ZF-7033: Zend_Service_Amazon has until Auguest 15, 2009 to authenticate requests with HMAC-SHA256 of the secret key

Issue Type: Bug Created: 2009-06-16T19:15:33.000+0000 Last Updated: 2009-08-03T05:15:30.000+0000 Status: Resolved Fix version(s): - 1.9.0 (31/Jul/09)

Reporter: twk (twk) Assignee: Benjamin Eberlei (beberlei) Tags: - Zend_Service_Amazon

Related issues: Attachments:


You have until August 15, 2009 to authenticate requests sent to the Product Advertising API. After August 15, 2009, messages that aren't authenticated will be denied.

The current interface $amazon = new Zend_Service_Amazon($appId, $countryCode); should be like $amazon = new Zend_Service_Amazon($appId, $countryCode, $appSecretKey);


Posted by André Bergues (mumuri) on 2009-07-09T12:13:18.000+0000

this should help

i confirm the problem,

In order to do this evolution:

  • add a new parameters with the secret key
  • modify the _prepareOptions L194 in Zend/Service/Amazon.php

Posted by Benjamin Eberlei (beberlei) on 2009-07-16T02:23:02.000+0000

I'll look into it for 1.9

Posted by Benjamin Eberlei (beberlei) on 2009-07-26T06:26:11.000+0000

Fixed, will be included in 1.9 release

Posted by Tianon Gravi (admwiggin) on 2009-07-27T11:29:07.000+0000

I've been checking out the (supposedly feature-frozen) 1.9 beta, and have noticed that some of the Amazon APIs are authenticating requests, but that the obvious Zend_Service_Amazon class itself is not. I see the changes in the trunk, however. Are these not to be included in the final 1.9 release after all? Did we miss the feature-freeze?

Posted by Benjamin Eberlei (beberlei) on 2009-07-27T11:44:50.000+0000

hm, thats not true. i merged it into 1.9 release branch, see yourself…

Posted by Tianon Gravi (admwiggin) on 2009-07-27T12:00:34.000+0000

Ah, I see. I was (erroneously, I guess) looking here, at the 1.9.0 beta 1 release tag:…

Thanks for your work, however! It's much appreciated!

Posted by Walter Huber (whuber) on 2009-08-03T05:15:30.000+0000

Maybe I misunderstood the Amazon API but since today I receive errors on every 5th request, as they started to reject randomly unsinged request to test the new singature. After analysing the funciton "_prepareOptions" I found out the options are sorted alphabetically but not the option "signature" which will be added afterwards. Since I added "ksort($options);" again, there are no more errors!?…

Have you found an issue?

See the Overview section for more details.


© 2006-2016 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.