Solved

Beating my head with query to Amazon AWS with coldfusion

Posted on 2014-12-01
13
128 Views
Last Modified: 2014-12-29
I have been beating my head senseless for sometime now with trying to query amazon's aws.  When I run my code I get an error stating that the signature is invalid so now I turn to you Experts for your valued help.

Here is my code.

 <cffunction name="awsurl" returntype="string" access="public" output="No">
 <cfargument name="Query" type="string" required="true" />
 <cfargument name="AWSAccessKeyId" type="string" required="true"  default="AKIAJxxxxxxxx"/>
 <cfargument name="SecretKey" type="string" required="true" default="xxxxxxxxxxxxx>
 <cfargument name="Host" type="string" default="ec2.amazonaws.com" />
 <cfargument name="Methord" type="string" default="GET" />
 <cfargument name="URI" type="string" default="/" />
 <cfargument name="SignatureVersion" type="string" default="2" />
 <cfargument name="Version" type="date" default="2012-04-01" />
 <cfargument name="http" type="string" default="https" hint="https|http" />
 
 <!--- add common values --->
 <cfset local.Time = dateConvert("local2Utc",now())>
 <cfset local.Time = "#DateFormat(local.Time,'yyyy-mm-dd')#T#TimeFormat(local.Time,'HH:mm:ss')#">
 <cfset arguments.Query = "#arguments.Query#&Timestamp=#local.Time#&SignatureVersion=#arguments.SignatureVersion#&Version=#arguments.Version#&SignatureMethod=HmacSHA256">
 
 <!--- sort QueryString --->
 <cfset arguments.Query = ListToArray(arguments.Query,'&')>
 <cfset ArraySort(arguments.Query,'text')>
 <!--- prepend AccessKeyID --->
 <cfset ArrayPrepend(arguments.Query, "AWSAccessKeyId=#arguments.AWSAccessKeyId#")>
<!--- url encode each values --->
 <cfset local.SortedString = ArrayNew(1)>
 <cfloop from="1" to="#ArrayLen(arguments.Query)#" index="local.i">
 <cfset local.value = arguments.Query[local.i]>
 <cfif listlen(local.value,'=') gt 1>
 <cfset ArrayAppend(local.SortedString,"#listfirst(local.value,'=')#=#reservedEncod(listlast(local.value,'='))#")>
 <cfelse>
 <cfset ArrayAppend(local.SortedString,"#local.value#")>
 </cfif>
 </cfloop>
<!--- create signature string --->
 <cfset local.toEncode = "#arguments.Methord##chr(10)##arguments.Host##chr(10)##arguments.URI##chr(10)##ArrayToList(local.SortedString,'&')#">
 <cfoutput><pre>#local.toEncode#</pre></cfoutput>
 <!--- encode Signature String --->
 <cfset local.Signature = URLEncodedFormat(ToBase64(HMAC_SHA256(local.toEncode,arguments.SecretKey)))>
 
 <cfset arguments.Query = ArrayToList(arguments.Query,'&')>
 <cfset arguments.Query = "#arguments.http#://#arguments.Host##arguments.URI#?#arguments.Query#&Signature=#local.Signature#">
 <cfreturn arguments.Query>
</cffunction>
<!--- ********************************************************************* --->
<cffunction name="reservedEncod" returntype="string" access="public" output="no">
 <cfargument name="string" type="string" required="true" />
 
 <cfset local.reserved = "!|##|$|&|'|(|)|*|+|,|/|:|;|=|?|@|[|]| ">
 <cfloop list="#local.reserved#" index="local.i" delimiters="|">
 <cfif find(local.i,arguments.string)>
 <cfset arguments.string = replace(arguments.string,local.i, "%#ucase(FormatBaseN(Asc(local.i),'16'))#", 'all')>
 </cfif>
 </cfloop>
 <cfreturn arguments.string>
</cffunction>
<!--- ********************************************************************* --->
<cffunction name="HMAC_SHA256" returntype="binary" access="public" output="no">
 <cfargument name="signMessage" type="string" required="true" />
 <cfargument name="signKey" type="string" required="true" />
 <cfset local.jMsg = JavaCast("string",arguments.signMessage).getBytes("iso-8859-1") />
 <cfset local.jKey = JavaCast("string",arguments.signKey).getBytes("iso-8859-1") />
 <cfset local.key = createObject("java","javax.crypto.spec.SecretKeySpec") />
 <cfset local.mac = createObject("java","javax.crypto.Mac") />
 <cfset local.key = local.key.init(local.jKey,"HmacSHA256") />
 <cfset local.mac = local.mac.getInstance(local.key.getAlgorithm()) />
 <cfset local.mac.init(local.key) />
 <cfset local.mac.update(local.jMsg) />
 <cfreturn local.mac.doFinal() />
</cffunction>
0
Comment
Question by:jriver12
  • 6
  • 5
13 Comments
 

