1.sp-api介绍:https://developer.amazonservices.com/
2.github文档:https://github.com/amzn/selling-partner-api-docs
3.github代码:https://github.com/amzn/selling-partner-api-models
2. 根据 github文档 注册 AWS,文档写的挺不错,可以多去尝试
3. 申请通过后添加新的App客户端,类型选SP API,IAM ARN 可以填写AWS IAM User ARN (arn:aws:iam::0000000000000:user/XXXXX) 或 AWS IAM Role ARN (arn:aws:iam::0000000000000:role/XXXXX)
1. 通过 AWS IAM User 调用
只创建AWS IAM User ARN,不创建角色,直接把策略加到User下,这样做不符合规范,但可以少调一次接口
访问级别和访问资源都可以
代码的相关类库都在https://github.com/amzn/selling-partner-api-models
LWAAuthorizationCredentials lwaAuthorizationCredentials = new LWAAuthorizationCredentials
{
// 相关值App客户端增加后就会有
ClientId = "amzn1.application-XXX-client.XXXXXXXXXXXXXXXXXXXXXXX",
ClientSecret = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
RefreshToken = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
Endpoint = new Uri("https://api.amazon.com/auth/o2/token")
};
RestClient client = new RestClient("https://sellingpartnerapi-na.amazon.com");
// 获取订单列表
RestRequest request = new RestRequest("/orders/v0/orders", Method.GET);
request.AddQueryParameter("MarketplaceIds", "A2EUQ1WTGCTBG2");
request.AddQueryParameter("CreatedAfter", "2020-12-01T00:00:00Z");
LWAAuthorizationSigner auth = new LWAAuthorizationSigner(lwaAuthorizationCredentials);
auth.Sign(request);
AWSAuthenticationCredentials aws = new AWSAuthenticationCredentials();
// 相关值为AWS IAM增加User后下载的cvs
aws.AccessKeyId = "XXXXXXXXXXXXXXXXXXX";
aws.SecretKey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
aws.Region = "us-east-1";
AWSSigV4Signer signer = new AWSSigV4Signer(aws);
signer.Sign(request, client.BaseUrl.Host);
var resp = client.Execute(request);
2. 通过 AWS IAM Role 调用
通过 Github 上创建 AWS IAM User和 AWS IAM Role,这样做符合规范,但要多调一次接口(STS)
角色和人员是通过角色的信任关系关联,创建角色是配置了Root。
通过 nuget 安装 AWSSDK.SecurityToken
代码的相关类库都在https://github.com/amzn/selling-partner-api-models
// 相关值为AWS IAM增加User后下载的cvs
var accessKey = "XXXXXXXXXXXXXXXXXXX";
var secretKey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
var credentials = new BasicAWSCredentials(accessKey, secretKey);
var client = new AmazonSecurityTokenServiceClient(credentials);
var assumeRoleRequest = new AssumeRoleRequest()
{
// AWS IAM Role ARN
DurationSeconds = 3600,
RoleArn = "arn:aws:iam::0000000000000:role/XXXXXXXX",
RoleSessionName = DateTime.Now.Ticks.ToString()
};
AssumeRoleResponse assumeRoleResponse = await client.AssumeRoleAsync(assumeRoleRequest);
RestClient restClient = new RestClient("https://sellingpartnerapi-na.amazon.com");
IRestRequest restRequest = new RestRequest("/orders/v0/orders", Method.GET);
restRequest.AddQueryParameter("CreatedAfter", "2020-12-01T00:00:00Z");
restRequest.AddQueryParameter("marketplaceIds", "ATVPDKIKX0DER");
var lwaAuthCreds = new LWAAuthorizationCredentials
{
// 相关值App客户端增加后就会有
ClientId = "amzn1.application-XXX-client.XXXXXXXXXXXXXXXXXXXXXXX",
ClientSecret = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
RefreshToken = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
Endpoint = new Uri("https://api.amazon.com/auth/o2/token")
};
restRequest = new LWAAuthorizationSigner(lwaAuthCreds).Sign(restRequest);
var awsAuthCreds = new AWSAuthenticationCredentials
{
AccessKeyId = assumeRoleResponse.Credentials.AccessKeyId,
SecretKey = assumeRoleResponse.Credentials.SecretAccessKey,
Region = "us-east-1"
};
restRequest.AddHeader("X-Amz-Security-Token", assumeRoleResponse.Credentials.SessionToken);
restRequest = new AWSSigV4Signer(awsAuthCreds)
.Sign(restRequest, restClient.BaseUrl.Host);
var resp = restClient.Execute(restRequest);
