin.com/documents/common-issues-oauth-authentication
I suspect this is the issue you're running into.
Okay, so it was a stupid answer, but the problem was that I didn't see the oauth_token_secret come in when the user allowed access to my app, so I was still trying to sign the request using only the consumer secret and not both the consumer secret and oauth token secret.