Author Comment

by:jriver12
ID: 40474233
Also have tried with JavaScript:
<!DOCTYPE html>
<html>
    <head>
        <meta charset="utf-8" />
        <meta name="format-detection" content="telephone=no" />
        <meta name="viewport" content="initial-scale=1, maximum-scale=1, user-scalable=no">
        <title>Amazon</title>
</head>

<body>



   
<div class="container">







</div>




<script src="jquery.js"></script>
<script src="jquery.xdomainajax.js"></script>

<script>

$(document).ready(function(){

 
$.ajax({
    url: 'http://ecs.amazonaws.com/onca/xml?'+
      'AWSAccessKeyId=xxxxxxxxxxxx'+
      '&AssociateTag=xxxxxxxx'+
      '&Keywords=B004C5P522'+
      '&Operation=ItemSearch'+
      '&SearchIndex=Billards-Sports-Miscellaneous-Billard-Sumsang'+
      '&Service=AWSECommerceService'+
      '&Timestamp=2014-07-17T17%3A47%3A17.000Z'+
      '&Signature=xxxxxxxxxxx,
    type: 'get',
    dataType: "xml",
    success: function(res) {
        console.log(res.responseText);

        var xml = $.parseXML(res.responseText);
        var $tmp = $( xml );
        var tmp2 = $tmp.find( "head" );
        $('.container').append(tmp2.text()+'<br>');


    },
      error: function(){
            alert('failed')
      }
});


});
</script>

</body>
</html>
0
 

Author Comment

by:jriver12
ID: 40474314
my third attempt see attached. (error with complex variables)
amazonint3.txt
0
 
LVL 25

Accepted Solution

by:
dgrafx earned 500 total points
ID: 40476395
one thing to check is if it is expiring too soon.
add some minutes to the time stamp.

also look at this: http://www.petefreitag.com/item/833.cfm
0
 

Author Comment

by:jriver12
ID: 40476532
got it working using this method(attached) however it is only returning the first few of 100/1000 results.  I need to view and return all and am hitting a wall. any suggestions would be great.
EEF2.txt
0
 
LVL 25

Expert Comment

by:dgrafx
ID: 40476552
0
 

Author Comment

by:jriver12
ID: 40476559
Thanks for the pointer but Im not using php, I'm Using ColdFusion.

Not to mention I am clueless on php.
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 
LVL 25

Expert Comment

by:dgrafx
ID: 40476773
yes - i know you are on CF.
you are typically hard pressed to find CF code examples - especially from large companies - so we usually read through PHP or whatever and glean what we can understand.
note that you don't need to understand everything - just looking for clues ...
0
 
LVL 58

Expert Comment

by:Gary
ID: 40521174
I've requested that this question be deleted for the following reason:

The question has either no comments or not enough useful information to be called an "answer".
0
 
LVL 25

Expert Comment

by:dgrafx
ID: 40521175
I would say that I answered his question - see this post: http:#a40476395 but poster then asked for help with the number of records it returned - which was not in the original question.
I did try to provide more help but admittedly did not provide a lot of useful additional info.

Thanks ...
0
 

Author Comment

by:jriver12
ID: 40521666
Points have been awarded for answer.  Dgrafx is correct in declaring that an answer was provided which helped in resolving initial issue.
0
 
LVL 25

Expert Comment

by:dgrafx
ID: 40521997
Thanks !
0
 

Author Comment

by:jriver12
ID: 40522009
Thank you for your assistance, excuse my delay.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today, I was working on some optimization and spam-stopping techniques when I encountered Ben Nadel's post to reduce spam feature using Math (http://www.bennadel.com/blog/197-How-I-Stop-Spammers-On-My-ColdFusion-Blog.htm). While this method is not o…
CFGRID Custom Functionality Series -  Part 1 Hi Guys, I was once asked how it is possible to to add a hyperlink in the cfgrid and open the window to show the data. Now this is quite simple, I have to use the EXT JS library for this and I achiev…
The purpose of this video is to demonstrate how to set up the WordPress backend so that each page automatically generates a Mailchimp signup form in the sidebar. This will be demonstrated using a Windows 8 PC. Tools Used are Photoshop, Awesome…
Delivering innovative fully-managed cloud services for mission-critical applications requires expertise in multiple areas plus vision and commitment. Meet a few of the people behind the quality services of Concerto.

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now