The code below results in an SignatureDoesNotMatch error and haven't had much luck on their forums or with support - any suggestions as to what is wrong with the below code?
<?php
error_reporting(E_ALL);
ini_set("display_errors", 1);
$AWS_ACCESS_KEY_ID = "";
$AWS_SECRET_ACCESS_KEY = "";
$base_url = "http://ecs.amazonaws.com/onca/xml?";
$url_params = array('Operation'=>"ItemSearch",'Service'=>"AWSECommerceService",
'AWSAccessKeyId'=>$AWS_ACCESS_KEY_ID,'AssociateTag'=>"",
'Version'=>"2011-08-01",'Availability'=>"Available",'Condition'=>"All",
'ItemPage'=>"1",'ResponseGroup'=>"Images,ItemAttributes,EditorialReview",
'Keywords'=>"Amazon");
// Add the Timestamp
$url_params['Timestamp'] = gmdate("Y-m-d\TH:i:s.\\0\\0\\0\\Z", time());
// Sort the URL parameters
$url_parts = array();
foreach(array_keys($url_params) as $key)
$url_parts[] = $key."=".$url_params[$key];
sort($url_parts);
// Construct the string to sign
$string_to_sign = "GET\necs.amazonaws.com\n/onca/xml\n".implode("&",$url_parts);
$string_to_sign = str_replace('+','%20',$string_to_sign);
$string_to_sign = str_replace(':','%3A',$string_to_sign);
$string_to_sign = str_replace(';',urlencode(';'),$string_to_sign);
// Sign the request
$signature = hash_hmac("sha256",$string_to_sign,$AWS_SECRET_ACCESS_KEY,TRUE);
// Base64 encode the signature and make it URL safe
$signature = base64_encode($signature);
$signature = str_replace('+','%2B',$signature);
$signature = str_replace('=','%3D',$signature);
$signature = str_replace(';',urlencode(';'),$signature);
$url_string = implode("&",$url_parts);
$url = $base_url.$url_string."&Signature=".$signature;
print $url;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 15);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$xml_response = curl_exec($ch);
echo $xml_response;
?>
I was getting similar error message:
["Code"]=> string(21) "SignatureDoesNotMatch"
["Message"]=> string(100) "Signature expired: 20130528T162908Z is now earlier than 20130528T162916Z (20130528T163416Z - 5 min.)"
After checking my server clock, I noticed that it time was not right, and after syncing my server clock sudo ntpdate ntp.ubuntu.com I was able to send emails with no problem, I hope this help.
Related
i am trying to verify the signature of a jwt im sending but it doesnt match, despite making sure that both payload and header are identical.
here is my client code, the one sending the jwt:
<?php
$ch = curl_init();
$handle = fopen("C:/xampp/htdocs/video/charmscene.mp4", "rb");
$contents = fread($handle, filesize("C:/xampp/htdocs/video/charmscene.mp4"));
fclose($handle);
//encode binary file to 64 because json doesnt support binary
$encoded_file = base64_encode($contents);
//serialize -> 64enc ->json enc
$header = ['typ' => 'JWT', 'alg' => 'HS256'];
$payload = ["filename"=>"charmscene","api"=>"VALIDAPIKEY"];
$secret = "thisisasecret";
$headerenc = base64_encode(serialize($header));
$payloadenc = base64_encode(serialize($payload));
$signature = hash_hmac("SHA256",$headerenc .".".$payloadenc, $secret,true);
$signature_enc = base64_encode($signature);
$jwt = $headerenc.".".$payloadenc.".".$signature_enc;
curl_setopt($ch, CURLOPT_URL, "http://localhost/app/webservice/api/index.php?clients=123");
$requestheaders = ['Accept: application/json', "WWW-Authenticate: Bearer ".$jwt];
curl_setopt($ch, CURLOPT_HTTPHEADER, $requestheaders);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Get the payload of the response:
$responsedata = curl_exec($ch);
echo $responsedata;
curl_close($ch);
?>
and heres the function that deciphers the jwt:
function decipherJwt($jwt)
{
//the secret is shared between client and server beforehand
$secret = "thisisasecret";
$type= strtok($jwt," ");//bearer
$token = substr($jwt,strpos($jwt," "));
$parts = explode(".",$token);
$headerenc = $parts[0];
$payloadenc= $parts[1];
$signatureenc= $parts[2];
$signature = $signatureenc;
$signature2 = base64_encode(hash_hmac("SHA256",$headerenc ."." .$payloadenc, $secret,true));
if($signature!=$signature2)
{
echo "signature doesn't match content";
echo $signature;
echo "</br>";
echo $signature2;
return;
}
return array(unserialize(base64_decode($headerenc)),unserialize(base64_decode($payloadenc)), $signature);
}
the signatures just dont match and i dont get why.
