Issue
I'm trying to build a little script PHP to integrate with the Microsoft Graph API.
I have an admin account in Azure, and have set up a new app through the portal. I've downloaded and installed the PHP SDK, and have managed to set everything up so that I can get a user successfully.
However, POSTing a new user returns me a 400 bad request:
$newUser = new User();
$newUser->setAccountEnabled(true);
$newUser->setGivenName('name');
$newUser->setSurname('surname');
$newUser->setUserPrincipalName('email#dot.com');
$password = new PasswordProfile();
$password->setPassword("pwd");
$password->setForceChangePasswordNextSignIn(false);
$newUser->setPasswordProfile($password);
$identities = new ObjectIdentity();
$identities->setSignInType("emailAddress");
$identities->setIssuer("a tenantId");
$identities->setIssuerAssignedId("email#dot.com");
$newUser->setIdentities($identities);
$user = $this->graph->createRequest('POST', '/users')
->attachBody($newUser)
->setReturnType(Model\User::class)
->execute();
Returns:
{"error":{"code":"BadRequest","message":"Property identities in payload has a value that does not match schema.","innerError":{"date":"2021-11-15T15:26:24","request-id":"an id","client-request-id":"an id"}}}
How can I solve this issue?
Thanks for any help.
Update
I have found a solution for this problem (obviously, is temporary).
The section "identities" must be set as an array (in JSON) like in this example
"identities": [
{
"signInType": "emailAddress",
"issuer": "contoso.onmicrosoft.com",
"issuerAssignedId": "jsmith#yahoo.com"
}
]
Probably, the PHP code above not set the section "identities" as an array.
Now, I send directly a JSON with the section "identities" as an array but I would like to use the PHP code above.
How can I transform the PHP code above to pass "identities" as an array like in the JSON example?
Thanks again.
Try creating an array and adding the identities on there like. This will add the identities property as an array of Model\ObjectIdentity()
...
$identities = [];
$identity = new Model\ObjectIdentity();
$identity->setSignInType("type");
$identity->setIssuer("issuer");
$identity->setIssuerAssignedId("issure-assigned-id");
array_push($identities, $identity);
$newUser->setIdentities($identities);
...
I don’t know not to get EC2 instance availability zone and instance id details using php in amazon web services. As I don’t know how to fetch data, so I haven’t tried anything. Help me out.
The thing I want:
/info
This is exact what I wanted:
In that info page I can want to display that Instance details.
Thanks in advance
You can get the current instances values by using the meta-data api, these can be accessed from within your application by using a HTTP request library such as GuzzleHTTP or by using native cURL commands built into PHP.
To get the instance ID you would need to request from your current server to the following URL.
http://169.254.169.254/latest/meta-data/instance-id
To get the instances current availability zone you would need to request from your current server the following URL
http://169.254.169.254/latest/meta-data/placement/availability-zone
Assuming you use GuzzleHTTP it would be as simple as calling the below
$client = new GuzzleHttp\Client();
$response = $client->get('http://169.254.169.254/latest/meta-data/instance-id');
echo "Instance ID: " . $response->getBody();
$response = $client->get('http://169.254.169.254/latest/meta-data/placement/availability-zone');
echo "Availability Zone: " . $response->getBody();
I'm trying to set up Dialogflow on a php backend. According to the documentation: https://googleapis.dev/nodejs/dialogflow/latest/v2beta1.SessionsClient.html
I should be able to pass as a parameter the path of the json key file I previously generated with the Google Cloud Console to access DialogFlow's API.
$path = dirname(__DIR__, 2) . '\_________-_______-____________.json';
$config = [
'keyFilename' => $path,
];
$sessionsClient = new SessionsClient($config);
I keep getting this error: Could not construct ApplicationDefaultCredentials
I double checked the path using the file_get_contents method, it's valid.
Any idea ?
Something is wrong with the doc.
Using the key credentials instead of keyFilename did the work.
I am using the following example code to fetch details. And it's giving error:
amazonproduct.errors.InvalidClientTokenId: InvalidClientTokenId: The
AWS Access Key Id you provided does not exist in our records.
The same is working while I used in PHP. I generated the key going to IAM Console.
access_key = '***'
secret_key = '***'
associate_tag = 'ptab-20'
api = API(locale='us')
result = api.item_lookup('B006H3MIV8')
for item in result.Items.Item:
print '%s (%s)' % (item.ItemAttributes.Title, item.ASIN)
Somehow python-amazon-product-api is not considering the config file i.e. ~/.amazon-product-api. Alternatively you can specify your credentials directly when instantiating API object by
api = API(AWS_KEY, SECRET_KEY, "us")
I am trying to use Amazon Payment Services, and they require me to do something like this:
Here is the complete signature so you can see I added the signature method:
$string_to_sign = "GET\n
authorize.payments-sandbox.amazon.com\n
cobranded-ui/actions/start?
SignatureMethod=HmacSHA256&SignatureVersion=2&callerKey=my_key&callerReference=YourCallerReference&paymentReason=donation&pipelineName=SingleUse&returnUrl=http%3A%2F%2Fyourwebsite.com%2Freturn.html&transactionAmount=4.0";
and then I encrypt it like below.
$encoded_string_to_sign = URLEncode(Base64_Encode(hash_hmac("sha256", $string_to_sign, 'my_secret_key')));
I do that, but then I get an error from them saying:
Caller Input Exception: The following input(s) are either invalid or absent:[signatureMethod]
Any idea what might be going wrong here?
