資料整理
1.sp-api介紹:https://developer.amazonservices.com/
2.github文件:https://github.com/amzn/selling-partner-api-docs
3.github程式碼:https://github.com/amzn/selling-partner-api-models
4.本文程式碼:https://github.com/Cxiaoao/amazon-sellingpartner-api
開發準備
1. 登入亞馬遜賣家賬號申請SP-API開發評估表
注意:角色上後3項不要勾上,可以少填很多資訊
2. 根據 github文件 註冊 AWS,文件寫的挺不錯,可以多去嘗試
3. 申請通過後新增新的App客戶端,型別選SP API,IAM ARN 可以填寫AWS IAM User ARN (arn:aws:iam::0000000000000:user/XXXXX) 或 AWS IAM Role ARN (arn:aws:iam::0000000000000:role/XXXXX)
開發程式碼
1. 通過 AWS IAM User 呼叫
只建立AWS IAM User ARN,不建立角色,直接把策略加到User下,這樣做不符合規範,但可以少調一次介面
訪問級別和訪問資源都可以
LWAAuthorizationCredentials lwaAuthorizationCredentials = new LWAAuthorizationCredentials { // 相關值App客戶端增加後就會有 ClientId = "amzn1.application-XXX-client.XXXXXXXXXXXXXXXXXXXXXXX", ClientSecret = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", RefreshToken = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", Endpoint = new Uri("https://api.amazon.com/auth/o2/token") }; RestClient client = new RestClient("https://sellingpartnerapi-na.amazon.com"); // 獲取訂單列表 RestRequest request = new RestRequest("/orders/v0/orders", Method.GET); request.AddQueryParameter("MarketplaceIds", "A2EUQ1WTGCTBG2"); request.AddQueryParameter("CreatedAfter", "2020-12-01T00:00:00Z"); LWAAuthorizationSigner auth = new LWAAuthorizationSigner(lwaAuthorizationCredentials); auth.Sign(request); AWSAuthenticationCredentials aws = new AWSAuthenticationCredentials(); // 相關值為AWS IAM增加User後下載的cvs aws.AccessKeyId = "XXXXXXXXXXXXXXXXXXX"; aws.SecretKey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"; aws.Region = "us-east-1"; AWSSigV4Signer signer = new AWSSigV4Signer(aws); signer.Sign(request, client.BaseUrl.Host); var resp = client.Execute(request);
2. 通過 AWS IAM Role 呼叫
通過 Github 上建立 AWS IAM User和 AWS IAM Role,這樣做符合規範,但要多調一次介面(STS)
角色和人員是通過角色的信任關係關聯,建立角色是配置了Root。
// 相關值為AWS IAM增加User後下載的cvs var accessKey = "XXXXXXXXXXXXXXXXXXX"; var secretKey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"; var credentials = new BasicAWSCredentials(accessKey, secretKey); var client = new AmazonSecurityTokenServiceClient(credentials); var assumeRoleRequest = new AssumeRoleRequest() { // AWS IAM Role ARN DurationSeconds = 3600, RoleArn = "arn:aws:iam::0000000000000:role/XXXXXXXX", RoleSessionName = DateTime.Now.Ticks.ToString() }; AssumeRoleResponse assumeRoleResponse = await client.AssumeRoleAsync(assumeRoleRequest); RestClient restClient = new RestClient("https://sellingpartnerapi-na.amazon.com"); IRestRequest restRequest = new RestRequest("/orders/v0/orders", Method.GET); restRequest.AddQueryParameter("CreatedAfter", "2020-12-01T00:00:00Z"); restRequest.AddQueryParameter("marketplaceIds", "ATVPDKIKX0DER"); var lwaAuthCreds = new LWAAuthorizationCredentials { // 相關值App客戶端增加後就會有 ClientId = "amzn1.application-XXX-client.XXXXXXXXXXXXXXXXXXXXXXX", ClientSecret = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", RefreshToken = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX", Endpoint = new Uri("https://api.amazon.com/auth/o2/token") }; restRequest = new LWAAuthorizationSigner(lwaAuthCreds).Sign(restRequest); var awsAuthCreds = new AWSAuthenticationCredentials { AccessKeyId = assumeRoleResponse.Credentials.AccessKeyId, SecretKey = assumeRoleResponse.Credentials.SecretAccessKey, Region = "us-east-1" }; restRequest.AddHeader("X-Amz-Security-Token", assumeRoleResponse.Credentials.SessionToken); restRequest = new AWSSigV4Signer(awsAuthCreds) .Sign(restRequest, restClient.BaseUrl.Host); var resp = restClient.Execute(restRequest);