I'm using coinbase pro API to fetch some data and to make some trades but API is returning
{"message":"IP does not match IP whitelist"}
I'm using Rest API with correct API keys. I'm sure API keys are authenticated correctly and while creating API keys, I've entered correct IP address of my server. I rechecked IP 5 times but it's correct. Below is my sample code
<?php
function signature($request_path='', $body='', $timestamp=false, $secret = '', $method='GET') {
$body = is_array($body) ? json_encode($body) : $body;
$timestamp = $timestamp ? $timestamp : time();
$what = $timestamp.$method.$request_path.$body;
return base64_encode(hash_hmac("sha256", $what, base64_decode($secret), true));
}
function make_request($url, $method, $headers, $body = ''){
$ch = curl_init();
// Disable SSL verification
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
// Will return the response, if false it print the response
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
// Set the url
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_VERBOSE, true);
if ($method == "POST") {
curl_setopt($ch, CURLOPT_POST, TRUE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
}
// "accept" => "application/json"
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
// Execute
$result_json = curl_exec($ch);
curl_close($ch);
return $result_json;
}
try {
$apiurl = "https://api.pro.coinbase.com";
$secret = "SUPER_SECRET";
$api_key = "API_KEY";
$passphrase = "PASSPHRASE";
$method = "GET";
$requestPath = "/accounts";
$body = "";
$url = $apiurl . $requestPath;
$data["name"] = "";
$body = json_encode($data);
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$list = explode(" ", $user_agent);
$user_agent = $list[0];
$timestamp = (string) time();
$string = $timestamp . $method . $requestPath;
$sig = signature($requestPath, '', $timestamp, $secret);
$headers = [
"CB-ACCESS-KEY: ".$api_key,
"CB-ACCESS-SIGN: ".$sig,
"CB-ACCESS-TIMESTAMP: ".$timestamp,
"CB-ACCESS-PASSPHRASE: ".$passphrase,
"User-Agent:". $user_agent,
"Content-Type: application/json",
];
$result_json = make_request($url, $method, $headers);
var_dump($result_json);
die;
}
catch(Exception $e){
var_dump($e->getMessage());
die;
}
I've searched a lot for this problem and been struggling with it since 2 days. If anyone can help or point me in right direction? That would be highly appreciated.
Thanks & Regards.
This is what I have tried so far:
$t=time()+60;
$to_sign = "DELETE\n\n\n$t\n/myimage.jpg";
$signature = base64_encode( hash_hmac('sha1', utf8_encode( $to_sign ) , $auth['secretKey'], true) );
$url = "https://mybucket.s3-us-west-1.amazonaws.com/myimage.jpg?AWSAccessKeyId=MYKEYNUMBERXXX&Signature=$signature&Expires=$t";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST,'DELETE');
$result = curl_exec($ch);
Return error: SignatureDoesNotMatch
I'm trying to implement a simple function to delete images in AWS, without having to load the entire SDK.
The Canonicalized Resource in Signature Version 2 Query String authentication is /${bucket}/${key}.
$to_sign = "DELETE\n\n\n$t\n/myimage.jpg"; # incorrect
$to_sign = "DELETE\n\n\n$t\n/mybucket/myimage.jpg"; # correct
Note also that you may need to make some url-escaped substitutions in your signature:
+ becomes %2B
/ becomes %2F
= becomes %3D
Note also that because you are using Signature V2, this code will only work in regions where S3 was deployed before Signature V4 became standard in 2014.
deleteAWS4( "myBucket", "myimage.jpg");
function deleteAWS4( $bucket, $fileName ){
$auth['AccessKeyId'] = "XXXXXXXXXXXXXXXXXXXX";
$auth['secretKey'] = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
$region = "us-west-1";
$date = gmdate("D, d M Y H:i:s")." +0000";
$params = array();
$params['AWSAccessKeyId'] = $auth['AccessKeyId'];
$params['SignatureMethod'] = 'hmac-sha1';
$params['SignatureVersion'] = '2';
$params['Timestamp'] = $date;
uksort($params, 'strcmp'); $params_str = '';
foreach ($params as $key => $val){
$params_str .= rawurlencode($key).'='.rawurlencode($val).'&';
}
$params_str = str_replace('%7E', '~',$params_str); $params_str = substr($params_str, 0, -1);
$t=time()+60;
$to_sign = "DELETE\n\n\n$t\n/$fileName";
$signature = base64_encode( hash_hmac('sha1', utf8_encode( $to_sign ) , $auth['secretKey'], true) );
$url = "https://$bucket.s3-us-west-1.amazonaws.com/$fileName?AWSAccessKeyId={$params['AWSAccessKeyId']}&Signature=$signature&Expires=$t";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
//curl_setopt($ch, CURLOPT_HTTPHEADER, false);
//curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $to_sign);
//curl_setopt($ch, CURLINFO_HEADER_OUT, true);
// get the result
$result = curl_exec($ch); // raw result
$info = curl_getinfo($ch);
// turn the xml response into an array
$result = json_decode(json_encode(simplexml_load_string($result)),true);
echo $url.'<br>';
echo "<pre>"; print_r($result); echo "</pre>";
echo "<pre>"; print_r($info['request_header']); echo "</pre>";
}
Im writing a AWS API request to list users on IAM AWS service. And I'm receiving error message.
<ErrorResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
<Error>
<Type>Sender</Type>
<Code>SignatureDoesNotMatch</Code>
<Message>The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.
The Canonical String for this request should have been
'GET
/
Action=ListUsers&Version=2010-05-08&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIMPILWMPQSH57DNA%2F20160621%2Fus-east-1%2Fiam%2Faws4_request&X-Amz-Date=20160621T142939Z&X-Amz-SignedHeaders=host
host:iam.amazonaws.com
host
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855'
The String-to-Sign should have been
'AWS4-HMAC-SHA256
20160621T142939Z
20160621/us-east-1/iam/aws4_request
c47728e278701ccaada8df76488c18449ada2f1b8aab6275a4bc0ada94af3ce2'
</Message>
</Error>
<RequestId>9672bcf2-37bc-11e6-8b2d-6151d0618c53</RequestId>
</ErrorResponse>
As you can see from my code bellow my canonical string is exactly the same like they wrote in error response but for some reason when im calculating hash my hex value is different that they write.
For example in this error response they wrote that hex value should be
`c47728e278701ccaada8df76488c18449ada2f1b8aab6275a4bc0ada94af3ce2`
and when I use functions
$hashedcanon = hash_hmac("sha256", $canonicalrequest, True);in my code im getting
`57fce72007b43c2621712b85e90fd38f0a1f2c7a3e84799fb9f477ed8546f86e`
Here is my code.
<?php
$AWSAccessKeyId = "<myaccesskey>";
$SecretAccessKey = "<mysecretkey>";
$timestamp = date('Ymd',time()).'T'.date('His',time()).'Z';
$date = date('Ymd',time());
$url = 'https://iam.amazonaws.com';
$method = 'GET';
$postfields['Action'] = 'ListUsers';
$postfields['Version'] = '2010-05-08';
$postfields["X-Amz-Algorithm"] = 'AWS4-HMAC-SHA256';
$postfields['X-Amz-Credential'] = $AWSAccessKeyId.'/'.$date.'/us-east-1/iam/aws4_request';
$postfields['X-Amz-Date'] = $timestamp;
$postfields['X-Amz-SignedHeaders'] = 'host';
$canonicalized_query = array();
foreach ($postfields as $param => $value) {
$param = str_replace("%7E", "~", rawurlencode($param));
$value = str_replace("%7E", "~", rawurlencode($value));
$canonicalized_query[] = $param . "=" . $value;
}
$canonicalized_query = implode("&", $canonicalized_query);
$canonicalrequest = $method."\n".
"/\n".
$canonicalized_query."\n".
"host:iam.amazonaws.com\n".
"\n".
"host\n".
"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
$hashedcanon = hash_hmac("sha256", $canonicalrequest, True);
$string_to_sign = $postfields["X-Amz-Algorithm"]."\n".$timestamp."\n".$date."/us-east-1/iam/aws4_request\n".$hashedcanon;
$signingkey = hash_hmac("sha256",hash_hmac("sha256",hash_hmac("sha256",hash_hmac("sha256","AWS4".$SecretAccessKey,$date),"us-east-1"),"iam"),"aws4_request");
$signature = hash_hmac("sha256", $string_to_sign, $signingkey, True);
$postfields["X-Amz-Signature"] = $signature;
$canonicalized_query = array();
foreach ($postfields as $param => $value) {
$param = str_replace("%7E", "~", rawurlencode($param));
$value = str_replace("%7E", "~", rawurlencode($value));
$canonicalized_query[] = $param . "=" . $value;
}
$canonicalized_query = implode("&", $canonicalized_query);
$fullurl = $url.'/?'.$canonicalized_query;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $fullurl);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLINFO_HEADER_OUT, true); // enable tracking
$result = curl_exec($ch);
$headerSent = curl_getinfo($ch, CURLINFO_HEADER_OUT );
?>`
So in general I'm assuming I'm calculating wrong hex value of string to sign since my and theirs hex value of canonical string are not the same.
