认沽正确
define('AWS_ACCESS_KEY_ID','XXXXXXXXXXXXXXXXXX'); define('AWS_SECRET_ACCESS_KEY','XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX);
将单词正确
也改变
简介:
亚马逊FPS向您发送出站通知在GET和POST在您RETURNURL形式和IPN分别端点。当您处理这些通知时,我们建议您验证签名以确保通知实际上源于我们。您可以使用签名版本2对VerifySignature API进行服务器端调用来验证签名。在此调用中,您将包含收到的HTTP参数的整个URL发送到FPS VerifySignature API,并且它将返回一个布尔值,指示签名是否经过验证。使用此API验证签名的示例包含在src/com/amazonaws/ipnreturnurlvalidation文件夹中。其用法如下所述。 包装内容 目录概览 src /亚马逊/ FPS所有来源,包括演示进行FPS调用的代码示例。 src/Amazon/IpnReturnUrlValidation所有资源包括演示验证ipn和返回url通知的代码示例。 验证传入的签名 步骤来验证返回URL
Go to src/Amazon/IpnReturnUrlValidation/Samples directory and open ReturnUrlVerificationSampleCode.php
In function test, replace/add the parameters you received at your return url and also update urlEndPoint to your return url end point.
$utils = new Amazon_FPS_SignatureUtilsForOutbound();
//Parameters present in return url.
$params["expiry"] = "10/2013";
$params["tokenID"] = "Q5IG5ETFCEBU8KBLTI4JHINQVL6VAJVHICBRR49AKLPIEZH1KB1S8C7VHAJJMLJ3";
$params["status"] = "SC";
$params["callerReference"] = "1253247023946cMcrTRrjtLjNrZGNKchWfDtUEIGuJfiOBAAJYPjbytBV";
$params["signatureMethod"] = "RSA-SHA1";
$params["signatureVersion"] = "2";
$params["certificateUrl"] = "https://fps.amazonaws.com/certs/090909/PKICert.pem";
$params["signature"] = "H4NTAsp3YwAEiyQ86j5B53lksv2hwwEaEFxtdWFpy9xX764AZy/Dm0RLEykUUyPVLgqCOlMopay5"
. "Qxr/VDwhdYAzgQzA8VCV8x9Mn0caKsJT2HCU6tSLNa6bLwzg/ildCm2lHDho1Xt2yaBHMt+/Cn4q"
. "I5B+6PDrb8csuAWxW/mbUhk7AzazZMfQciJNjS5k+INlcvOOtQqoA/gVeBLsXK5jNsTh09cNa7pb"
. "gAvey+0DEjYnIRX+beJV6EMCPZxnXDGo0fA1PENLWXIHtAoIJAfLYEkVbT2lva2tZ0KBBWENnSjf"
. "26lMZVokypIo4huoGaZMp1IVkImFi3qC6ipCrw==";
$urlEndPoint = "http://www.mysite.com/call_pay.jsp"; //Your return url end point.
print "Verifying return url signed using signature v2 ....\n";
//return url is sent as a http GET request and hence we specify GET as the http method.
//Signature verification does not require your secret key
print "Is signature correct: " . $utils->validateRequest($params, $urlEndPoint, "GET") . "\n";
Run the sample and make sure the signature is valid.
步骤来验证IPN帖子
Go to src/Amazon/IpnReturnUrlValidation/Samples directory and open IpnVerificationSampleCode.php
In function test, replace/add the parameters that you got in your IPN post. Also, set the urlEndPoint to your IPN end point.
$utils = new Amazon_FPS_SignatureUtilsForOutbound();
//Parameters present in ipn.
$params["transactionId"] = "14DRG2JGR7LK4J54P544DKKNDLQFFZLE323";
$params["transactionDate"] = "1251832057";
$params["status"] = "INITIATED";
$params["notificationType"] = "TransactionStatus";
$params["callerReference"] = "callerReference=ReferenceStringJYI1251832057319108";
$params["operation"] = "PAY";
$params["transactionAmount"] = "USD 1.00";
$params["buyerName"] = "BuyerName-SsUo3oDjHx";
$params["paymentMethod"] = "CC";
$params["paymentReason"] = "DescriptionString-1251832057319108";
$params["recipientEmail"] = "[email protected]";
$params["signatureMethod"] = "RSA-SHA1";
$params["signatureVersion"] = "2";
$params["certificateUrl"] = "https://fps.amazonaws.com/certs/090909/PKICert.pem";
$params["signature"] = "vKXXCbtxvSkRR+Zn8YNW6DNGpbi474h2iM4L+xaOi16kYKdYpuGbvKyXQ36uTZTVHdUGAAcvpXFL"
. "wDfnTcqcckr2IUElrVJKQeT0WeWR+IqmABwSRGo+YqjzPNISSNXNzg6LFhouhUvmmwY15X3YgXfc"
. "ERN5IhPwv04YkyCLPCA9P0/QgD8Jum/hc9jj0HYjj3s3MuuQ3yoIhf2x+2CBZRm5lslRqnoF/8OJ"
. "1ZHmAHt9VvQSZ+QC3fwJgeqzJPAvtuOm930BP6hPYZVhXE5w7ByLt0qLk1ZFE/vzQ4io4vOyie6W"
. "bhp5+AuNyAs+QrGMYO8VZruZJfkZO4b6QOgV2A==";
$urlEndPoint = "http://www.mysite.com/ipn.jsp"; //Your url end point receiving the ipn.
print "Verifying IPN signed using signature v2 ....\n";
//IPN is sent as a http POST request and hence we specify POST as the http method.