Here is the entire code for this: (the variables are assigned values above)
<?php
$string_to_sign = 'GET
authorize.payments-sandbox.amazon.com/cobranded-ui/actions/startSignatureMethod=HmacSHA256&SignatureVersion=2&callerKey=AKIAJENBYSJCJX2IDWDQ&callerReference=YourCallerReference&paymentReason=donation&pipelineName=SingleUse&returnUrl=http%3A%2F%2Fproblemio.com&transactionAmount=4.0';
$encoded_string_to_sign = URLEncode(Base64_Encode(hash_hmac("sha256", $string_to_sign, 'my_secret_key')));
$amazon_request_sandbox = 'https://authorize.payments-sandbox.amazon.com/cobranded-ui/actions/start?SignatureVersion=2&returnUrl='.$return_url.'&paymentReason='.$payment_reason.'&callerReference=YourCallerReference&callerKey='.$my_access_key_id.'&transactionAmount=4.0&pipelineName=SingleUse&SignatureMethod=HmacSHA256&Signature='.$encoded_string_to_sign;
//echo $amazon_request_sandbox; - use this if you want to see the resulting request and paste it into the browser
header('Location: '.$amazon_request_sandbox);
?>
Thanks!!
Check if you included &SignatureMethod=HmacSHA256 on the request
This kind of errors has 3 basic natures:
Missing Keys/Values
Typos on Keys/Values
Incorrect encoding or spaces on Keys/Values
Hope that helps!
Regards
The only piece that wasn't suggested was that you need to use rawurlencode() on the transactionAmount that's part of the $string_to_sign.
Most other answers are a piece of the problem. For instance, you need to add a new line to the $string_to_sign after the GET (which you have), after the authorize.payments-sandbox.amazon.com, and after the /cobranded-ui/actions/start. You also need to set the $raw_output parameter to true in the hash_hmac() function.
I've included a complete working rewrite of your code (replace <Your_Access_Key> and <Your_Secret_Key>):
$return_url = rawurlencode('http://problemio.com');
$payment_reason = 'donation';
$transaction_amount = rawurlencode('4.0');
$secret_key = '<Your_Secret_Key>';
$my_access_key_id = '<Your_Access_Key>';
$string_to_sign = 'GET
authorize.payments-sandbox.amazon.com
/cobranded-ui/actions/start
SignatureMethod=HmacSHA256&SignatureVersion=2&callerKey=' . $my_access_key_id . '&callerReference=YourCallerReference&paymentReason=' . $payment_reason . '&pipelineName=SingleUse&returnUrl=' . $return_url . '&transactionAmount=' . $transaction_amount;
$encoded_string_to_sign = URLEncode(Base64_Encode(hash_hmac("sha256", $string_to_sign, $secret_key, true)));
$amazon_request_sandbox = 'https://authorize.payments-sandbox.amazon.com/cobranded-ui/actions/start?SignatureVersion=2&returnUrl=' . $return_url . '&paymentReason=' . $payment_reason . '&callerReference=YourCallerReference&callerKey=' . $my_access_key_id . '&transactionAmount=4.0&pipelineName=SingleUse&SignatureMethod=HmacSHA256&Signature=' . $encoded_string_to_sign;
However, I strongly suggest that you use the PHP library provided by the FPS community which can be downloaded here. I use this in production code and have never had an issue. Using the FPS library, your code would look like the following:
<?php
require_once 'CBUISingleUsePipeline.php';
require_once 'CBUIPipeline.php';
$secret_key = '<Your_Secret_Key>';
$my_access_key_id = '<Your_Access_Key>';
$return_url = 'http://problemio.com';
$transaction_amount = '4.0';
$caller_reference = '<Your_Caller_Reference>';
$payment_reason = 'donation';
$base = 'https://authorize.payments-sandbox.amazon.com/cobranded-ui/actions/start';
$pipeline = new Amazon_FPS_CBUISingleUsePipeline($my_access_key_id, $secret_key);
$pipeline->setMandatoryParameters($caller_reference, $return_url, $transaction_amount);
$pipeline->addParameter('paymentReason', $payment_reason);
$uRL = $pipeline->getURL($base);
?>
Have you set your signature method? from the AWS documentation:
You must set the SignatureMethod request parameter to either
HmacSHA256 or HmacSHA1 to indicate which signing method you're using
I don't believe you need to base64 encode the hash (after all, it's already being urlencoded) -- try removing Base64_Encode.
Your $string_to_sign variable is missing a '?' between start and SignatureMethod for your encoded Signature.
Signature version 2 is an enhanced signing method for both Amazon
Simple Pay and Amazon Flexible Payments Service.
For inbound requests (from your application to Amazon Payments), it
uses the entire request URI as the basis for the signature, with
encryption based on the unique security credentials for your account.
For outbound requests (from Amazon Payments to your application),
Amazon signs the response which you can verify using the
VerifySignature API
EDIT:
As #Jonathan Spooner mentioned already and what I use is the function varifySignature() located in
/amazon-fps-2010-08-28-php5-library/src/Amazon/FPS/Samples/Client.php
which can be downloaded here. It also has an example as to how to use it in
/amazon-fps-2010-08-28-php5-library/src/Amazon/FPS/Samples/VerifySignatureSample.php
It makes the whole process much easier. It may be worth a shot...
Have you tried this
base64_encode(hash_hmac('sha256', $Request, $AmazonSecretKey, true));
Pass a boolean to pass it as a raw output.
You're most definitely missing the last parameter for hash_hmac which has to be set true to get RFC 2104-compliant HMAC signature:
base64_encode(
hash_hmac($hash, $data, $key, true)
);
And in the complete example you're missing new lines in $string_to_sign.