Also is interesting when I copy/paste my canonical string to http://hash.online-convert.com/sha256-generator I'm getting third hex value (not even my or theirs).
If anyone needs more info I'm willing to provide it or if anyone has working code for any API AWS if it can share it so I throw an eye and compare and hope I can find error.
Thanks
$hashedcanon = hash_hmac("sha256", $canonicalrequest, True);
Well, three issues...
hash_hmac() takes the key as the third argument, not a boolean, and
you aren't supposed to be calculating an HMAC digest here, so hash_hmac() isn't what you want, and
you want it in hex, not binary, so don't pass True.
You're looking for just hash().
$hashedcanon = hash("sha256", $canonicalrequest);
Note, I'm not saying hash_hmac() is not needed elsewhere -- just not on this line.
Hi guys I will post now fixed and working code just if someone else needs it.
<?php
$AWSAccessKeyId = "<my access key>";
$SecretAccessKey = "<my secret key>";
$timestamp = date('Ymd',time()).'T'.date('His',time()).'Z';
$date = date('Ymd',time());
$url = 'https://iam.amazonaws.com';
$method = 'GET';
$postfields['Action'] = 'ListUsers';
$postfields['Version'] = '2010-05-08';
$postfields["X-Amz-Algorithm"] = 'AWS4-HMAC-SHA256';
$postfields['X-Amz-Credential'] = $AWSAccessKeyId.'/'.$date.'/us-east-1/iam/aws4_request';
$postfields['X-Amz-Date'] = $timestamp;
$postfields['X-Amz-SignedHeaders'] = 'host';
$canonicalized_query = array();
foreach ($postfields as $param => $value) {
$param = str_replace("%7E", "~", rawurlencode($param));
$value = str_replace("%7E", "~", rawurlencode($value));
$canonicalized_query[] = $param . "=" . $value;
}
$canonicalized_query = implode("&", $canonicalized_query);
$canonicalrequest = $method."\n".
"/\n".
$canonicalized_query."\n".
"host:iam.amazonaws.com\n".
"\n".
"host\n".
"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
$hasedcanon = hash("sha256",$canonicalrequest, false);
$credentialScope = $date."/us-east-1/iam/aws4_request";
$string_to_sign = "AWS4-HMAC-SHA256\n{$timestamp}\n{$credentialScope}\n{$hasedcanon}";
$dateKey = hash_hmac('sha256',$date,"AWS4{$SecretAccessKey}",true);
$regionKey = hash_hmac('sha256', "us-east-1", $dateKey, true);
$serviceKey = hash_hmac('sha256', "iam", $regionKey, true);
$key = hash_hmac('sha256','aws4_request',$serviceKey,true);
$signature = hash_hmac('sha256', $string_to_sign, $key);
$postfields["X-Amz-Signature"] = $signature;
$canonicalized_query = array();
foreach ($postfields as $param => $value) {
$param = str_replace("%7E", "~", rawurlencode($param));
$value = str_replace("%7E", "~", rawurlencode($value));
$canonicalized_query[] = $param . "=" . $value;
}
$canonicalized_query = implode("&", $canonicalized_query);
$fullurl = $url.'/?'.$canonicalized_query;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $fullurl);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLINFO_HEADER_OUT, true); // enable tracking
$xml = curl_exec($ch);
$headerSent = curl_getinfo($ch, CURLINFO_HEADER_OUT );
$doc = simplexml_load_string($xml);
echo '<pre>';
print_r($doc);
echo '</pre>';
?>
I'm trying to integrate Amazon Product API into my website and came across several posts that helped me construct the URL. Only problem is when I execute the code below I get the following error. Am I doing something wrong?
Internal Server Error The server
encountered an internal error or
misconfiguration and was unable to
complete your request. Please contact
the server administrator,
awsadmin#amazon.com and inform them of
the time the error occurred, and
anything you might have done that may
have caused the error. More
information about this error may be
available in the server error log.