//Signature verification does not require your secret key
print "Is signature correct: " . $utils->validateRequest($params, $urlEndPoint, "POST") . "\n";
Run the sample make sure the signature is valid.
摘要的使用服务器端验证返回URL和IPN的步骤:
捕获您的IPN端点上的通知
个
2次
通过所有的参数SignatureUtilsForOutbound的validateRequest方法
捕获由validateRequest方法返回的布尔值并处理所述IPN或丢弃根据其值
关于图书馆
Based on the 2010-08-28 API version.
Version: 2.1
Release Date: 2012-10-01
此前你开始
将amazon-fps-2010-08-28-php5-library.zip的内容提取到一个文件夹。文件夹“amazon-fps-2010-08-28-php5-library”将被创建。此文件夹将从此处起被称为。此文件夹应包含以下子目录:
src — This folder contains the code files for the library and sample API calls to Amazon FPS.
先决条件
Amazon FPS Sandbox Account (Click here to sign up).
Amazon FPS Developer Account (Click here to sign up).
You must have PHP version 5.2.6 or later installed
You must have cURL version 7.26 or later installed
配置
Update the keys required to make the API call. This is one time activity and should be same for all APIs
Goto <ROOT>/src/Amazon/FPS/Samples directory
Open the .config.inc.php file
Change the following two lines and save the file
define('AWS_ACCESS_KEY_ID', '<Your aws access key>');
define('AWS_SECRET_ACCESS_KEY', '<Your aws secret key>');
Update the FPS/CBUI endpoints (only required for sandbox environment, for prodouction no changes are required)
Open the CBUIPipeline.php file
Change the following line if needed and save the file
protected static $CBUI_URL = "https://authorize.payments-sandbox.amazon.com/cobranded-ui/actions/start";
Open the Client.php file
Change the following line if needed and save the file
private $_config = array ('ServiceURL' ='https://fps.sandbox.amazonaws.com')
步骤进行付款
进行付款包括两个部分。首先,您通过将购买者重定向到亚马逊FPS主办的联合品牌页面获得付款授权。当买家返回您的网站时,您会收到一个付款授权(也称为发件人令牌),作为返回URL的一部分。其次,您在“付款”API调用中使用此付款授权或发件人令牌进行付款。 步骤从买方
Setup an app server at your side to receive HTTP redirect from Cobranded UI.
Get the authorization from the buyer
Go to <ROOT>/src/Amazon/CBUI/Samples directory and open CBUISingleUsePipelineSample.php
In function test, set the following fields
$pipeline = new Amazon_FPS_CBUISingleUsePipeline(AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY);
$pipeline->setMandatoryParameters("callerReferenceSingleUse",
"http://www.mysite.com/call_back.jsp", "5");
//optional parameters
$pipeline->addParameter("currencyCode", "USD");
$pipeline->addParameter("paymentReason", "HarryPotter 1-5 DVD set");
//SingleUse url
print "Sample CBUI url for SingleUse pipeline : " . $pipeline->getUrl() . "\n";
Run this smaple and copy the URL printed on console and paste it on your browser. You will be redirected to Amazon FPS CBUI
Go through the pipeline. Make sure you use a different Amazon FPS account, while acting as buyer. At the end of the pipeline, you(buyer) will be redirected back to the return URL provided in the query string above.
The return URL will include expiry, tokenID, status, callerReference and signature parameters. Please note that tokenID will be used in Pay later.
Validate that Amazon Payments CBUI actually redirected the customer to the Return URL specified. We use server-side validation using VerifySignature API call. Click here for steps.
Steps to make a payment
Open PaySample.php in <ROOT>/src/Amazon/FPS/Samples
Replace the following line
// @TODO: set request. Action can be passed as Amazon_FPS_Model_PayRequest
with the code snippet below:
$request = new Amazon_FPS_Model_PayRequest();
$request->setSenderTokenId('A12345666666BCDEFFF');//set the proper senderToken here.
$amount = new Amazon_FPS_Model_Amount();
$amount->setCurrencyCode("USD");
$amount->setValue('1'); //set the transaction amount here;
$request->setTransactionAmount($amount);
$request->setCallerReference('CallerReference123456789'); //set the unique caller reference here.
Set SenderTokenId the same as the one returned by CBUI above
Run php PaySample.php to make the pay API call. You should see the output similar to the following:
PayResponse
PayResult
TransactionId
13L1AFBDB54MM68LBL8UDPJTQOZNP1F3PTC
TransactionStatus
Pending
ResponseMetadata
RequestId
85b069ef-8b27-43e1-89cf-f1cfcb3a0e72:0
...
Experiment with other samples, examine samples sources. When ready, add library project to your solution, and use it.
If the response status is Pending, you can use GetTransactionStatus API to get latest transaction status
Amazon Payments will post an IPN for this transaction to your ipn url registered with us. We use server-side validation using VerifySignature API call . Click here for steps.
相关资源 更多关于亚马逊FPS 文档 代码样本得到authrorization 联系我们的技术问题 意见,问题或反馈 如果你对任何意见,问题或意见图书馆,请在这里开始讨论(亚马逊FPS论坛)。