$AWS_ACCESS_KEY_ID = "[myaccesskeyhere]";
$AWS_SECRET_ACCESS_KEY = "[mysecretkeyhere]";
$base_url = "http://ecs.amazonaws.com/onca/xml?";
$url_params = array('Operation'=>"ItemSearch",'Service'=>"AWSECommerceService",
'AWSAccessKeyId'=>$AWS_ACCESS_KEY_ID,'AssociateTag'=>"yourtag-10",
'Version'=>"2006-09-11",'Availability'=>"Available",'Condition'=>"All",
'ItemPage'=>"1",'ResponseGroup'=>"Images,ItemAttributes,EditorialReview",
'Keywords'=>"Amazon");
// Add the Timestamp
$url_params['Timestamp'] = gmdate("Y-m-d\TH:i:s.\\0\\0\\0\\Z", time());
// Sort the URL parameters
$url_parts = array();
foreach(array_keys($url_params) as $key)
$url_parts[] = $key."=".$url_params[$key];
sort($url_parts);
// Construct the string to sign
$string_to_sign = "GET\necs.amazonaws.com\n/onca/xml\n".implode("&",$url_parts);
$string_to_sign = str_replace('+','%20',$string_to_sign);
$string_to_sign = str_replace(':','%3A',$string_to_sign);
$string_to_sign = str_replace(';',urlencode(';'),$string_to_sign);
// Sign the request
$signature = hash_hmac("sha256",$string_to_sign,$AWS_SECRET_ACCESS_KEY,TRUE);
// Base64 encode the signature and make it URL safe
$signature = base64_encode($signature);
$signature = str_replace('+','%2B',$signature);
$signature = str_replace('=','%3D',$signature);
$url_string = implode("&",$url_parts);
$url = $base_url.$url_string."&Signature=".$signature;
print $url;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 15);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$xml_response = curl_exec($ch);
echo $xml_response;
EDIT
THE ABOVE CODE NOW WORKS...I WAS MISSING A "?" after the BASE URL
$AWS_ACCESS_KEY_ID = "[myaccesskeyhere]";
$AWS_SECRET_ACCESS_KEY = "[mysecretkeyhere]";
$base_url = "http://ecs.amazonaws.com/onca/xml?";
$url_params = array('Operation'=>"ItemSearch",'Service'=>"AWSECommerceService",
'AWSAccessKeyId'=>$AWS_ACCESS_KEY_ID,'AssociateTag'=>"yourtag-10",
'Version'=>"2006-09-11",'Availability'=>"Available",'Condition'=>"All",
'ItemPage'=>"1",'ResponseGroup'=>"Images,ItemAttributes,EditorialReview",
'Keywords'=>"Amazon");
// Add the Timestamp
$url_params['Timestamp'] = gmdate("Y-m-d\TH:i:s.\\0\\0\\0\\Z", time());
// Sort the URL parameters
$url_parts = array();
foreach(array_keys($url_params) as $key)
$url_parts[] = $key."=".$url_params[$key];
sort($url_parts);
// Construct the string to sign
$string_to_sign = "GET\necs.amazonaws.com\n/onca/xml\n".implode("&",$url_parts);
$string_to_sign = str_replace('+','%20',$string_to_sign);
$string_to_sign = str_replace(':','%3A',$string_to_sign);
$string_to_sign = str_replace(';',urlencode(';'),$string_to_sign);
// Sign the request
$signature = hash_hmac("sha256",$string_to_sign,$AWS_SECRET_ACCESS_KEY,TRUE);
// Base64 encode the signature and make it URL safe
$signature = base64_encode($signature);
$signature = str_replace('+','%2B',$signature);
$signature = str_replace('=','%3D',$signature);
$url_string = implode("&",$url_parts);
$url = $base_url.$url_string."&Signature=".$signature;
print $url;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 15);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
$xml_response = curl_exec($ch);
echo $xml_response;
For anyone that was wondering. You can then navigate the xml_response using simplexml!
Hope this helps someone out there :)
Use Bellow code for the Amazon Product API:
<?php
//Enter your IDs
define("Access_Key_ID", "[Your Access Key ID]");
define("Associate_tag", "[Your Associate Tag ID]");
//Set up the operation in the request
function ItemSearch($SearchIndex, $Keywords){
//Set the values for some of the parameters
$Operation = "ItemSearch";
$Version = "2013-08-01";
$ResponseGroup = "ItemAttributes,Offers";
//User interface provides values
//for $SearchIndex and $Keywords
//Define the request
$request=
"http://webservices.amazon.com/onca/xml"
. "?Service=AWSECommerceService"
. "&AssociateTag=" . Associate_tag
. "&AWSAccessKeyId=" . Access_Key_ID
. "&Operation=" . $Operation
. "&Version=" . $Version
. "&SearchIndex=" . $SearchIndex
. "&Keywords=" . $Keywords
. "&Signature=" . [Request Signature]
. "&ResponseGroup=" . $ResponseGroup;
//Catch the response in the $response object
$response = file_get_contents($request);
$parsed_xml = simplexml_load_string($response);
printSearchResults($parsed_xml, $SearchIndex);
}
?>